1. Data Controller
The data controller for personal data processed through this website is:
Multicert Sp. z o.o.
ul. Mydlarska 47, 04-690 Warszawa, Poland
NIP: 9522163792
Email: biuro@multicert.pl
2. What Data We Collect
We collect personal data only when you voluntarily provide it through our contact form:
- Name — to address you in our response
- Email address — to reply to your enquiry
- Company name (optional) — to understand your business context
- Country (optional) — to tailor our response
- Message content — the subject of your enquiry
We do not collect data through tracking scripts, analytics platforms, or third-party advertising services. This website does not use Google Analytics, Facebook Pixel, or similar tools.
3. Purpose and Legal Basis
Your personal data is processed for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Responding to your contact form enquiry | Article 6(1)(b) — performance of a contract or pre-contractual measures |
| Technical operation of the website (server logs) | Article 6(1)(f) — legitimate interest (security, uptime) |
4. Data Retention
Contact form submissions are forwarded to our email (biuro@multicert.pl) and are not stored in the website database. We retain correspondence for as long as necessary to handle your enquiry, and no longer than 3 years after last contact.
Server access logs are retained by our hosting provider (dhosting.pl) in accordance with their own retention policy, typically up to 30 days.
5. Data Recipients
Your data may be shared with:
- dhosting.pl — hosting provider (server infrastructure, located in Poland)
- LiteSpeed Technologies — web server and caching (no personal data stored)
We do not sell, rent, or share your personal data with any third parties for marketing purposes.
6. Cookies
This website uses only technically necessary cookies:
| Cookie | Purpose | Duration |
|---|---|---|
wordpress_sec_* |
WordPress authentication (admin only) | Session |
wordpress_logged_in_* |
WordPress login state (admin only) | Session |
_lscache_vary |
LiteSpeed Cache — page caching | Session |
No marketing, analytics, or third-party tracking cookies are used. Because we use only technically necessary cookies, consent is not required under GDPR and the ePrivacy Directive.
7. Your Rights
Under the GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Restriction — limit how we process your data
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interest
To exercise any of these rights, contact us at biuro@multicert.pl. We will respond within 30 days.
8. Supervisory Authority
If you believe your data protection rights have been violated, you may file a complaint with:
Urząd Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa, Poland
uodo.gov.pl
9. Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when the latest revision was made.