Privacy and Cookie Policy

General Information

  1. The website is administered by STABILIS.IO sp. z o.o., located in Warsaw at Puławska Street 12/3, 02-566 Warsaw, registered in the KRS at the District Court for the Capital City of Warsaw in Warsaw, XIII Commercial Division of the National Court Register under KRS number: 839975, with tax no. (NIP): 521-389-18-99 (hereinafter referred to as the "Administrator" or "STABILIS").
  2. The Administrator processes personal data in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter referred to as "GDPR".
  3. For matters related to personal data protection, you can contact the Administrator in writing at the address indicated in point 1 or by email at:
  4. The Administrator limits the collection and use of personal data to the minimum necessary to provide services at the desired level.
  5. The Administrator processes your personal data for the following purposes and based on the following legal grounds specified in GDPR:
    1. If you are a person authorized to represent, a contact person, or another person from the entity that has concluded a contract with the Administrator or another person participating in the execution of the contract with the Administrator, your personal data will be processed for purposes arising from legally justified interests pursued by the Administrator, in particular to ensure contact with the contracting party, verify if the person contacting the Administrator is authorized to undertake activities on behalf of that entity, proper execution of the contract concluded with the Administrator, and establishment, pursuit, or defense of possible claims (Art. 6 (1)(f) GDPR), as well as for the purpose of concluding and executing the contract (order), including providing services by the Administrator on your behalf (Art. 6 (1)(b) GDPR) and for purposes necessary to fulfill legal obligations incumbent on the Administrator, in particular arising from tax law and accounting regulations (Art. 6 (1)(c) GDPR).
    2. If you are a recipient of commercial information and marketing communication sent by STABILIS or visit the STABILIS website, your personal data will be processed for purposes of direct marketing of the Administrator's products and services and for the purpose of establishing, pursuing, and defending against claims, which constitutes a legally justified interest of the Administrator (Art. 6 (1)(f) GDPR); sending commercial information electronically, in particular information about the Administrator's activity and scope of services as well as products and services offered by him (only if you have consented to the sending of commercial information according to applicable regulations); collecting data for the purpose of analyzing and improving the website's performance through "cookies" (more detailed information concerning "cookies" is found in the Cookie Policy below);
    3. If you are a person using the Administrator's profile on the LinkedIn social media channel, your personal data will be processed by STABILIS for purposes of establishing cooperation, promotion, and presentation of the Administrator on social media platforms, presenting job offers, communication through available social platform functionalities (comments, chat, messages, likes, etc.). The basis for data processing in this case is Art. 6 (1)(a) GDPR, i.e., consent expressed in the form of implied consent by joining the Administrator's profile on the social media platform; the purpose of processing in this case is also the establishment, pursuit, and defense against claims, which constitutes a legally justified interest of the Administrator (Art. 6 (1)(f) GDPR).
    4. If you participate in a recruitment process for a position offered by the Administrator, your personal data will be processed for purposes of carrying out the recruitment process in connection with which you submit documents (Art. 6 (1)(b) GDPR, i.e., taking actions at the request of the data subject before entering into a contract, and Art. 6 (1)(a) GDPR, i.e., consent, e.g., for the use of the image) future recruitments (Art. 6 (1)(a) GDPR, i.e., consent) as well as the establishment, pursuit, and defense against claims, which constitutes a legally justified interest of the Administrator (Art. 6 (1)(f) GDPR).
    5. If you are a natural person conducting sole proprietorship who has concluded a contract with STABILIS, your personal data will be processed for purposes necessary for the performance of the contract (Art. 6 (1)(b) GDPR), as well as for purposes necessary to fulfill legal obligations incumbent on the Administrator, e.g., arising from tax law and accounting regulations (Art. 6 (1)(c) GDPR), and for purposes arising from legally justified interests pursued by the Administrator, e.g., ensuring contact with you before concluding the contract and during its duration, control and improvement of the quality of services provided, including handling complaints, and establishment, pursuit, or defense of possible claims (Art. 6 (1)(f) GDPR).
  6. The Administrator may collect the following personal data depending on the processing purpose specified above: name and surname, company name, company address, NIP or PESEL (Polish tax identification numbers), representation, email address, phone number, image (if it is visible in the photos available on the LinkedIn profile as "public"), and additional information provided by you on the social media platform LinkedIn or transmitted to the Administrator in messages.
