Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the GDPR), please be informed that:

Article 1 Processing and protection of personal data

  1. The controller of your personal data is RITS Professional Services sp. z o.o. (“Controller”) with its registered office in Warsaw 00-841, Żelazna 51/53.
  2. The Controller has appointed a Data Protection Officer who can be contacted at the mailing address indicated above or at
  3. Personal data is processed on the basis of Article 6(1)(a), (b) and (f) of the GDPR, i.e:
  1. on the basis of a voluntarily given consent, which you can revoke at any time by contacting the Controller, e.g. if you have given your consent to the processing of data for marketing purposes or for the purpose of participation in recruitment processes;
  2. to take steps at your request to conclude a contract (to present a proposal and conduct negotiations when you contact the Controller, e.g. via a contact form) or to perform the contract;
  3. within the framework of the legitimate interests of the Controller and third parties (consisting, among other things, of maintaining day-to-day contact with those appointed to contact the Controller), except where these interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.
  1. The recipients of your personal data may be the Controller’s employees and associates, companies from the RITS Group with equity or personal links with the Controller, companies providing services to the Controller which require access to personal data (including IT support or accounting activities) and the Controller’s clients and business partners.
  2. Personal data shall be processed until you revoke your consent, if this is the basis for processing your personal data. In other cases, personal data shall be processed (including archived) by the Controller for the period resulting from the provisions of the law or within the framework of the Controller’s legitimate interests for the period necessary to establish, assert or defend against claims until they become time-barred.
  3. The Controller does not intend to transfer personal data to a third country or an international organisation. However, should this situation arise in exceptional cases, this shall always be done in accordance with the principles and mechanisms set out in Articles 44 to 49 of the GDPR, in which case you shall have the right to request information about the safeguards in place.
  4. Within the limits and under the principles of Articles 15 to 22 of the GDPR, you have the right to:
  1. request access to your personal data;
  2. request rectification or supplementation of personal data;
  3. request erasure or restriction of the processing of personal data;
  4. request personal data portability;
  5. object to the processing of personal data, including its use for marketing purposes;
  6. withdraw consent at any time, where withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent expressed before its withdrawal;
  7. lodge a complaint with the President of the Personal Data Protection Office.
  1. Your personal data shall not be used for automated decision making, including profiling.

Article 2 Use of cookies

  1. The Controller’s websites (including may use “cookies” to identify a user’s session when using our website. These cookies ensure that websites function properly.
  2. Cookies are text files which are stored on the user’s end device. They usually contain the name of the originating website, the time they are stored on the end device and a unique number.
  3. According to the established practice of most websites, the Controller shall store HTTP requests directed to our server. This means that it knows the public IP addresses from which users view the website’s information content. Browsed content is identified by URL addresses. Within the framework of these cookies the Controller obtains information such as:
    1. request time;
    2. response dispatch time;
    3. the URL of the website previously visited by the user (referrer link), if the Controller’s website was accessed through a link;
    4. information about the user’s browser.
  4. The data obtained by the Controller contained in cookies is not associated with specific persons browsing the websites. To ensure the highest quality of the service, the Controller occasionally analyses log files to determine which pages are visited most often, which web browsers are used, whether the website structure does not contain errors, etc.
  5. The data collected in cookies is stored as support material for the administration of the website. The information contained therein is not disclosed to anyone other than those authorised to carry out administration of the server and the Controller’s network. Statistics can be generated from log files to assist in administration. The aggregated summaries in the form of such statistics do not contain any identifying characteristics of persons visiting the website.
  6. The Controller uses two types of cookies: session cookies and persistent cookies:
    1. session cookies are temporary files stored on the user’s end device until the user logs out, leaves the website or closes the web browser;
    2. permanent cookies are stored in the user’s end device for the time specified in the parameters of the cookies or until they are deleted by the user.
  7. The table below indicates the functioning and purpose of the Controller’s use of individual cookies:

Functioning of cookies


Basic function

Such cookies are necessary for the management of the website. They allow us to recognise the type of user and to provide services accordingly.

Function / Analytics

Such cookies are used to analyse the accessibility and functionality of websites and are needed to maintain, manage and continually improve services.


These types of cookies allow you to manage certain functions of the website according to your settings. This means that if you continue to use the website or return to it in the future, the Controller can provide our services in accordance with your preferences to be delivered by recognising your username (for example, if the website requires you to log in) and not having to enter your username and password on each subpage.

  1. Your web browsing software (internet browser) usually allows the storage of cookies on your end device by default. Website users can change their settings in this respect. The web browser allows to delete cookies. It is also possible to block cookies automatically. Refer to the help section or documentation of your web browser for details.
  2. To block the transmission of cookies, you must change the settings of the browser you are using so that it refuses or deletes certain cookies. The following links contain information on how to adjust settings in commonly used browsers (as a result of blocking cookies, some website functions may not work):
    1. Mozilla Firefox
    2. Internet Explorer
    3. Safari
    4. Google Chrome

Article 3 Final provisions

  1. This Privacy and Cookie Policy of the Controller shall enter into force on 12 July 2022 and shall replace all previous regulations in this respect.
  2. The Controller may change this Privacy and Cookie Policy at any time by posting the new version of the document on the website.
  3. By using the website, you accept the rules set out in this Privacy and Cookie Policy.

This will close in 0 seconds

Scroll to Top