Privacy Policy

The following Privacy Policy defines the rules for the storage and access to data on Users' Devices using the Service for the purposes of providing electronic services by the Administrator, as well as the principles of collecting and processing Users' personal data that has been provided by them personally and voluntarily through tools available in the Service.



The following Privacy Policy is an integral part of the Terms of Service, which defines the rules, rights, and obligations of Users using the Service.


§1 Definitions


  • Service - the internet service "byrå studio" operating at https://byra.studio

  • External Service - internet services of partners, service providers, or service recipients collaborating with the Administrator

  • Administrator of the Service / Data - The Administrator of the Service and the Data Administrator (hereinafter the Administrator) is the company "Socialy sp. z o.o.", based at: ul. Bagatela 10/39, 00-585 Warsaw, with a tax identification number (NIP): 7011152042, KRS: 0001043611, providing electronic services through the Service

  • User - a natural person for whom the Administrator provides electronic services through the Service.

  • Device - an electronic device along with the software through which the User accesses the Service

  • Cookies - text data stored in the form of files placed on the User's Device

  • GDPR - Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

  • Personal data - means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, especially based on an identifier such as a name, identification number, location data, online identifier, or one or more specific factors characteristic of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

  • Processing - means an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, aligning or combining, restricting, erasing, or destroying;

  • Restriction of processing - means marking stored personal data with the aim of limiting their processing in the future

  • Profiling - means any form of automated processing of personal data that involves using personal data to assess certain personal aspects of a natural person, particularly to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

  • Consent - consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes, by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data concerning them

  • Personal data breach - means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed

  • Pseudonymization - means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that it cannot be attributed to an identified or identifiable natural person

  • Anonymization - Anonymization of data is an irreversible process of operations on data, which destroys/overwrites "personal data" preventing identification, or linking a given record with a specific user or natural person.


§2 Data Protection Officer


Based on Art. 37 GDPR, the Administrator has not appointed a Data Protection Officer.


For matters concerning data processing, including personal data, please contact the Administrator directly.


§3 Types of Cookies


  • Internal cookies - files placed and read from the User's Device by the IT system of the Service

  • External cookies - files placed and read from the User's Device by the IT systems of external Services. Scripts of external Services that may place cookies on Users' Devices have been intentionally placed in the Service through scripts and services made available and installed in the Service

  • Session cookies - files placed and read from the User's Device by the Service during a single session of the respective Device. After the session ends, the files are deleted from the User's Device.

  • Persistent cookies - files placed and read from the User's Device by the Service until they are manually deleted. Files are not automatically deleted after the session ends unless the configuration of the User's Device is set to delete cookies after the session ends.


§4 Data Storage Security


  • Mechanisms for storing and reading cookies - The mechanisms for storing, reading and exchanging data between cookies stored on the User's Device and the Service are implemented through built-in mechanisms of web browsers and do not allow for the collection of other data from the User's Device or data from other websites visited by the User, including personal data or confidential information. Transferring viruses, trojan horses, and other worms to the User's Device is practically impossible.

  • Internal cookies - the cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content or information that could threaten the security of personal data or the security of the Device used by the User.

  • External cookies - The Administrator takes all possible actions to verify and select service partners in terms of User security. The Administrator selects well-known, large partners with global trust. However, it does not have full control over the content of cookies from external partners. The Administrator is not responsible for the security of cookies, their content and compliant use by installed scripts from external Services as far as the law allows. The list of partners is included later in this Privacy Policy.

  • Cookie control

    • The User may change the settings regarding the storage, deletion, and access to data saved in cookies by any website at any time.

    • Information on how to disable cookies in the most popular web browsers is available at: how to disable cookies or from one of the indicated providers:

      • Managing cookies in Chrome browser

      • Managing cookies in Opera browser

      • Managing cookies in Firefox browser

      • Managing cookies in Edge browser

      • Managing cookies in Safari browser

      • Managing cookies in Internet Explorer 11

    • The User may delete all cookies saved to this point at any time using the tools of the User's Device through which the User accesses the services of the Service.