  7. The duration for which the Administrator may process personal data depends on the legal basis constituting a lawful premise for processing personal data. Accordingly, we inform that:
    • In the case where personal data is processed for the purpose of executing a contract, the processing period lasts for the duration of the contract or for the period specified in the contract, as well as until the expiry of the limitation period for claims;
    • In the case where personal data is processed on the basis of consent, the processing period lasts no longer than is necessary for the purposes in which the data is processed or until the consent is withdrawn, as well as for a period necessary for the establishment, pursuit, or defense of claims that may arise in connection with the subject of the expressed consent;
    • In the case where personal data is processed on the basis of the Administrator's legitimate interest, the processing period lasts no longer than until such interest ceases to exist or until an objection against personal data processing is lodged, provided there are significant legally justified grounds for processing by the Administrator or a third party, overriding your interests, rights, and freedoms, or grounds for the establishment, pursuit, or defense of claims;
    • In the case where personal data is processed because it is necessary due to applicable laws, the processing periods for this purpose arise from universally applicable legal provisions, especially tax law and accounting regulations.
  8. Your personal data may be transferred only when necessary and to the extent required to: state authorities or other entities authorized under the law (e.g., auditors, tax authorities); persons authorized by the Administrator; entities to which the Administrator outsources services related to personal data processing (e.g., subcontractors) – provided such entities process personal data based on a contract concluded with the Administrator and exclusively in accordance with the Administrator's instructions; entities cooperating with the Administrator, e.g., IT service providers, legal or advisory firms, as well as social media platform operators in accordance with the conditions and terms set by them.
  9. Your personal data will be stored on servers located in the European Union and may be transferred based on standard data protection clauses – to a third country in connection with the Administrator's use of cloud solutions provided by Google, Atlassian, and similar technology partners. The standard contractual clauses used by these companies, compliant with the templates approved by the European Commission, are available on the websites of these companies.
  10. You have the right to access your personal data at any time, including the right to receive a copy of the personal data, as well as the right to request their rectification, deletion, or restriction of their processing. You also have the right to object to the processing of your personal data, in which case the Administrator, if processing data based on its legitimate interest, will assess whether its interest in further processing the user's data is overriding and will inform you about its assessment in this regard.
  11. To exercise the aforementioned rights, please contact the Administrator in the manner specified in point 3.
  12. If you believe that the Administrator's processing of personal data violates the provisions of GDPR, you have the right to lodge a complaint with the President of the Office for Personal Data Protection at any time.
  13. In some cases, legal regulations may impose an obligation on the Administrator to obtain your personal data, e.g., for tax or accounting purposes. In other cases, providing your personal data is voluntary, but failure to do so may prevent the realization of the above-mentioned purposes specified in point 5.
  14. The Administrator will not use your personal data for automated decision-making affecting your legal situation. However, the provided personal data may be processed for the purpose of adjusting the content of marketing messages, offers, or information to your interests and business or professional activity. If you use our profile on the LinkedIn social media channel, your personal data may be profiled according to the regulations of the social media platform operator.
  15. If you are a person authorized to represent, a contact person, or another person from the entity that has concluded a contract with the Administrator or another person participating in the execution of the contract with the Administrator, your personal data has been obtained by the Administrator as a result of sharing your personal data by: indicating you as the person authorized to represent the entity that concluded the contract with the Administrator or the contact person in the contract concluded with the Administrator or transmitting your personal data in another way during the duration of the contract concluded with the Administrator for purposes necessary for the proper execution of this contract or from publicly available sources (e.g., the National Court Register or the Central Registration and Information on Business).

