In order to fulfill the information obligation under Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (“GDPR”), we hereby inform you that:
The controller of your personal data is the „Zacznij od Siebie” Foundation with its registered office in Warsaw, al. Krakowska 2, 02-284 Warsaw, entered in the register of associations, other social and professional organizations, foundations and SPZOZ of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division, under KRS number: 0001168888, NIP: 5253332575, REGON: 541511724 (hereinafter: “Foundation” or “Administrator”).
Post address: Fundacja „Zacznij od Siebie”, ul. Gałczyńskiego 2a, 05-090 Raszyn
You can contact the Data Controller:
1) by post: Fundacja „Zacznij od Siebie” with its registered office in Warsaw, Al. Krakowska 2, 02-284 Warsaw
2) e-mail: kontakt[at]fundacjazacznijodsiebie.pl
The data controller has not appointed a data protection officer. For data protection matters, please contact us at the email address provided in section 2.
We process personal data received directly from you (e.g., in a contact form, email/traditional correspondence, online payments). When you use our website, some data may be collected automatically by cookies and similar technologies (see section 12).
We may process your data for the following purposes and on the following legal grounds:
1) Responding to inquiries and conducting correspondence – Article 6(1)(a) of the GDPR (consent expressed by sending a message) and Article 6(1)(f) of the GDPR (our legitimate interest in being able to communicate).
2) Maintaining a contact database – Article 6(1)(f) of the GDPR.
3) Enabling online payments/donations using a payment service provider system – in relation to your email address and data necessary for billing: Article 6(1)(f) of the GDPR (the legitimate interest of the Controller consisting in enabling payments to be made to the Foundation) and Article 6(1)(b) of the GDPR – performance of a contract/donation.
4) Analytics and own online marketing (using cookies and similar technologies) – in relation to marketing/analytics files: Article 6(1)(a) of the GDPR (consent). Technically necessary cookies – Article 6(1)(f) of the GDPR (legitimate interest in ensuring the proper functioning of the website).
5) Compliance with legal obligations (e.g., accounting, tax) – Article 6(1)(c) of the GDPR.
6) Establishment, exercise, or defense of legal claims – Article 6(1)(f) of the GDPR.
7) Sending newsletters.
The data may be transferred to: Foundation employees, entities providing services on our behalf (including legal, accounting, IT, hosting, postal, courier, and marketing services), as well as payment service providers enabling online payments.
The payment service provider is ING Bank Śląski S.A. with its registered office in Katowice, ul. Sokolska 34, 40-086 Katowice, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court Katowice-Wschód in Katowice, 8th Commercial Division of the National Court Register, under KRS number 0000005459, NIP 634-013-54-75, REGON 271514909. ING Bank Śląski S.A. is a domestic bank subject to supervision by the Polish Financial Supervision Authority.
When using online analytical/marketing tools, data (e.g., IP address, device identifier/cookie) may be transferred to the providers of these tools – see section 12. We conclude appropriate entrustment agreements with data processors..
As a rule, we do not transfer data outside the European Economic Area. However, if we use tools from providers based outside the EEA (e.g., Google, Meta), the transfer may take place on the basis of mechanisms provided for in the GDPR (in particular, standard contractual clauses) and, if required, additional safeguards. Details can be found in the policies of these providers (section 12).
Correspondence/communication: for the time necessary to respond and handle the matter, and then for up to 3 years for evidentiary purposes (legitimate interest) or longer if required by law,
1) contact database: until an objection is raised/data is deleted,
2) payments/donations: for the period required by accounting/tax regulations (as a rule, 5 years from the end of the calendar year),
3) cookie data: in accordance with the lifetime of the file (details in browser settings/tools – see point 12) or until consent is withdrawn.
Providing data is voluntary, but:
1) necessary for correspondence – in terms of contact details,
2) necessary for online payments – in terms of data required by the payment provider.
3) Failure to provide data may prevent us from responding to your inquiry or making a payment.
You have the right to access your data, rectify it, delete it, restrict its processing, transfer it (in cases specified in the GDPR), and object to its processing based on Article 6(1)(f) of the GDPR. If consent is the basis, you may withdraw it at any time (withdrawal does not affect the lawfulness of processing before withdrawal). You can exercise your rights by contacting us in accordance with 2.
You have the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, https://uodo.gov.pl/en/p/contact).
What are cookies? These are small files stored on your device when you use our website. They may contain, among other things, a device ID, IP address, and browser/system information.
Purposes of use: ensuring the proper functioning of the website (essential cookies), traffic analysis (analytics), content personalization, and marketing/remarketing activities (after obtaining consent).
Consent management: on your first visit, we display a cookie banner allowing you to select file categories. You can change/withdraw your consent at any time in your browser settings..
How to block/delete cookies? In your browser settings (Privacy/Security options). Blocking certain cookies may limit the functionality of the website.
Tools used*:
Google Analytics – website statistics analysis (Google Ireland Limited / Google LLC). Information about processing:: https://policies.google.com/privacy
Google Ads – ad display/remarketing. Information: as above.
Meta (Facebook/Instagram) Pixel – advertising effectiveness measurement and remarketing (Meta Platforms Ireland Ltd. / Meta Platforms, Inc.). Information: https://www.facebook.com/about/privacy/ and https://help.instagram.com/155833707900388
* Data from these tools is statistical in nature and is used to build audience groups; we do not combine it with data provided to us in correspondence or during payments.
We do not make decisions that have legal consequences for you solely by automated means. In the field of online marketing, we may use profiling (e.g., creating marketing audience groups) based on cookies - only after obtaining your consent and without significant effects on your rights or freedoms.
We reserve the right to update this Policy, including in the event of changes in regulations or technologies used.
The current version is effective as of: September 30, 2025.