1. General Provisions
Point Finance Sp. z o.o. (hereinafter referred to as the “Company” or “Controller”) acts in accordance with applicable laws and attaches particular importance to the protection of the personal data and privacy of the data subjects. All activities of the Company concerning personal data are treated as a priority. The Company exercises due care to protect the interests of data subjects and ensures that the data are processed in compliance with the provisions of the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (“GDPR”) and relevant national data-protection legislation.
To this end, Point Finance takes all reasonable measures to guarantee transparent and comprehensive information on the processing of personal data. This document, the Privacy Policy, defines the rules and principles of data processing, in particular within and in connection with the use of the Company’s website — www.pointfinance.pl.
2. Definitions
For the purposes of this Privacy Policy:
• Controller — Point Finance Sp. z o.o., NIP 5252956924, REGON 525360261, KRS 0001036513, with its registered office at ul. Prosta 51, 00-838 Warsaw, Poland, which determines the purposes and means of processing personal data.
• Personal Data — any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
• Website — the website operated by the Controller at www.pointfinance.pl.
• GDPR — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
• User — any natural person visiting the Website or using one or more functionalities made available therein
3. Scope and Purpose of the Policy
This Policy applies to all personal data processed by Point Finance in connection with:
• browsing or using the Website;
• expressing interest in the Company’s services or cooperation;
• contacting the Company via contact forms, telephone or e-mail;
• recruitment processes;
• the Company’s social-media activities.
The Website is addressed to adults. Point Finance does not intentionally process data of persons under 18 years of age.
4. Categories of Data and Purposes of Processing
4.1. Website Users
The Company may process information relating to the User’s activity on the Website (e.g. cookies, IP addresses, browser data). These data are not used to identify the User personally. They are processed for:
• analytical and statistical purposes to improve Website functionality — Article 6(1)(f) GDPR (legitimate interest);
• marketing of the Company’s own services — Article 6(1)(f) GDPR.
4.2. Clients and Interested Persons
When filling out contact forms or communicating electronically, Users may provide identifying and contact details (such as name, e-mail address, telephone number, city). Such data are processed for the following purposes:
• to present offers of products and services of the Controller and its partners — Article 6(1)(a) GDPR (consent);
• to perform direct marketing activities — Article 6(1)(f) GDPR (legitimate interest);
• to fulfil legal obligations — Article 6(1)(c) GDPR;
• for archiving purposes — Article 6(1)(f) GDPR.
4.3. Business Partners and Contractors
Point Finance processes identification and contact data of business contacts (including representatives of partner entities) for:
• the conclusion and performance of agreements — Article 6(1)(b) GDPR;
• business communication and cooperation management — Article 6(1)(f) GDPR;
• fulfilment of statutory obligations — Article 6(1)(c) GDPR.
4.4. Job Applicants
The Company processes data provided in application documents solely for recruitment purposes, in accordance with Article 6(1)(a), (1)(b) and (1)(f) GDPR, depending on the legal basis applicable to the form of cooperation.
4.5. Correspondence and Communication
When Users contact the Company by e-mail or telephone, Point Finance processes identifying and contact details (and, in the case of calls, also voice data) for:
• communication and handling of the enquiry — Article 6(1)(f) GDPR (legitimate interest);
• record-keeping and archiving — Article 6(1)(f) GDPR.
5. Cookies
Cookies are small text files stored on the User’s device when visiting the Website. They enable the collection of statistical data concerning User activity, which helps improve the Website’s content, structure and usability.
The Website uses:
• session cookies, removed upon closing the browser or ending the session;
• persistent cookies, stored for a defined period or until manually deleted.
Users may change cookie settings at any time through their web-browser settings. If the User does not modify those settings, this is deemed acceptance of cookies as described herein.
6. Google Analytics
The Company uses Google Analytics for the measurement, analysis and statistical assessment of User activity on the Website. Data obtained in this way are anonymous and are not used to identify Users personally.
7. Retention and Data Security
Point Finance retains personal data only for as long as necessary to achieve the purpose for which they were collected or to meet legal requirements. The Company applies technical and organisational measures ensuring an appropriate level of security, including protection against unauthorised access, alteration or destruction. Business partners and service providers are bound by data-processing agreements ensuring equivalent data-protection standards.
8. Rights of Data Subjects
Each person whose data are processed by the Company has the right to:
• access their personal data (Article 15 GDPR);
• rectify inaccurate or incomplete data (Article 16 GDPR);
• erase data (“right to be forgotten”) — Article 17 GDPR;
• restrict processing — Article 18 GDPR;
• data portability — Article 20 GDPR;
• object to processing, including for marketing purposes — Article 21 GDPR;
• withdraw consent at any time, without affecting the lawfulness of prior processing.
Requests may be submitted to the e-mail address kontakt@pointfinance.pl. The Controller shall respond within one month of receipt, with a possible extension under Article 12(3) GDPR.
9. Contact Details
Controller: Point Finance Sp. z o.o. ul. Prosta 51, 00-838 Warsaw, Poland kontakt@pointfinance.pl +48 880 212 688
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO) or another competent supervisory authority.
10. Amendments
This Privacy Policy may be amended to reflect changes in legislation or internal processes. The current version is always available on the Company’s website.