Definitions, Procedures, Duties, and Rights Related to DSA

  1. Definitions used in this part of the Privacy Policy mean:

    Service – a set of cooperating computer devices and software ensuring the processing and storage, as well as sending and receiving data through telecommunications networks using a device suitable for a given type of network (Internet), including the Website managed by STABILIS and applications including mobile applications and other services offered by STABILIS, Social Media, and channels managed by STABILIS operating within these Media.

    Administrator - according to the definition contained in point 1 of the Privacy Policy above, providing information society services, including intermediary services as mentioned in this part within the Service.

    Information Society Service – according to the definition in Art. 1 (1)(b) of Directive (EU) 2015/1535, means any service normally provided for remuneration, at a distance, by electronic means, and at the individual request of a recipient of services.

    Intermediary Service - means one of the following information society services provided by the Administrator:
    • the "mere conduit" service consisting of the transmission in a telecommunications network of information provided by the service recipient or providing access to a telecommunications network;
    • the "caching" service consisting of the transmission in a telecommunications network of information provided by the service recipient, involving automatic, intermediate, and temporary storage of that information, performed solely for the purpose of making more efficient subsequent transmission of information to other recipients upon request;
    • he "hosting" service consisting of storing information provided by the service recipient at their request.

    Service Recipient – a person using intermediary or other information society services provided by the Administrator, including, for example, the Service or Social Media of the Administrator, especially for the purpose of searching for information or sharing it.

    Content - all information transmitted by the Service Recipient in any form within the Service, Social Media, or other platforms and places belonging to or moderated by the Administrator, especially within the Service or functionalities of these places made available to the Service Recipient.

    Illegal Content - means information which in itself or by reference to action is not in compliance with the law of the Union or the law of any Member State which is in accordance with the law of the Union, regardless of the specific subject or nature of that law.

    Content Moderation - means actions, regardless of whether they are automated, undertaken by the Administrator or cooperating providers of intermediary services, aimed in particular at detecting, identifying, and combating illegal content or information inconsistent with the terms of use of their services provided by Service Recipients, including implemented measures that affect the availability, visibility, and reachability of such illegal content or information, such as demoting such content or information, demonetization, preventing access to them, or their removal, or that affect the ability of Service Recipients to transmit such information, such as closing or suspending the Service Recipient's account.

    Internet Platform - means a hosting service that stores and publicly disseminates information at the request of the Service Recipient, unless such action is a minor or merely ancillary feature of another service or a minor function of the main service and, for objective and technical reasons, it is not possible to use it without such another service, and the inclusion of such a feature or function in such another service is not a means of circumventing the application of DSA, e.g., social media platforms.

    Public Dissemination - means making information available at the request of the Service Recipient who provided the information, potentially to an unlimited number of third parties.

