Privacy Policy

§ 1 General provisions

  1. The Administrator of the personal data of the users of the website located under the domain is DIGITAL NOW! HOLDING sp. z o.o. with its registered office in Poznań, 114 Polska Street, 60-401 Poznań, entered into the Polish National Business Register kept by the District Court Poznań – Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register under the number KRS: 0000777847Polish TIN (NIP): 7811993323 with share capital of 2.015.900,00 PLN paid in full (hereinafter: “Administrator”).
  2. Contact with the Administrator is possible:
    (1) through e-email at:
    (2) in writing, to the Administrator’s address: 114 Polska Street, 60-401 Poznań, Poland.
  3. The purpose of this Policy is to define the actions taken with respect to personal data collected through the Administrator’s website and related services and tools used by its users, as well as in the activity of entering into and performing contracts in contact outside the website.
  4. Should it become necessary, the provisions of this Policy may be amended. The change will be communicated to users by announcing the new content of the Policy, and in the case of the registry of persons who have consented to the processing of data by e-mail or have provided e-mail data in the performance of contracts, they will also be notified of the change by e-mail.

§ 2 Legal basis for the processing, purposes and storage of personal data

  1. Users’ personal data shall be processed in accordance with the European General Data Protection Regulation, Polish Personal Data Protection Act, Polish Personal Data Protection Act of 10.05.2018 and Polish Act on Provision of Electronic Services of 18.07.2002.
  2. In the case of processing of personal data on the basis of an e-mail or a complaint sent by the user, such processing shall be based on Article 6(1)(b) of the General Data Protection Regulation, according to which the processing is necessary in order to take action at the request of the data subject.
  3. If the user gives a separate consent, his personal data can be processed by the administrator also for marketing purposes, including sending commercial information electronically to the e-mail address indicated by the user (Article 6(1)(a) of the General Data Protection Regulation).
  4. In the case of conclusion and performance by the Administrator of a sales contract or a contract for the provision of services, the other party shall be obliged to provide the data necessary for the conclusion of the contract (which is a contractual requirement and, with regard to tax numbers, also a statutory requirement) and for this purpose the Administrator processes personal data (Article 6(1)(b) of the General Data Protection Regulation).
  5. In the case of research and analysis for the purpose of improving the performance of available services (e.g. tracking tools), Article 6(1)(f) of the General Data Protection Regulation is indicated as the basis for processing.
  6. Users’ personal data are stored for no longer than it is necessary to achieve the purpose of processing, i.e. until the withdrawal of consent if processing is based on such consent, until the statute of limitations for claims by the Administrator and the other party concerning the performance of concluded agreements (in the case of sales/service contracts, 2 years, counting from the end of a year), and until the execution of an inquiry directed by e-mail or until a complaint is completed.
  7. To the extent necessary for the proper functioning of the website, its functionality and the proper performance of the payment operation (if such is performed by the website), the website uses the User’s metadata. Metadata means the process of reading and recognizing by the website’s IT system the configuration and components of the computer used by the user in order to adjust the website to its capabilities and to establish a secure connection between the user’s computer and the website. It is important to note that this metadata cannot identify you personally and is not harmful to any data stored on your computer. Nevertheless, the User is entitled to withdraw his or her consent to the processing of metadata at any time by configuring his or her browser accordingly or by downloading the relevant plug-in provided by the browser’s manufacturer. To do so, please consult the software manufacturer and its recommendations.
  8. The Administrator may use profiling for direct marketing purposes, but decisions made on its basis by the Administrator do not concern conclusion or refusal of a contract or possibility of using electronic services. The use of profiling may result, for example, in a person being granted a discount, being sent a discount code, being reminded of unfinished purchases, being offered a product that may match the person’s interests or preferences, or being offered better terms than the standard offer. Despite the profiling, it is up to the individual to decide whether they want to take advantage of the discount or better terms and make a purchase. Profiling consists in automatic analysis or prediction of a given person’s behavior on the Administrator’s website, e.g. by adding a particular product to the shopping cart, browsing a particular product page or analysis of the previous activity history on the website. Such profiling is conditioned by the fact that the Administrator has the personal data of a given person in order to be able to send him/her e.g. a discount code.
  9. To the extent necessary for the proper functioning of the website, its functionality, the website may, when used by the User, collect other information, including but not limited to:
    • IP adress;
    • device, hardware and software information, such as hardware identifiers, mobile device identifiers (e.g., Apple Identifier for Advertising [“IDFA”] or advertising identifier on an Android device [“AAID”]);
    • platform type;
    • settings and components;
    • installed software;
    • presence of necessary plug-ins;
    • approximate geolocation data (compiled from IP address or device settings);
    • browser data, including browser type and preferred language;
  10. With regard to the nature, scope, context and purposes of the processing and the risk of violation of the rights or freedoms of natural persons of varying probability and gravity, the Administrator shall implement appropriate technical and organizational measures to ensure that the processing is carried out in accordance with the Regulation and to be able to demonstrate it. These measures shall be reviewed and updated as necessary. The Administrator shall apply technical measures to prevent the acquisition and modification by unauthorized persons, of personal data transmitted electronically.

