Information Clause

Information Clause for the Contact Form

This information fulfils the legal obligation referred to in Article 13(1) and (2) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (hereinafter referred to as the GDPR).

  1. The controller of your personal data is SerenicLab Sp. z o.o., with its registered office in Warsaw
    (address: Al. Jana Pawła II 27, 00-867 Warsaw, Poland),
    entered into the National Court Register under number KRS 0001202890,
    NIP: 5273190048, REGON: 543116995,
    email address: biuro@sereniclab.pl.

  2. For all matters concerning personal data protection, you can contact us via email at biuro@sereniclab.pl.
    (If a Data Protection Officer is appointed in the future, their contact details will be published on the website.)

  3. Your personal data will be processed for the purpose of establishing contact and responding to your inquiry, based on Article 6(1)(f) GDPR – the legitimate interest of the controller, which is to enable communication with users of the website and to handle incoming inquiries.

  4. Recipients of your personal data may include:

    • entities authorized to receive data under applicable law,

    • providers of IT, hosting, and website maintenance services,

    • entities cooperating with the Controller as necessary to achieve the purpose of contact.

  5. Data retention period: personal data will be stored for a period of 2 years from the end of communication or until consent is withdrawn / a deletion request is made.

  6. Your rights: you have the right to:

    • access your personal data,

    • rectify, erase, or restrict the processing of your data,

    • object to the processing of your data,

    • data portability,

    • withdraw consent at any time (if processing is based on consent).

  7. Right to lodge a complaint: you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO) if you believe that the processing of your personal data violates the GDPR.

  8. Voluntary provision of data: providing personal data is voluntary, but failure to provide it will make it impossible to establish contact and respond to your inquiry.

  9. Legitimate interest of the Controller:
    The Controller’s legitimate interest is to enable communication with website users, respond to inquiries, build client relationships, and ensure the proper functioning of the contact form.

  10. Transfer of data outside the European Economic Area (EEA):
    The Controller may use service providers located outside the EEA (e.g. Google LLC, Meta Platforms Inc.), which may involve the transfer of data to third countries. Such transfers are carried out in accordance with applicable legal requirements, based on European Commission adequacy decisions, including the EU–US Data Privacy Framework, or using appropriate safeguards as set out in Article 46 GDPR.