    Social Media - social media platforms within which the Administrator creates additional communication channels with the Service Recipient, whether in the form of publishing content publicly available to a wide audience or in other forms of contact with the Service Recipient, including contact related to commercial offers, which especially concerns: social groups, private or public, channels on social media platforms, public accounts as mentioned, among others, in the Privacy Policy, e.g., fan pages, communication channels within those social media platforms, etc.
  2. This paragraph of the Privacy Policy specifies information on any restrictions imposed by the Administrator in connection with the use of its services in relation to information transmitted by Service Recipients according to the Regulation of the European Parliament and of the Council (EU) 2022/2065 of 19 October 2022 on a single market for digital services and amending Directive 2000/31/EC (Digital Services Act, hereinafter: "DSA").
  3. The Administrator is a provider of Intermediary Services within the meaning of Art. 3(a) DSA, offering a hosting service consisting of storing information provided by the Service Recipient at their request.
  4. The Administrator provides Intermediary Services within its profile available in Social Media, i.e., LinkedIn (link:, by:
    1. allowing Service Recipients to leave comments under posted posts,
    2. adding posts,
    3. adding ratings and reviews,
    4. adding messages within the public chat,
    5. other forms of interaction enabling leaving Content available on the aforementioned platforms.
  5. The Administrator designates the following single point of contact enabling Service Recipients direct electronic communication with the Administrator and enabling the Administrator direct electronic communication – with the Member States' authorities, the Commission, and the Digital Services Board via the email address: Communication with the Administrator may take place in Polish and English.
  6. The Service Recipient may not post the following Content within the Administrator's Social Media:
    1. Illegal Content,
    2. Content containing vulgarisms, hate speech against third parties, spam,
    3. Content contrary to good manners, in particular containing offensive content or infringing religious feelings, personal rights of third parties, or showing a lack of respect consistent with generally accepted social norms and principles of social coexistence, Content that is racist, vulgar, promoting violence, containing pornographic content, fascist, discriminatory, with a sexual undertone, inappropriate for underage users, etc.,
    4. Content infringing third-party rights, e.g., copyright or intellectual property rights, or aimed at revealing trade secrets or other confidential information,
    5. Content containing links to other websites (links) entities other than the Service, competitive internet services or online stores for which the Administrator has not previously given consent, in particular, advertising links, marketing links related to fundraising, or other commercial links.
  7. The Service Recipient who deems a certain Content to be Illegal Content or Content violating this privacy policy is entitled to report such Content to the Administrator electronically at the email address indicated in point 20 above, indicating the place where the Administrator can familiarize itself with the aforementioned Content and all necessary details for considering the report, including the contact details of the Service Recipient and involved third parties (if possible).
  8. In the absence of contact details of the reporting Service Recipient, the Administrator will not be able to contact them to notify them about the receipt of the report and the result of its consideration.
  9. The Administrator will immediately notify the Service Recipient about the receipt of the report mentioned in point 23 above.
  10. The Administrator makes decisions within the scope of the report within no more than 14 days from the day of receiving the report in a non-arbitrary, objective manner, and with due diligence. For the purposes of considering and making decisions, the Administrator does not use automated means.
  11. The Administrator informs the Service Recipient about the outcome of the decision regarding the report, its content, and justification without undue delay.
  12. In case of the occurrence of Illegal Content or Content inconsistent with the Regulation, the Administrator may remove it, limit its visibility, prevent access to it, demote, or leave it. Simultaneously, it informs the Service Recipient and involved third parties about its decision, providing them with clear and specific justification for the decision (if it has their contact details).
  13. The Service Recipient may appeal against the Administrator's decision within 14 days from the day of receiving the decision, simultaneously providing justification.
  14. The Administrator considers the appeal of the Service Recipient within 14 days from the day of its receipt, providing him with its decision along with justification.
  15. The Administrator is not liable for Content, especially Illegal Content, published within the Administrator's Social Media if the actions of the user posting such Content are contrary to the Privacy Policy or generally applicable law. The Administrator makes every effort to deal with such Content in a manner consistent with generally applicable law and the Privacy Policy, e.g., does not modify Content in a way that affects the integrity of the transmitted or shared information, does not facilitate posting Illegal Content, promptly takes actions to remove them or prevent access to them in accordance with the Privacy Policy, respecting the fundamental rights of Service Recipients, including the right to freedom of expression and information, and takes all actions in good faith and with due diligence.
  16. Within the Service, there is no algorithmic decision-making, including decisions related to the appeals of the Service Recipient.
  17. In the event that the Administrator receives any information giving grounds to suspect that a crime endangering the life or safety of a person or persons has been committed, is being committed, or may be committed, it immediately informs the law enforcement agencies or judicial authorities of the Member State concerned or concerned Member States and provides all available information on the matter.
  18. The Service Recipient is entitled to terminate the use of the Administrator's services at any time. For this purpose, they may use available forms of terminating the use of services, such as automatic clicking on specific buttons enabling account deletion (if one has been set up) or unsubscribing from a given service, ceasing to follow the Administrator's Social Media, or by removing the Content posted by them. This provision does not affect the obligations and rights of the Administrator arising from other generally applicable legal provisions and further data storage, including personal data, especially for purposes indicated in the Privacy Policy and arising from GDPR or other laws.