  • User-side threats - The Administrator applies all possible technical measures to ensure the security of data placed in cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User's activity. The Administrator is not responsible for the interception of this data, session hijacking by the User, or their deletion as a result of the User's conscious or unconscious activity, viruses, trojan horses, and other spyware that the User's Device may be infected with. Users should follow the principles of safe internet use to protect themselves against these threats.

  • Storage of personal data - The Administrator ensures that it takes all efforts to ensure that the personal data processed voluntarily provided by Users is secure, access to them is limited and implemented in accordance with their purpose and processing goals. The Administrator also ensures that all efforts are taken to secure the collected data against loss by employing appropriate physical and organizational security measures.


§5 Purposes for which cookies are used


  • Facilitating and enhancing access to the Service

  • Personalization of the Service for Users

  • Marketing, Remarketing on external services

  • Keeping statistics (users, number of visits, types of devices, connections, etc.)

  • Serving multimedia services

  • Providing social services


§6 Purposes of processing personal data


Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:

    • Newsletter services (including sending advertising content with consent)

    • Services providing information about the content posted in the Service on social networks or other websites.

  • Communication of the Administrator with Users regarding the Service and data protection

  • Ensuring the legally justified interest of the Administrator

Anonymously and automatically collected User data is processed for one of the following purposes:

  • Keeping statistics

  • Remarketing

  • Ensuring the legally justified interest of the Administrator


§7 Cookies from external services


The Administrator uses javascript scripts and web components of partners in the Service that may place their own cookies on the User's Device. Remember that in your browser settings you can decide which cookies may be used by specific websites. Below is a list of partners or their services implemented in the Service that may place cookies:

  • Multimedia services:

    • YouTube

    • Vimeo

    • Spotify

  • Social / integrated services:
    (Registration, Login, sharing content, communication, etc.)

    • Twitter

    • Facebook

    • LinkedIn

  • Content sharing services:

    • WhatsApp

    • Instagram

  • Newsletter services:

    • MailChimp

  • Conducting statistics:

    • Google Analytics

  • Other services:

    • Google Maps


Services provided by third parties are outside the control of the Administrator. These entities may change their terms of service, privacy policies, data processing purposes, and uses of cookies at any time.


§8 Types of collected data


The Service collects data about Users. Some data is collected automatically and anonymously, while some data consists of personal data provided voluntarily by Users when signing up for various services offered by the Service.


Anonymous data collected automatically:


  • IP Address

  • Browser type

  • Screen resolution

  • Approximate location

  • Opened subpages of the service

  • Time spent on the relevant subpage of the service

  • Operating system type

  • Address of the previous subpage

  • Referring page address

  • Browser language

  • Internet connection speed

  • Internet service provider

  • Demographic data (age, gender)


Data collected during registration:

  • First name / last name / pseudonym

  • Email address

  • Phone number

  • IP Address (automatically collected)


Data collected when subscribing to the Newsletter service

  • First name / last name / pseudonym

  • Email address

  • IP Address (automatically collected)


Some data (without identifying data) may be stored in cookies. Some data (without identifying data) may be transferred to a statistical service provider.


§9 Access to personal data by third parties

As a rule, the only recipient of the personal data provided by Users is the Administrator. The data collected in the scope of provided services is not transferred or sold to third parties.


Access to the data (most often on the basis of a data processing agreement) may be held by entities responsible for maintaining the infrastructure and services necessary to operate the service, i.e.:

  • Hosting companies providing hosting or related services for the Administrator

  • Companies through which the Newsletter service is provided


Data processing assignment - Newsletter

In order to provide the Newsletter service, the Administrator uses the services of a third party - the Loops service. The data entered in the newsletter sign-up form is passed, stored, and processed in the external service of this provider.


