Privacy Policy
Information about personal data processing on endora.pl — forms, cookies and your rights.
Last updated:
Data controller
The controller of your personal data is ENDORA Sp. z o.o., ul. Stalowa 7, 10-420 Olsztyn, Poland. For data protection matters you can contact us via the contact form or e-mail: kontakt@endora.pl.
What data we collect
Depending on how you use the website, we may process:
- Contact form — full name, e-mail address, company name, phone number (optional), message content and confirmation of consent to be contacted.
- E-book download form — e-mail address and confirmation of marketing consent.
- Cookies and analytics — after your consent, technical data (e.g. IP address, cookie identifiers, device and browser information) sent to analytics and marketing tools.
We do not operate user accounts or comment sections on this website.
Purposes and legal bases
| Purpose | Legal basis |
|---|---|
| Handling inquiries sent via the contact form | Art. 6(1)(b) GDPR (steps prior to contract) or (f) (legitimate interest — responding to inquiries) |
| Sending the e-book and marketing communication (newsletter) | Art. 6(1)(a) GDPR (your consent) |
| Traffic analytics (Google Analytics) and marketing (LinkedIn Insight Tag) | Art. 6(1)(a) GDPR (your consent given in the cookie banner) |
| Ensuring security and operation of the website | Art. 6(1)(f) GDPR (legitimate interest of the controller) |
Cookies
The website uses cookies necessary for proper operation. After consent in the cookie banner we may enable:
- Google Analytics — website traffic analysis,
- LinkedIn Insight Tag — marketing effectiveness measurement.
You can accept all cookies or use only essential ones. We store your choice locally in the browser. You can clear cookies at any time in your browser settings.
Data recipients
Data may be shared with processors acting on our behalf, in particular:
- Amazon Web Services (SES) — sending e-mails from forms,
- Google LLC — analytics (after consent),
- LinkedIn Corporation — marketing tag (after consent).
These parties process data under data processing agreements and — where providers are outside the EEA — appropriate safeguards under the GDPR.
Retention periods
- Contact inquiries — for as long as needed to respond and maintain correspondence, no longer than 3 years from the last contact.
- Marketing data (e-book, newsletter) — until consent is withdrawn.
- Analytics data — according to each tool’s retention policy, typically up to 26 months.
Your rights
You have rights under the GDPR, including:
- access to your data and a copy,
- rectification and completion,
- erasure (“right to be forgotten”),
- restriction of processing,
- data portability,
- objection to processing,
- withdrawal of consent at any time (without affecting lawfulness of processing before withdrawal),
- lodging a complaint with your supervisory authority.
Policy changes
We may update this policy when our data processing practices or legal requirements change. The date of the last update is shown at the top of this page.
Questions about your personal data?
Get in touch — we will answer any questions about how we process your data.