Cookie Policy

  1. Cookies are files installed on the terminal devices of individuals using the website (hereinafter referred to as "user") to administer the website, adjust the content of the website to the user's preferences, maintain the user's session, and for statistical purposes and adjusting advertising content to the individual needs of the user. We inform that it is possible to define the conditions for storing or accessing information contained in cookies through browser settings or service configuration. The Administrator does not use tools that would significantly affect the user's privacy and uses the user's web browser settings or additional plugins. If the user's browser does not block cookies used by the website, the Administrator considers that the user consents to their use, i.e., to the storage of cookies on the user's device, storing information in them, and accessing this information.
  2. The website uses the following types of cookies:
    1. essential - contribute to the usability of the website by enabling basic functions such as navigation on the page and access to secure areas of the website. Without them, the website cannot function properly. Their application does not require consent because these types of cookies ensure full and uninterrupted operation of the website. These cookies are exempt from the obligation to obtain consent under Art. 173 (3) of the Telecommunications Law;
    2. preference-related - allow the website to remember information that changes the way the website looks or functions, e.g., the preferred language or region where the user is located;
    3. statistical - help website owners understand how different users behave on the website, collecting and reporting anonymous information;
    4. marketing - used to track users across websites. The aim is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
  3. The website uses cookies for the following purposes:
    1. essential to ensure the proper functioning of the website (maintaining the session),
    2. implementing functionalities facilitating the use of the website,
    3. analyzing traffic and advertising statistics on the website,
    4. collecting and processing personal data for displaying advertisements for own products and advertising clients.
  4. Own cookies, i.e., those related to the domain, are used to operate the cookie information bar.
  5. The website uses third-party cookies from Google. These cookies are related to the use of Google fonts. The information collected through these cookies does not allow user identification and is not treated by the Administrator as personal data. However, Google may access this information according to their privacy policies.
  6. During the visit to our website, a banner will be displayed informing that it uses cookies. If the user selects the "Allow all" option, it will mean that they accept all cookies placed on our website and confirm that they have read the information about cookies and the purposes of their use, as well as cases in which data collected with the help of cookies are transferred to our partners.
  7. If the user does not want our cookies to be stored on their device, they can choose the "Customize" option. By selecting this option, they can reject all but technically essential cookies that we use on our website or only some of them.
  8. The user can change the consents they have expressed at any time by clicking on the "Cookie settings" tab available on our website.
  9. Settings regarding cookies are also available individually for each web browser (including their versions for mobile devices).
  10. Information about settings or complete disabling of cookies in various browsers is available on the websites of browser manufacturers or in the "Help" section in the web browser menu.
  11. Some of the cookies used by us may constitute personal data. The Administrator of your personal data is STABILIS.IO Sp. z o.o. More information about the principles of personal data processing and the rights you have can be found in the Privacy Policy above.
  12. The Administrator uses Google Analytics tools provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This constitutes a legally justified interest of the Administrator consisting in creating statistics and their analysis to optimize the functionality of the website.
  13. At any time, the user can block the Google Analytics tracking code by installing a browser add-on provided by Google:
  14. Google Analytics automatically collects information about the user's use of the website. The information collected in this way is transferred to Google servers, which may be located in various countries around the world, and there may be stored.
  15. Within Google Analytics, no data is collected that would allow user identification. The data collected within Google Analytics does not have the character of personal data for the Administrator. Information that the Administrator collects using Google Analytics includes, in particular:
    1. information about the operating system and web browser from which the user accesses,
    2. subpages that the user views within the website,
    3. time spent on the website and on subpages,
    4. transitions between individual subpages,
    5. the source from which the user accesses the Administrator's website.
  16. Date of the last Privacy Policy update: March 4, 2024.