§ 3 Data sharing

  1. The Administrator shall ensure that any personal information collected is used to fulfill obligations to users. This information will not be shared with third parties except:
    • if the data subjects have given their express prior consent to do so, or
    • if the obligation to transmit such data arises or will arise under applicable law, such as law enforcement agencies.
  2. Additionally, personal information of service recipients and customers may be shared with the following recipients or categories of recipients:
    • service providers supplying the Administrator with technical, IT and organizational solutions enabling the Administrator to run its business, including the website and the electronic services provided by means of it (in particular computer software providers, marketing agencies, e-mail and hosting providers, business management and technical support software providers to the Administrator and the product delivery operator) – the Administrator shall make the collected personal data of the Client available to the chosen provider acting on its behalf only in the case and to the extent necessary to carry out the given purpose of data processing in accordance with this Privacy Policy.
    • providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (in particular an accounting office, a law firm or a debt collection agency) – the Administrator shares the collected personal data of the Client with a selected provider acting on its behalf only if and to the extent necessary to realize a given purpose of data processing in accordance with this privacy policy.
  3. The Administrator may share anonymized data (i.e. data that does not identify specific Users) with external service providers in order to better identify the attractiveness of advertisements and services to Users, and in this regard, due to the location of the software providers, the data may be transferred – subject to the principles of their protection – to third countries, which, however, provide standard contractual provisions approved by the European Commission for the processing of personal data or which are duly authorized to do so on the basis of bilateral agreements on the entrustment of data processing between the European Union and the third country in question, which is not a member of the European Economic Area. These entities in the case of the Administrator are:
    • Google LLC. (registered office: 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.) for Google Analytics tools used to analyze the statistics of websites, Google Tag manager: used to manage the scripts by easily adding code fragments to the website or application and tracking the actions performed by users on the website, Google Ads used to display sponsored links in the search results of the Google search engine and on the websites cooperating within the Google AdSense program,
    • Facebook Inc. (registered office address: Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA) for the Facebook pixel for tracking conversions from Facebook ads, optimizing them on the basis of collected data and statistics and building a targeted audience list for future advertising.
  4. Third-party analytics technologies integrated into Administrator services (including SDKs [Software Development Kits] and APIs [Application Program Interfaces]) may combine data collected in connection with your use of Administrator websites with information they have collected separately over time and/or across platforms. Many of these companies collect and use information under their own data protection policies, which can be found on their websites. The Administrator encourages you to review these policies.
  5. The Administrator’s website may use the functionality of Google Analytics, a website audience analysis service provided by Google, LLC. (“Google”). Google Analytics uses cookies to help website operators analyze how visitors use the website. The information generated by the cookie about your use of the website is generally transmitted to and stored by Google on servers in the United States. According to current IT standards, the IP addresses of visitors to the Administrator’s website are being shortened. Only in exceptional cases the complete IP address is transferred to a Google server in the USA and shortened there. On behalf of the Administrator, Google will use this information for the purpose of evaluating the website for its users, compiling reports on website activity and providing other services relating to website activity and internet usage to website operators. Google will not associate the IP address transmitted as part of Google Analytics with any other data held by Google. For more information on how Google Analytics collects and uses data, please visit Google’s official website at In addition, each User can prevent Google from collecting and processing data about their use of the website by downloading and installing a browser plug-in at the following link:
  6. When the Administrator shares data with third parties, it makes every effort to ensure that this is done only with entities certified under the (former) EU-US and Switzerland-US Privacy Shield programs, which are available at Such entities, when handling information originating from the European Economic Area (EEA), will do so in accordance with the “Accountability for Onward Transfer” principle from Privacy Shield. Where appropriate, the Administrator will rely on EU standard contractual clauses and other safeguards to enable transfers outside the EEA. In accordance with the July 16, 2020 decision of the Court of Justice of the European Union with respect to the EU-US Privacy Shield and the European Data Protection Board Guidelines, the Administrator continues to assess the legal regime of the countries to which data is transferred and, where necessary, update measures to ensure adequate levels of protection.

