Thls

Privacy Policy of Thls.pl

Last updated: 2025-04-06

1. Data Controller

The controller of your personal data is Thls ~ Piotr Sałaga, with its registered office at Polska Pszów 44-380 ul.Pszowska 557/2.

You can contact us via:

  • Email: contact@thls.pl
  • By mail to the indicated registered office address.

2. What data do we process, for what purpose and on what legal basis?

While you use our website Thls.pl (hereinafter referred to as the "Service"), we may process the following categories of your personal data:

  • Technical data (including IP address):

    • Details: IP address of your device, browser type, operating system, time of visit, visited subpages, server log data.
    • Purpose: Ensuring the proper functioning of the Service, diagnosing technical errors, ensuring the security of the Service, including protection against abuse and attacks (e.g. bots, DDoS).
    • Legal basis: Our legitimate interest (Article 6(1)(f) GDPR), consisting of ensuring the functioning and security of the Service.

  • Analytical data (Google Analytics):

    • Details: Anonymized statistical information regarding the use of the Service, collected using the Google Analytics tool (provided by Google LLC), including, among others, data about the device, browser, approximate location, time of visit and visited subpages. We use the IP address anonymization function.
    • Purpose: Analyzing traffic on the website, creating anonymous statistics, improving the operation and content of the Service.
    • Legal basis: Your voluntary consent (Article 6(1)(a) GDPR), expressed by accepting the appropriate cookies via our consent management mechanism (more in the "Cookies" section).

  • Contact details (form/e-mail):

    • Details: Data provided voluntarily by you when contacting us via the contact form or e-mail, e.g. name, surname, e-mail address, telephone number, message content.
    • Purpose: Answering your inquiry, handling correspondence, dealing with the matter you are contacting us about.
    • Legal basis: Taking action at your request before a possible conclusion of a contract (Article 6(1)(b) GDPR) or our legitimate interest (Article 6(1)(f) GDPR) consisting of handling correspondence and communication with users of the Service.

3. Data storage period

We process your personal data for the period necessary to achieve the purposes for which they were collected:

  • Technical data (IP, logs): for the period necessary to ensure security and analyze incidents, usually no longer than 6 months.
  • Analytical data (Google Analytics / own tools based on consent): until you withdraw your consent or for the period indicated in the cookie settings (default 26 months for Google Analytics).
  • Contact details (form/e-mail): for the time necessary to conduct correspondence and deal with the matter, and then for the period resulting from legal provisions (e.g. limitation of claims), usually no longer than 3 years from the end of contact.

4. Cookies and Similar Technologies

The Service uses cookies (small text files saved on your device) and potentially other similar technologies. We use the following types of cookies:

  • Necessary cookies: They are essential for the proper functioning of the Service and its basic functions (e.g. maintaining a session, remembering language preferences). Their use does not require your consent and is based on our legitimate interest (Article 6(1)(f) GDPR).
  • Analytical cookies: They allow us to collect information about the way the Service is used in order to improve it (e.g. Google Analytics). We use them only with your prior, voluntary consent (Article 6(1)(a) GDPR).

Managing cookies: You can manage your preferences regarding cookies, including expressing or withdrawing consent to the use of analytical cookies at any time using consent management tool available in the page footer. You can also configure your web browser to block or delete cookies.

We do not use cookies for profiling for marketing or remarketing purposes without your express consent.

5. Data Recipients and Data Transfer Outside the EEA

Your personal data may be shared with entities processing data on our behalf (so-called processors), such as:

  • hosting service providers (OVH Sp. z o.o.),
  • IT system providers,
  • providers of analytical tools (e.g. Google LLC), on the basis of concluded data processing entrustment agreements.

Data may also be shared with state authorities on the basis of legal provisions.

Data transfer outside the European Economic Area (EEA): In connection with the use of Google Analytics, your data (if you have consented to analytical cookies) may be transferred to the United States of America (USA), which, according to the European Commission, may not provide an adequate level of data protection. Data transfer takes place on the basis of standard contractual clauses approved by the European Commission, as a mechanism ensuring appropriate safeguards. More information on data processing by Google: https://policies.google.com/privacy.

6. User Rights related to Data Processing

In connection with our processing of your personal data, you have the following rights:

  • The right to access your data and receive a copy thereof (Article 15 GDPR).
  • The right to rectify (correct) your data (Article 16 GDPR).
  • The right to delete data ("the right to be forgotten") - if the circumstances indicated in Article 17 GDPR occur.
  • The right to limit data processing - in the cases indicated in Article 18 GDPR.
  • The right to transfer data - if the processing is based on consent (Article 6(1)(a) GDPR) or a contract (Article 6(1)(b) GDPR) and is automated (Article 20 GDPR).
  • The right to object to data processing - if the processing is based on our legitimate interest (Article 6(1)(f) GDPR), due to your special situation (Article 21 GDPR).
  • The right to withdraw consent at any time - if the processing is based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  • The right to lodge a complaint with a supervisory authority - if you believe that the processing of your personal data violates the provisions of the GDPR. The competent supervisory authority in Poland is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warszawa, www.uodo.gov.pl).

In order to exercise your rights, please contact us at the e-mail address: contact@thls.pl or by mail to the address of our registered office indicated in section 1.

7. Automated decision-making and profiling

Your personal data is not subject to automated decision-making, including profiling, which would cause legal effects to you or similarly significantly affect you.

8. Changes to the Privacy Policy

We reserve the right to make changes to this Privacy Policy. Any changes will be published on the Service with the date of the last update. We recommend that you regularly familiarize yourself with the content of the Policy.

9. Contact

If you have any questions or doubts regarding the processing of your personal data by the Controller, please contact us:

  • E-mail: contact@thls.pl
  • Postal address: Polska Pszów 44-380 ul.Pszowska 557/2