1. Data Controller
The controller of your personal data is:
Rosa Venti Sp. z o.o.
Wał Miedzeszyński 399
04-022 Warsaw
Poland
VAT ID: 5252817648
REGON: 385728393
KRS: 0000832586
Contact for data protection matters:
Email: biuro@rosaventi.pl
Phone: +48 533 062 809
2. Personal Data Processing
2.1. What data do we collect?
We collect the following categories of personal data:
- → Contact data: name and surname, email address, phone number (when you use our contact form)
- → Technical data: IP address, browser type, operating system, device information (via Google Analytics)
- → Behavioral data: browsing history, time spent on site, referral source (via Google Analytics)
2.2. Legal basis for processing
We process your data based on:
- → Art. 6(1)(a) GDPR - consent to processing personal data (contact forms, cookies)
- → Art. 6(1)(b) GDPR - performance of a contract or taking steps prior to entering into a contract
- → Art. 6(1)(f) GDPR - legitimate interest of the controller (website analytics, security)
2.3. Purpose of data processing
We process your data for the following purposes:
- → Handling inquiries: responding to messages sent via contact form
- → Traffic analysis: understanding how users interact with our website (Google Analytics)
- → Service improvement: optimizing content and website functionality
- → Security: protecting the website from attacks and abuse
- → Marketing: promoting our services (only with consent)
2.4. Data retention period
| Data type | Retention period |
|---|---|
| Contact form data | Up to 24 months from last contact or until consent withdrawal |
| Analytics cookies | Up to 26 months (Google Analytics) |
| Necessary cookies | Up to 6 months (cookie preferences) |
| Server logs | Up to 12 months |
2.5. Data sharing
Your data may be shared with the following entities:
- → Google LLC - provider of Google Analytics (based in USA, protected by EU Standard Contractual Clauses)
- → Hosting providers - ensuring website operation
- → IT service providers - technical support and website maintenance
- → Public authorities - if required by law
3. Your Rights
Under GDPR, you have the following rights:
3.1. Right of access
You have the right to obtain confirmation of whether we process your personal data and access to such data and information about processing.
3.2. Right to rectification
You have the right to request immediate rectification of inaccurate personal data and completion of incomplete data.
3.3. Right to erasure ('right to be forgotten')
You have the right to request erasure of your personal data if:
- → The data is no longer necessary for the purposes for which it was collected
- → You have withdrawn consent and there is no other legal basis for processing
- → You object to processing
- → The data was processed unlawfully
3.4. Right to restriction of processing
You have the right to request restriction of processing if:
- → You contest the accuracy of the data
- → Processing is unlawful but you oppose erasure
- → The controller no longer needs the data, but you need it to establish, exercise or defend legal claims
- → You have objected to processing – pending verification of whether the controller's grounds override yours
3.5. Right to data portability
You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
3.6. Right to object
You have the right to object at any time – on grounds relating to your particular situation – to processing of personal data based on the legitimate interest of the controller (Art. 6(1)(f) GDPR).
3.7. Right to withdraw consent
If processing is based on consent, you have the right to withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
3.8. Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority – in Poland, this is the President of the Personal Data Protection Office (PUODO):
- → Address: ul. Stawki 2, 00-193 Warsaw, Poland
- → Website: https://uodo.gov.pl
4. Cookie Policy
4.1. What are cookies?
Cookies are small text files stored on your device (computer, tablet, smartphone) while browsing a website. They allow the site to recognize your device and remember information about your preferences.
More information about cookies: www.allaboutcookies.org
4.2. Types of cookies
We use the following types of cookies on our website:
4.2.1. Necessary cookies
These cookies are essential for the website to function properly. They include:
| Cookie name | Purpose | Expiration |
|---|---|---|
| cookieconsent | Stores information about your cookie preferences | 6 months |
4.2.2. Analytics cookies
Help us understand how users interact with the website, allowing us to improve it:
| Cookie name | Provider | Purpose | Expiration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes website users | 2 years |
| _ga_35Y5RNRB9P | Google Analytics | Stores session state | 2 years |
4.3. Managing cookies
You can change your cookie preferences at any time by clicking the icon in the bottom left corner of the page or by setting your browser to block cookies.
How to manage cookies in popular browsers:
- → Google Chrome: Settings → Privacy and security → Cookies and other site data
- → Mozilla Firefox: Options → Privacy & Security → Cookies and Site Data
- → Safari: Preferences → Privacy → Cookies and website data
- → Microsoft Edge: Settings → Cookies and site permissions
4.4. Third-party cookies
Our website may contain embedded content from third-party providers (e.g., YouTube videos, Google Maps). These services may set their own cookies, which we do not control.
We recommend reviewing the privacy policies of these providers:
- → Google: policies.google.com/privacy
- → YouTube: policies.google.com/privacy
5. Data Security
We place great emphasis on protecting your personal data. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
• SSL/TLS encryption – all data transmitted between your browser and our server is encrypted
• Regular backups – protecting against data loss
• Restricted access – only authorized persons have access to personal data
• Security monitoring – we continuously monitor our systems for potential threats
• Software updates – we regularly update systems and software
Despite using state-of-the-art security measures, no method of data transmission over the Internet or data storage method is 100% secure. Therefore, we cannot guarantee absolute data security.
6. Changes to Privacy Policy
We reserve the right to make changes to this Privacy Policy. All changes will be published on this page along with the date of last update.
In case of significant changes, we will inform you through a clear notification on the website or via email (if we have your email address).
We encourage you to regularly review this page to stay informed about our personal data protection practices.
7. Contact
If you have any questions regarding this Privacy Policy, how we process your personal data, or wish to exercise your rights, please contact us:
Rosa Venti Sp. z o.o.
Wał Miedzeszyński 399
04-022 Warsaw, Poland
Email: biuro@rosaventi.pl
Phone: +48 533 062 809
We will make every effort to respond to your inquiry within 30 days.