We inform you that the indicated partner may modify the indicated privacy policy without the consent of the Administrator.


Data processing assignment - Hosting Services, VPS, or Dedicated Servers


To operate the service, the Administrator uses the services of an external hosting, VPS, or Dedicated Servers provider - Squarespace Ireland Limited. All data collected and processed in the service is stored and processed in the provider's infrastructure located within the borders of the European Union. There is a possibility of access to the data due to maintenance work performed by the service provider's staff. Access to this data is regulated by an agreement concluded between the Administrator and the Service Provider.


§10 Method of processing personal data

Personal data provided voluntarily by Users:

  • Personal data will not be transferred outside the European Union unless published as a result of individual action by the User (e.g., submission of a comment or post), which will make the data available to any person visiting the service.

  • Personal data will not be used for automated decision-making (profiling).

  • Personal data will not be sold to third parties.

Anonymized data (without personal data) collected automatically:

  • Anonymized data (without personal data) will be transferred outside the European Union.

  • Anonymized data (without personal data) will not be used for automated decision-making (profiling).

  • Anonymized data (without personal data) will not be sold to third parties.


§11 Legal bases for processing personal data

The Service collects and processes User data based on:

  • Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

    • Art. 6 par. 1 lit. a
      the data subject has consented to the processing of their personal data for one or more specific purposes

    • Art. 6 par. 1 lit. b
      processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract

    • Art. 6 par. 1 lit. f
      processing is necessary for the purposes of the legitimate interests pursued by the administrator or by a third party

  • Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000)

  • Act of July 16, 2004 Telecommunications Law (Journal of Laws 2004 no. 171 item 1800)

  • Act of February 4, 1994 on copyright and related rights (Journal of Laws 1994 no. 24 item 83)


§12 Period of processing personal data

Personal data provided voluntarily by Users:

As a rule, the indicated personal data is stored only for the period of providing the Service within the Service by the Administrator. They are deleted or anonymized within up to 30 days from the end of the provision of services (e.g., deletion of a registered user account, unsubscribing from the Newsletter list, etc.)


Exceptions include situations that require safeguarding the legally justified purposes of further processing of this data by the Administrator. In such a case, the Administrator will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the case of infringement or suspicion of infringement of the terms of service by the User.


Anonymized data (without personal data) collected automatically:


Anonymous statistical data that does not constitute personal data are stored by the Administrator for the purpose of keeping service statistics for an indefinite period.


§13 Users' rights regarding the processing of personal data

The Service collects and processes User data based on:

  • The right of access to personal data
    Users have the right to obtain access to their personal data, realized upon request made to the Administrator

  • The right to rectification of personal data
    Users have the right to request the Administrator to rectify personal data that are inaccurate and/or to complete incomplete personal data, realized upon request made to the Administrator

  • The right to erasure of personal data
    Users have the right to request the Administrator to erase their personal data without undue delay, realized upon request made to the Administrator. In the case of user accounts, the deletion of data involves anonymizing data that enable the identification of the User. The Administrator reserves the right to suspend the request for deletion of data to protect the legally justified interests of the Administrator (e.g., if the User violates the Terms of Service or the data was obtained as a result of ongoing correspondence).
    In the case of the Newsletter service, the User has the option to independently delete their personal data using the link provided in every email sent.

  • The right to restrict the processing of personal data
    Users have the right to request the restriction of the processing of their personal data in cases specified in art. 18 GDPR, including questioning the accuracy of personal data, realized upon request made to the Administrator

  • The right to data portability
    Users have the right to obtain from the Administrator the personal data concerning them in a structured, commonly used, machine-readable format, realized upon request made to the Administrator

  • The right to object to the processing of personal data
    Users have the right to object to the processing of their personal data in cases specified in art. 21 GDPR, realized upon request made to the Administrator

  • The right to lodge a complaint
    Users have the right to lodge a complaint with a supervisory authority concerned with the protection of personal data.