§ 4 User rights

  1. The user whose personal data is processed has the right to:
    • access, rectification, restriction, erasure or portability – the data subject has the right to demand from the Administrator access to his/her personal data, their rectification, erasure (“right to be forgotten”) or restriction of processing, and has the right to object to the processing, as well as the right to data portability. The detailed conditions for exercising the rights indicated above are indicated in Articles 15-21 of the GDPR Regulation.
    • withdrawal of consent at any time – a person whose data are processed by the Administrator on the basis of an expressed consent (pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR Regulation) has the right to withdraw the consent at any time without affecting the legality of the processing performed on the basis of the consent before its withdrawal.
    • lodge a complaint to the supervisory authority – the person whose data are processed by the Administrator has the right to lodge a complaint to the supervisory authority in the manner and according to the procedure provided for in the provisions of the GDPR Regulation and Polish law, in particular the Act on Personal Data Protection. The supervisory authority in Poland is the President of the Office for Personal Data Protection in Warsaw.
    • objection – The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the Administrator), including profiling under these provisions. The Administrator shall in that case no longer be permitted to process such personal data unless the Administrator demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of claims.
    • objection to direct marketing – where personal data are processed for the purposes of direct marketing (based on a legitimate interest of the Administrator, not on the basis of the data subject’s consent), the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, including profiling, to the extent that the processing is related to such direct marketing.
  2. Exercise of the above rights is based on the request of the user sent to the e-mail address Such a request should contain the name and surname of the user.
  3. The user ensures that the data provided or published by him in the service is correct.

