Privacy Policy

PRIVACY POLICY OF THE SOURCEMATION.COM WEBSITE

§1. PERSONAL DATA CONTROLLER

  1. The Controller of your personal data is Linux Polska Sp. z o.o. with its registered office in Warsaw (00-807), at Al. Jerozolimskie 100, entered into the Register of Entrepreneurs of the National Court Register under KRS number 0000326158, NIP (Tax ID) 7010181018, REGON 141791601 (hereinafter: the “Controller”).
  2. In matters related to personal data protection, you may contact the Controller via the dedicated e-mail address: biuro@linuxpolska.pl or in writing to the Controller’s registered address.

§2. PURPOSES, LEGAL BASES, AND PERIOD OF DATA PROCESSING

  1. The Controller processes Users’ personal data for specific purposes, on the legal bases indicated below, and for the periods stated:
    1.1. Handling correspondence (communication with the User) – Art. 6(1)(f) GDPR. Processing time: until claims related to the subject of the communication are barred by the statute of limitations.
    Legitimate interest: external communication.
    1.2. Fulfilling tax and accounting obligations – Art. 6(1)(c) GDPR (in conjunction with relevant tax laws).
    Processing time: for the period required by tax laws and other relevant regulations.
    1.3. Creating an archive for the needs of potential necessity to defend, establish, or pursue claims – Art. 6(1)(f) GDPR.
    Processing time: until the expiration (statute of limitations) of claims related to the processed information.
    Legitimate interest: legal protection of the Controller (possibility of defense or pursuit of claims).
    1.4. Social media management (integration of the Website with services such as Facebook, LinkedIn) – Art. 6(1)(f) GDPR.
    Processing time: for as long as the utilized social media communication systems exist.
    Legitimate interest: external communication (maintaining contact with the User community).
    1.5. Analyses and statistics regarding the functioning of the Website (analysis of how the Website is used, adapting the content and interface of the Website to Users’ needs) – Art. 6(1)(f) GDPR.
    Processing time: for the duration of the existence of the legitimate interest pursued by the Controller, but no longer than until the limitation of the Controller’s claims against the data subject.
    Legitimate interest: increasing the efficiency of the Website’s functioning and improving the quality of services provided.
    1.6. Answering questions asked by Users, handling reports (e.g., complaints, bug reports), fixing failures, and conducting correspondence to settle a given matter – Art. 6(1)(a) and (f) GDPR.
    Processing time: until claims related to the subject of the communication are barred by the statute of limitations.
    Legitimate interest: responding to Users’ inquiries and requests and pursuing potential claims.
    1.7. Handling, preparing, and executing orders for provided services, performing an agreement concluded with the User, and providing information about offered services to the extent necessary to perform the agreement – Art. 6(1)(b) GDPR.
    Processing time: until claims related to the subject of the communication or the executed agreement are barred by the statute of limitations.
    1.8. Surveying customer satisfaction levels and determining the quality of service and customer satisfaction with the services provided – Art. 6(1)(f) GDPR.
    Processing time: for the duration of the existence of the legitimate interest pursued by the Controller, but no longer than until the limitation of the Controller’s claims against the data subject.
    Legitimate interest: increasing operational efficiency and improving service quality.
    1.9. Offering the Controller’s own services as part of direct marketing directed to the Controller’s clients – Art. 6(1)(f) GDPR.
    Processing time: until an objection is raised by the data subject.
    Legitimate interest: marketing of own products and services directed to clients.
    1.10. Sending commercial information via electronic communication means, as part of direct marketing of services – Art. 6(1)(a) GDPR.
    Processing time: until the data subject withdraws consent (withdrawal of consent for marketing communication via this channel).
    Legitimate interest: marketing of the offer.
  2. The person whose data is processed for the purposes specified in points 1.9 – 1.10 above has the right to object at any time to the processing of their personal data for these purposes. Raising an objection will result in the suspension of data processing for the listed purposes.
  3. Providing personal data is voluntary; however, it may be necessary to use the Website or services (depending on the purpose for which it is provided). The Controller does not process special categories of personal data (so-called sensitive data referred to in Art. 9(1) GDPR).

§3. RIGHTS OF DATA SUBJECTS

  1. In connection with the processing of personal data, Users are entitled to the following rights: 1.1. the right of access to data (Art. 15 GDPR); 1.2. the right to rectification of data (Art. 16 GDPR); 1.3. the right to erasure of data (“right to be forgotten”) (Art. 17 GDPR); 1.4. the right to restriction of processing (Art. 18 GDPR); 1.5. the right to data portability (Art. 20 GDPR); 1.6. the right to object to data processing based on a legitimate interest (Art. 21 GDPR); 1.7. the right to lodge a complaint with a supervisory authority, i.e., the President of the Personal Data Protection Office (ul. Stanisława Moniuszki 1A, 00-014 Warsaw).
  2. To exercise the above rights, please contact the Controller at the e-mail address: biuro@linuxpolska.pl.

§ 4. DATA RECIPIENTS AND TRANSFERS OUTSIDE THE EEA

  1. Users’ personal data may be transferred to trusted partners of the Controller who participate in the realization of services provided by the Controller—such as entities operating marketing or communication systems, entities administering servers on which data is stored—as well as to other entities if the transfer of such data results from applicable provisions of law. Personal data of natural persons (including natural persons acting on behalf of business clients) is processed in IT systems used by the Controller. The processed personal data primarily includes information provided voluntarily by the User (or their employer) to the Controller, including, among others: name and surname, name (company) of the client, position of the contact person, e-mail address, telephone number, and other business contact details.
  2. Within the scope of the Website and Service, the Controller uses the services of GitHub, Inc., consisting of making the sourcemation.com service available as a website. GitHub, Inc. servers are located in the United States. Users’ personal data such as: the User’s device IP address, information about the web browser and operating system, the time of the request, and the referrer address, as well as server logs containing the IP address, are transferred outside the European Economic Area. The service provider, GitHub, Inc., indicates in its privacy policy that it ensures an appropriate level of data protection. Data transfer takes place on the basis of legal mechanisms consistent with the GDPR, such as Standard Contractual Clauses (SCC) approved by the European Commission or based on an adequacy decision by the European Commission (e.g., under the EU-U.S. Data Privacy Framework). For detailed information on how GitHub, Inc. processes data, the User may consult GitHub’s privacy principles and policies directly at: https://docs.github.com/en/site-policy/privacy-policies.
  3. The Controller does not make decisions regarding the User based solely on automated data processing, including profiling, that would produce legal effects concerning the User or similarly significantly affect them.

§ 5. COOKIES

  1. The Controller does not use cookies on the Website.

§6. THIRD-PARTY WEBSITES

  1. The Website may contain links leading to third-party websites. Please note that the owners or administrators of such external websites may collect, use, or transfer data concerning the User on different terms than the Controller does. After navigating to a website belonging to a third party, the User should review the privacy policy applicable to such a website.

§7. FINAL PROVISIONS

  1. The Controller is not liable for events occurring during the use of the Website that result from the actions of third parties. The Controller is also not liable for faulty operation caused by reasons beyond its control, including the actions of third parties or force majeure.
  2. The Controller applies technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data protected.
  3. The Controller reserves the right to update this Privacy Policy. Users will be informed of any changes by the posting of the updated content of this document on the Website.
  4. This version of the Privacy Policy is effective from 16.10.2025.