§14 Contact to the Administrator

You can contact the Administrator in one of the following ways

  • Postal address - Socialy sp. z o.o., ul. Bagatela 10/39, 00-585 Warsaw

  • Email address - hej@byra.studio

  • Phone call - +48 727 727 887

  • Chat on the website - available at: www.byra.studio


§15 Service Requirements

  • Limiting the saving and access to cookies on the User's Device may cause malfunctioning of some features of the Service.

  • The Administrator bears no responsibility for improperly functioning features of the Service if the User restricts in any way the ability to save and read cookies.


§16 External links

In the Service - in articles, posts, entries, or comments from Users there may be links to external websites with which the Service Owner does not cooperate. These links and the pages or files under them may be unsafe for your Device or pose a threat to the security of your data. The Administrator is not responsible for the content located outside the Service.


§17 Changes to the Privacy Policy

  • The Administrator reserves the right to change this Privacy Policy at any time without the obligation to inform Users regarding the use of and processing of anonymous data or the use of cookies.

  • The Administrator reserves the right to change this Privacy Policy regarding the processing of Personal Data, of which it will inform Users with user accounts or subscribed to the newsletter service, via email within 7 days of the change. Further use of the services means that the User has reviewed and accepted the changes in the Privacy Policy. In case the User does not agree with the changes made, they are obliged to delete their account from the Service or unsubscribe from the Newsletter service.

  • Changes to the Privacy Policy will be published on this subpage of the Service.

  • The changes come into effect at the moment of their publication.

Privacy Policy

The following Privacy Policy defines the rules for the storage and access to data on Users' Devices using the Service for the purposes of providing electronic services by the Administrator, as well as the principles of collecting and processing Users' personal data that has been provided by them personally and voluntarily through tools available in the Service.



The following Privacy Policy is an integral part of the Terms of Service, which defines the rules, rights, and obligations of Users using the Service.


§1 Definitions


  • Service - the internet service "byrå studio" operating at https://byra.studio

  • External Service - internet services of partners, service providers, or service recipients collaborating with the Administrator

  • Administrator of the Service / Data - The Administrator of the Service and the Data Administrator (hereinafter the Administrator) is the company "Socialy sp. z o.o.", based at: ul. Bagatela 10/39, 00-585 Warsaw, with a tax identification number (NIP): 7011152042, KRS: 0001043611, providing electronic services through the Service

  • User - a natural person for whom the Administrator provides electronic services through the Service.

  • Device - an electronic device along with the software through which the User accesses the Service

  • Cookies - text data stored in the form of files placed on the User's Device

  • GDPR - Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

  • Personal data - means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, especially based on an identifier such as a name, identification number, location data, online identifier, or one or more specific factors characteristic of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

  • Processing - means an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, aligning or combining, restricting, erasing, or destroying;

  • Restriction of processing - means marking stored personal data with the aim of limiting their processing in the future

  • Profiling - means any form of automated processing of personal data that involves using personal data to assess certain personal aspects of a natural person, particularly to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

  • Consent - consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes, by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data concerning them

  • Personal data breach - means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed

  • Pseudonymization - means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that it cannot be attributed to an identified or identifiable natural person

  • Anonymization - Anonymization of data is an irreversible process of operations on data, which destroys/overwrites "personal data" preventing identification, or linking a given record with a specific user or natural person.


§2 Data Protection Officer


Based on Art. 37 GDPR, the Administrator has not appointed a Data Protection Officer.


For matters concerning data processing, including personal data, please contact the Administrator directly.


§3 Types of Cookies


  • Internal cookies - files placed and read from the User's Device by the IT system of the Service

  • External cookies - files placed and read from the User's Device by the IT systems of external Services. Scripts of external Services that may place cookies on Users' Devices have been intentionally placed in the Service through scripts and services made available and installed in the Service

  • Session cookies - files placed and read from the User's Device by the Service during a single session of the respective Device. After the session ends, the files are deleted from the User's Device.