§ 5 Cookies

  1. Cookies are understood to be computer data, in particular text files, stored on the end user’s device (usually on the computer’s hard drive or mobile device) used to store certain settings and data by the user’s browser in order to use websites. These files allow for recognition of the user’s device and appropriate display of the website, ensuring comfort during its use. The storage of cookies enables the website and the offer to be tailored to your preferences. The server recognises and remembers your preferences, such as visits, clicks and previous actions.
  2. Cookies include, in particular, the domain name of the website from which they originate, the time of storage on the terminal device and a unique number used to identify the browser from which you connect to the website.
  3. Cookies are used for:
    • adaptation the content of the websites to user preferences and optimize the use of the websites,
    • creation of anonymous statistics, which by helping to determine how the user uses websites, make it possible to improve their structure and content,
    • providing website users with advertising content tailored to their interests. Cookies are not used to identify users and their identity is not determined on their basis.
  4. The basic division of Cookies is their distinction into:
    • Essential cookies – these are absolutely necessary for the proper functioning of the website or the functionality you wish to use, as without them we would not be able to provide many of the services we offer. Some of them also ensure the security of the services we provide electronically.
    • Functional cookies – are important to the operation of the website due to the fact that:
      – are used to enrich the functionality of websites; without them a website will work correctly, but will not be adapted to the user’s preferences,
      – are used to ensure a high level of functionality of the website; without them the level of functionality of the website may decrease, but their absence should not prevent the complete use of the website
      – serve the majority of website functionality; their blocking will cause that some functions will not work properly.
    • Business cookies – make it possible to implement the business model on the basis of which the website is made available; their blocking will not make the entire functionality unavailable, but may reduce the level of service provision due to the website owner’s inability to realise revenues subsidising its operation. This category includes, for example, advertising cookies.
    • Cookies for website configuration – they allow to set functions and services on websites.
    • Security and reliability cookies – to verify authenticity and optimize website performance.
    • Authentication cookies – to notify you when you are logged in so that the website can show you relevant information and functions.
    • Session state cookies – allow you to record information about how users use a website. They may relate to the most frequently visited pages or possible error messages displayed on some pages. Session state cookies help improve our services and enhance your browsing experience.
    • Cookies which analyze the processes taking place on the website – they enable efficient functioning of the website and the functions available on it.
    • Ad serving cookies – to display advertisements which are of greater interest to users and at the same time of greater value to publishers and advertisers; cookies may also be used to personalise advertising and to display advertisements outside websites.
    • Location-aware cookies – Allows you to tailor the information displayed to your location.
      Cookies for audience analysis, research or auditing – allow the website owner to better understand the preferences of their users and through analysis improve and develop products and services. Usually the website owner or research company collects information anonymously and processes data on trends, without identifying personal data of individual users.
    • Harmless cookies – includes cookies necessary for the proper functioning of the website and needed to enable the functionality of the website, but their operation has nothing to do with tracking the user.
    • Investigative cookies – used to track users, but do not include information allowing (without other data) to identify a specific user.
  5. The use of Cookies to adapt the content of websites to user preferences does not, in principle, mean the collection of any information to identify the user, although this information may sometimes have the nature of personal data, i.e. data allowing the attribution of certain behaviors to a particular user. Personal data collected using “cookies” may only be collected in order to perform specific functions for the user. Such data is encrypted in a manner that prevents access by unauthorized persons.
  6. Cookies used by this website are not harmful to the user or the final device used by the user, so in order for the website to function properly it is recommended not to disable their use in browsers. In many cases, the software used to browse the Internet (web browser) by default allows to store information in the form of Cookies and other similar technologies in the end user’s device. The user can change the way the browser uses cookies at any time. In order to do so, the browser settings must be changed. The method of changing the settings varies depending on the software (web browser) used. Relevant instructions can be found on the subpages, depending on the browser you use.
  7. Cookies are also used to facilitate logging into your account, including via social media, and to enable you to move between subpages on websites without having to log in again on each subpage. At the same time, cookies are used to secure websites, e.g. to prevent access by unauthorized persons.
  8. As part of the cookie technology, the Administrator may use tracking pixels or pure GIF files in order to collect information about the user’s use of its services and his/her reaction to marketing messages sent via e-mail. A pixel is a piece of software code that allows an object, usually a pixel-sized image, to be embedded in a page, which provides the ability to track user behavior on the web pages on which it is deployed. When the appropriate consent is given, the browser automatically establishes a direct connection to the server that stores the pixel, so the processing of data collected by the pixel is done within the framework of the data protection policy of the partner who administers the aforementioned server.
  9. The Administrator may use web log files (which contain technical data such as the user’s IP address) to monitor traffic on its services, troubleshoot technical problems, detect and prevent fraud, and enforce the User Agreement.
  10. The Administrator informs you that the Site does not respond to Do Not Track (DNT) signals, but you may disable certain forms of online tracking, including certain analytics and personalized advertising, by changing the cookie settings in your browser or using our cookie consent tools (if applicable).
  11. Detailed information about changing the settings for cookies and their independent deletion in the most popular web browsers are available in the help section of your browser and on the following pages (just click on the link):in Chrome
    in Firefox
    in Opera  
    in Safari
    in Microsoft Edge
  12. Please refer to the user guide for your mobile device for details on how to manage cookies on your cell phone or other mobile device.