Privacy Policy
How PIT-Lab Accounting Office processes the personal data of visitors to this site — in line with the GDPR and Poland's Electronic Communications Law.
Last updated: 5 June 2026
This Privacy Policy explains how we process the personal data of visitors to pitlab.com.pl and users of our contact form. It also describes the cookies and similar technologies the site uses and the rights you have in connection with the processing of your data.
1. Data controller
The controller of your personal data is Klaudia Krawczyk, trading as Biuro Rachunkowe PIT-Lab Klaudia Krawczyk:
- Tax ID (NIP): 9211918604
- Business ID (REGON): 521647089
- email: biuro@pitlab.com.pl
- phone: +48 730 009 297
For any matter relating to the processing of personal data you can contact us at biuro@pitlab.com.pl. We have not appointed a Data Protection Officer (DPO) — this is not required in our case.
2. What data we process, for what purpose, and on what legal basis
| Purpose | Data | Legal basis | Period |
|---|---|---|---|
| Handling enquiries from the contact form | name, email address, message content | Art. 6(1)(b) GDPR (steps prior to a contract) and Art. 6(1)(f) GDPR (legitimate interest — replying to and handling correspondence) | until the correspondence ends, then until any related claims become time-barred |
| Traffic statistics and analysis (Google Analytics 4) | cookie identifiers, on-site events, approximate location (country/city), device and browser information | Art. 6(1)(a) GDPR (your consent) in conjunction with Art. 361 of the Polish Electronic Communications Law (PKE) | until consent is withdrawn; data in Google Analytics — per the retention setting (up to 14 months) |
| Site delivery and security (server logs, hosting) | IP address, browser and device type, date and time of the request | Art. 6(1)(f) GDPR (legitimate interest — delivering and protecting the site) | for as long as necessary for security, per the hosting provider's policy |
Providing data is voluntary. Providing the data in the contact form is, however, necessary for us to answer your enquiry.
3. Cookies and similar technologies
The site uses cookies and the browser's local storage (localStorage). Under Art. 361 of the Polish Electronic Communications Law (PKE), storing information on — or accessing information in — your device requires your consent, except where it is necessary to deliver a service you have requested.
Essential and functional (no consent required)
| Name | Type | Purpose | Duration |
|---|---|---|---|
| pitlab-consent-v1 | localStorage | remembers your cookie-consent choice | up to 12 months / until cleared |
| theme | localStorage | remembers your chosen theme (light / dark) | until cleared |
Analytics (loaded only after consent)
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | distinguishes users for statistics | up to 2 years | |
| _ga_<ID> | maintains session state for statistics | up to 2 years |
Analytics files load only after you give consent in the banner. Until then, the Google Analytics script is not downloaded and no analytics files are stored — we use Google Consent Mode v2 with a default “denied” state.
Managing consent. You can withdraw or change your consent at any time by clearing the site data in your browser settings (which removes the stored choice and shows the banner again) or by changing the cookie settings in your browser. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
4. Recipients of the data
Your data may be processed by trusted service providers acting as processors on our behalf:
- Netlify, Inc. — site hosting and contact-form handling (storing and forwarding submissions).
- Google Ireland Ltd. / Google LLC — the Google Analytics 4 service, run only after you give consent.
- Soro (app.trysoro.com) — provider of the blog module embedded on the blog subpage.
We may also disclose data to entities authorised to obtain it under applicable law.
5. Transfers outside the European Economic Area
Some of our providers (Google, Netlify) are based in the United States and may process data outside the European Economic Area. Transfers take place under the EU–US Data Privacy Framework (under which Google LLC is certified) and the European Commission's Standard Contractual Clauses (SCCs), ensuring an adequate level of protection for your data.
6. Your rights
In connection with the processing of your data, you have the right to:
- access your data and obtain a copy of it (Art. 15 GDPR);
- rectify your data (Art. 16 GDPR);
- erase your data (Art. 17 GDPR);
- restrict processing (Art. 18 GDPR);
- data portability (Art. 20 GDPR);
- object to processing based on legitimate interest (Art. 21 GDPR);
- withdraw consent at any time — without affecting the lawfulness of processing carried out before the withdrawal (Art. 7(3) GDPR).
To exercise these rights, write to us at biuro@pitlab.com.pl.
You also have the right to lodge a complaint with the supervisory authority — the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warsaw, Poland (uodo.gov.pl).
7. Automated decision-making
We do not make decisions about you based solely on automated processing (including profiling) that would produce legal effects or similarly significantly affect you. Google Analytics statistics are aggregate and serve only to improve the site.
8. Changes to this Privacy Policy
We may update this Policy, for example when the law or our data-processing practices change. The current version is always available on this page, and the date of the last update is shown at the top of the document.