  • Persistent cookies - files placed and read from the User's Device by the Service until they are manually deleted. Files are not automatically deleted after the session ends unless the configuration of the User's Device is set to delete cookies after the session ends.


§4 Data Storage Security


  • Mechanisms for storing and reading cookies - The mechanisms for storing, reading and exchanging data between cookies stored on the User's Device and the Service are implemented through built-in mechanisms of web browsers and do not allow for the collection of other data from the User's Device or data from other websites visited by the User, including personal data or confidential information. Transferring viruses, trojan horses, and other worms to the User's Device is practically impossible.

  • Internal cookies - the cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content or information that could threaten the security of personal data or the security of the Device used by the User.

  • External cookies - The Administrator takes all possible actions to verify and select service partners in terms of User security. The Administrator selects well-known, large partners with global trust. However, it does not have full control over the content of cookies from external partners. The Administrator is not responsible for the security of cookies, their content and compliant use by installed scripts from external Services as far as the law allows. The list of partners is included later in this Privacy Policy.

  • Cookie control

    • The User may change the settings regarding the storage, deletion, and access to data saved in cookies by any website at any time.

    • Information on how to disable cookies in the most popular web browsers is available at: how to disable cookies or from one of the indicated providers:

      • Managing cookies in Chrome browser

      • Managing cookies in Opera browser

      • Managing cookies in Firefox browser

      • Managing cookies in Edge browser

      • Managing cookies in Safari browser

      • Managing cookies in Internet Explorer 11

    • The User may delete all cookies saved to this point at any time using the tools of the User's Device through which the User accesses the services of the Service.

  • User-side threats - The Administrator applies all possible technical measures to ensure the security of data placed in cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User's activity. The Administrator is not responsible for the interception of this data, session hijacking by the User, or their deletion as a result of the User's conscious or unconscious activity, viruses, trojan horses, and other spyware that the User's Device may be infected with. Users should follow the principles of safe internet use to protect themselves against these threats.

  • Storage of personal data - The Administrator ensures that it takes all efforts to ensure that the personal data processed voluntarily provided by Users is secure, access to them is limited and implemented in accordance with their purpose and processing goals. The Administrator also ensures that all efforts are taken to secure the collected data against loss by employing appropriate physical and organizational security measures.


§5 Purposes for which cookies are used


  • Facilitating and enhancing access to the Service

  • Personalization of the Service for Users

  • Marketing, Remarketing on external services

  • Keeping statistics (users, number of visits, types of devices, connections, etc.)

  • Serving multimedia services

  • Providing social services


§6 Purposes of processing personal data


Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:

    • Newsletter services (including sending advertising content with consent)

    • Services providing information about the content posted in the Service on social networks or other websites.

  • Communication of the Administrator with Users regarding the Service and data protection

  • Ensuring the legally justified interest of the Administrator

Anonymously and automatically collected User data is processed for one of the following purposes:

  • Keeping statistics

  • Remarketing

  • Ensuring the legally justified interest of the Administrator


§7 Cookies from external services


The Administrator uses javascript scripts and web components of partners in the Service that may place their own cookies on the User's Device. Remember that in your browser settings you can decide which cookies may be used by specific websites. Below is a list of partners or their services implemented in the Service that may place cookies:

  • Multimedia services:

    • YouTube

    • Vimeo

    • Spotify

  • Social / integrated services:
    (Registration, Login, sharing content, communication, etc.)

    • Twitter

    • Facebook

    • LinkedIn

  • Content sharing services:

    • WhatsApp

    • Instagram

  • Newsletter services:

    • MailChimp

  • Conducting statistics:

    • Google Analytics

  • Other services:

    • Google Maps


Services provided by third parties are outside the control of the Administrator. These entities may change their terms of service, privacy policies, data processing purposes, and uses of cookies at any time.


§8 Types of collected data


The Service collects data about Users. Some data is collected automatically and anonymously, while some data consists of personal data provided voluntarily by Users when signing up for various services offered by the Service.


