PENTECTON

Privacy Policy

Last updated: 12 March 2026

1. Data Controller

The controller of personal data is:

Pentecton sp. z o.o.
ul. Mogilska 43
31-545 Kraków, Poland

KRS: 0001228717
NIP: 6751826577

Contact regarding personal data: [email protected]

The controller processes personal data in accordance with Regulation (EU) 2016/679 (GDPR).

2. Scope of Data Processed

Depending on how you interact with the website, the following personal data may be processed:

  • name and surname
  • company name
  • email address
  • message content sent via contact form or email
  • technical data such as IP address, browser type and basic usage information

Providing data is voluntary but may be necessary to respond to inquiries or provide services.

3. Purpose and Legal Basis of Processing

Personal data may be processed for the following purposes.

Responding to inquiries

When you contact the company via email or a contact form.

Legal basis: Art. 6(1)(f) GDPR - legitimate interest consisting of communication with potential clients and partners.

Preparation and execution of agreements

If cooperation is initiated, personal data may be processed for:

  • preparing offers
  • concluding agreements
  • providing cybersecurity consulting services

Legal basis: Art. 6(1)(b) GDPR - processing necessary for the performance of a contract.

Compliance with legal obligations

Data may be processed when required by law, for example for accounting or tax documentation.

Legal basis: Art. 6(1)(c) GDPR - legal obligation.

Protection of legal claims

Personal data may also be processed in order to establish, pursue or defend legal claims.

Legal basis: Art. 6(1)(f) GDPR - legitimate interest of the controller.

4. Recipients of Data

Personal data may be shared with trusted service providers supporting the controller's operations, including:

  • IT service providers
  • website hosting providers
  • email infrastructure providers
  • accounting service providers
  • legal advisors

Such entities process data only to the extent necessary and based on appropriate agreements.

5. International Data Transfers

Some technology providers used by the controller may process data outside the European Economic Area.

In such cases appropriate safeguards are applied, including standard contractual clauses approved by the European Commission.

6. Data Retention

Personal data is stored only for as long as necessary to fulfill the purposes described above, including:

  • correspondence data - for the duration of communication and the limitation period for potential claims
  • contract-related data - for the duration of the agreement and statutory retention periods

7. Rights of Data Subjects

Individuals whose data is processed have the right to:

  • access their data
  • rectify incorrect data
  • request deletion of data
  • restrict processing
  • object to processing
  • request data portability

Requests related to personal data may be submitted via email to [email protected].

Individuals also have the right to lodge a complaint with the competent data protection authority, in Poland the President of the Personal Data Protection Office (UODO).

8. Cookies and Website Data

The website may use cookies or similar technologies to ensure proper operation and to analyze website traffic.

Cookies are small text files stored on the user's device. They do not allow direct identification of users.

Users may control cookie settings through their web browser.

9. Security Measures

The controller applies appropriate technical and organizational measures to protect personal data, including:

  • encrypted communication (HTTPS)
  • access controls to internal systems
  • multi-factor authentication for critical services
  • encrypted storage on company devices

10. Changes to This Policy

This Privacy Policy may be updated from time to time.

The current version is always available on the website.