Anonymous data collected automatically:


  • IP Address

  • Browser type

  • Screen resolution

  • Approximate location

  • Opened subpages of the service

  • Time spent on the relevant subpage of the service

  • Operating system type

  • Address of the previous subpage

  • Referring page address

  • Browser language

  • Internet connection speed

  • Internet service provider

  • Demographic data (age, gender)


Data collected during registration:

  • First name / last name / pseudonym

  • Email address

  • Phone number

  • IP Address (automatically collected)


Data collected when subscribing to the Newsletter service

  • First name / last name / pseudonym

  • Email address

  • IP Address (automatically collected)


Some data (without identifying data) may be stored in cookies. Some data (without identifying data) may be transferred to a statistical service provider.


§9 Access to personal data by third parties

As a rule, the only recipient of the personal data provided by Users is the Administrator. The data collected in the scope of provided services is not transferred or sold to third parties.


Access to the data (most often on the basis of a data processing agreement) may be held by entities responsible for maintaining the infrastructure and services necessary to operate the service, i.e.:

  • Hosting companies providing hosting or related services for the Administrator

  • Companies through which the Newsletter service is provided


Data processing assignment - Newsletter

In order to provide the Newsletter service, the Administrator uses the services of a third party - the Loops service. The data entered in the newsletter sign-up form is passed, stored, and processed in the external service of this provider.


We inform you that the indicated partner may modify the indicated privacy policy without the consent of the Administrator.


Data processing assignment - Hosting Services, VPS, or Dedicated Servers


To operate the service, the Administrator uses the services of an external hosting, VPS, or Dedicated Servers provider - Squarespace Ireland Limited. All data collected and processed in the service is stored and processed in the provider's infrastructure located within the borders of the European Union. There is a possibility of access to the data due to maintenance work performed by the service provider's staff. Access to this data is regulated by an agreement concluded between the Administrator and the Service Provider.


§10 Method of processing personal data

Personal data provided voluntarily by Users:

  • Personal data will not be transferred outside the European Union unless published as a result of individual action by the User (e.g., submission of a comment or post), which will make the data available to any person visiting the service.

  • Personal data will not be used for automated decision-making (profiling).

  • Personal data will not be sold to third parties.

Anonymized data (without personal data) collected automatically:

  • Anonymized data (without personal data) will be transferred outside the European Union.

  • Anonymized data (without personal data) will not be used for automated decision-making (profiling).

  • Anonymized data (without personal data) will not be sold to third parties.


§11 Legal bases for processing personal data

The Service collects and processes User data based on:

  • Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

    • Art. 6 par. 1 lit. a
      the data subject has consented to the processing of their personal data for one or more specific purposes

    • Art. 6 par. 1 lit. b
      processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract

    • Art. 6 par. 1 lit. f
      processing is necessary for the purposes of the legitimate interests pursued by the administrator or by a third party

  • Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000)

  • Act of July 16, 2004 Telecommunications Law (Journal of Laws 2004 no. 171 item 1800)

  • Act of February 4, 1994 on copyright and related rights (Journal of Laws 1994 no. 24 item 83)


§12 Period of processing personal data

Personal data provided voluntarily by Users:

As a rule, the indicated personal data is stored only for the period of providing the Service within the Service by the Administrator. They are deleted or anonymized within up to 30 days from the end of the provision of services (e.g., deletion of a registered user account, unsubscribing from the Newsletter list, etc.)


Exceptions include situations that require safeguarding the legally justified purposes of further processing of this data by the Administrator. In such a case, the Administrator will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the case of infringement or suspicion of infringement of the terms of service by the User.


Anonymized data (without personal data) collected automatically:


Anonymous statistical data that does not constitute personal data are stored by the Administrator for the purpose of keeping service statistics for an indefinite period.


§13 Users' rights regarding the processing of personal data

The Service collects and processes User data based on:

  • The right of access to personal data
    Users have the right to obtain access to their personal data, realized upon request made to the Administrator

  • The right to rectification of personal data
    Users have the right to request the Administrator to rectify personal data that are inaccurate and/or to complete incomplete personal data, realized upon request made to the Administrator

  • The right to erasure of personal data
    Users have the right to request the Administrator to erase their personal data without undue delay, realized upon request made to the Administrator. In the case of user accounts, the deletion of data involves anonymizing data that enable the identification of the User. The Administrator reserves the right to suspend the request for deletion of data to protect the legally justified interests of the Administrator (e.g., if the User violates the Terms of Service or the data was obtained as a result of ongoing correspondence).
    In the case of the Newsletter service, the User has the option to independently delete their personal data using the link provided in every email sent.

  • The right to restrict the processing of personal data
    Users have the right to request the restriction of the processing of their personal data in cases specified in art. 18 GDPR, including questioning the accuracy of personal data, realized upon request made to the Administrator

  • The right to data portability
    Users have the right to obtain from the Administrator the personal data concerning them in a structured, commonly used, machine-readable format, realized upon request made to the Administrator

  • The right to object to the processing of personal data
    Users have the right to object to the processing of their personal data in cases specified in art. 21 GDPR, realized upon request made to the Administrator

  • The right to lodge a complaint
    Users have the right to lodge a complaint with a supervisory authority concerned with the protection of personal data.


§14 Contact to the Administrator

You can contact the Administrator in one of the following ways

  • Postal address - Socialy sp. z o.o., ul. Bagatela 10/39, 00-585 Warsaw

  • Email address - hej@byra.studio

  • Phone call - +48 727 727 887

  • Chat on the website - available at: www.byra.studio


§15 Service Requirements

  • Limiting the saving and access to cookies on the User's Device may cause malfunctioning of some features of the Service.

  • The Administrator bears no responsibility for improperly functioning features of the Service if the User restricts in any way the ability to save and read cookies.


§16 External links

In the Service - in articles, posts, entries, or comments from Users there may be links to external websites with which the Service Owner does not cooperate. These links and the pages or files under them may be unsafe for your Device or pose a threat to the security of your data. The Administrator is not responsible for the content located outside the Service.


§17 Changes to the Privacy Policy

  • The Administrator reserves the right to change this Privacy Policy at any time without the obligation to inform Users regarding the use of and processing of anonymous data or the use of cookies.

  • The Administrator reserves the right to change this Privacy Policy regarding the processing of Personal Data, of which it will inform Users with user accounts or subscribed to the newsletter service, via email within 7 days of the change. Further use of the services means that the User has reviewed and accepted the changes in the Privacy Policy. In case the User does not agree with the changes made, they are obliged to delete their account from the Service or unsubscribe from the Newsletter service.

  • Changes to the Privacy Policy will be published on this subpage of the Service.

  • The changes come into effect at the moment of their publication.

At Byrå Studio®, we create not only aesthetics but also intelligent solutions that optimize your digital strategies, transforming creative visions into measurable results. Our approach is a symbiosis of beauty and functionality, ensuring that every aspect of your online presence is as carefully considered as it is intriguing.

Let's stay in touch

Contact us

English

Made by Byrå © 2024

At Byrå Studio®, we create not only aesthetics but also intelligent solutions that optimize your digital strategies, transforming creative visions into measurable results. Our approach is a symbiosis of beauty and functionality, ensuring that every aspect of your online presence is as carefully considered as it is intriguing.

Let's stay in touch

Contact us

English

Made by Byrå © 2024

At Byrå Studio®, we create not only aesthetics but also intelligent solutions that optimize your digital strategies, transforming creative visions into measurable results. Our approach is a symbiosis of beauty and functionality, ensuring that every aspect of your online presence is as carefully considered as it is intriguing.

Let's stay in touch

Contact us

English

Made by Byrå © 2024