1. Homepage
  2. -
  3. Privacy Policy – Marcin ...

Privacy policy - Marcin Pluta MP BUSINESS SOLUTIONS

Privacy policy - Marcin Pluta MP BUSINESS SOLUTIONS

Information related to Data protection

Personal Data Processing Policy



Marcin Pluta conducting business activity under the name of Marcin Pluta MP BUSINESS SOLUTIONS, holding NIP 5631803509 (the “Controller”), is strongly committed to protecting personal data and keeping everyone informed, in an open, transparent way. We process personal data for numerous purposes. How we collect it, our lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. By reading this Privacy Policy you will find out details on the collection and use of your personal data as well as what are your individual rights. To find out more about our specific processing activities, please go to the relevant sections of this policy.

The Controller uses the IT system provided and maintained by Sollers Consulting Sp. z o.o. with its registered office in Warsaw, in which the processing of personal data for the Controller takes place. The IT system meets the requirements of the Administrator's country. The personal data must be collected and processed in accordance with the requirements of GDPR and domestic regulations concerning personal data.


What is personal data?

Personal data is any information relating to an identified or identifiable living person.


What personal data does the Policy cover?

In this privacy policy, "personal data" means information about a natural person that can be directly or indirectly identified, in particular based on an identifier such asname, identification number, location data or an online identifier. Personal data also refers to one or more specific factors determining the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.


What are the legal grounds for processing data?


Legal grounds for processing personal data visiting our website:

  • The pursuit of a legitimate interest in developing and improving our website, providing users with tailored content.


Legal grounds for processing the personal data of our clients or of natural persons whose personal data we obtain in connection with providing services to our clients:

  • Compliance with legal or regulatory obligations.
  • Performance of the contract.


Legal grounds for the processing of personal data of natural persons appearing in our contact database:

  • Explicit consent of a natural person appearing in the commercial contacts database.
  • The pursuit of a legitimate interest in managing relationships with individuals in a database of business contacts and providing information on Sollers, our services and events organized by us.


Legal grounds for processing personal data of event participants:

  • Participant's explicit consent.
  • Realization of a legitimate interest in organizing events and managing the registration process of participants for such events.
  • The pursuit of a legitimate interest to protect our employees, property and information, and to prevent unauthorized access to Sollers events taking place outside of the company.


Legal grounds for the processing of personal data of individuals visiting our pages on social media and the use of social media plug-ins and tools:

  • The pursuit of a legitimate interest in promoting the Sollers brand and services.
  • Realization of a legitimate interest in attracting, identifyingand recruiting highly qualified employees.
  • The pursuit of a legitimate interest in improving the experience of individuals visiting our website and optimizing our services.


Legal grounds for processing personal data of the Controller alumni:

The Controller hopes to maintain long-term and mutually beneficial relations with the Controller alumni. In the event of an invitation to our alumni community, to enter the invited person into one of our alumni databases, data such as name and surname, contact details: email and telephone number will be used, unless the invited person states that they are not interested in participating in the Controller alumni program. Alumn has the ability to create a more detailed profile and decide on the scope of information that the Controller wants to share with the wider alumni community.

  • Clear consent, aluminum
  • Realizing a legitimate interest in maintaining a strong relationship with the Controller alumni, sending publications on the Controller and our services, inviting alumni to our events, and helping alumni to keep in touch with other Controller alumni.


Legal grounds for processing personal data of individuals conducting e-mail correspondence with the Controller:

  • The pursuit of a legitimate interest in securing our IT infrastructure against unauthorized access and data leakage.
  • Realization of a legitimate interest in analyzing mail traffic statistics e-mail.


Legal grounds for processing personal data of natural persons applying for a job at the Controller:

  • Clear consent from the candidate.
  • Realization of a legitimate interest in carrying out the recruitment process, including attracting, identifying, verifying, sourcing talent and recruiting employees.
  • Realization of a legitimate interest to process and manage application for roles at Sollers, including the screening and selecting.
  • Realization of a legitimate interest to hire and onboard candidates by making an offer to successful candidates and carrying out pre-employment screening checks.
  • Realization of a legitimate interest to manage Sollers career websites (including conducting statistical analyses).
  • Compliance with a legal or regulatory obligation (when carrying out background checks to warrant a candidate is eligible to work).


Legal grounds for processing personal data of our suppliers:

  • Performance of the contract.
  • Compliance with legal or regulatory obligations.


Legal grounds for processing personal data of natural persons visiting the Controller offices:

  • The pursuit of a legitimate interest in protecting the Controller' offices, staff, goods and confidential information.
  • The pursuit of a legitimate interest in preventing and detecting crimes and establishing, investigating and defending claims.


Contact via e-mail

Persons conducting e-mail correspondence with the Controller.

The Controller uses various tools to maintain the security of IT infrastructure, including email.

In the case of e-mail correspondence with the Controller, messages received from the user will be scanned using tools used by the Controllerto secure their IT infrastructure, which may lead to situations in which the content of the message will be read by authorized persons from the Controllerwho are not its final recipient.


Legal grounds for processing personal data of persons conducting correspondence by e-mail with the Controller:

  • Realization of a legitimate interest in securing IT infrastructure against unauthorized access and data leakage.


Security. Sharing Personal Data and processing locations

The Controller has a framework of procedures and trainings aimed at keeping your personal data safe and ensuring security and confidentiality. These are regularly reviewed to assess the appropriateness of the measures the Controller has in place to keep the data he holds secure.

The Controller only share personal data with others when he is legally permitted to do so, putting in place security mechanisms and contracts to comply with the Controller’s security, confidentiality and data protection standards and policies.


The personal data that we hold, may be transferred to:

  • The Controller's co-workers. The data will be made available, if necessary, for administrative purposes or in connection with the provision of professional services to clients. Business contacts are available to the Controller’s associates in the internal CRM system and used by them in order to broaden contacts, deepen knowledge about potential: clients, projects, sales opportunities and opportunities that the Controller may be interested in business terms.
  • the Controller’s sub-contractors that help to provide to the Controller’s Clients professional services.
  • Professional advisors and auditors, if needed.
  • Third party organizations that provide applications/functionality, data processing or IT services to the Controller. A part of the Controller’sITsystems are provided or ran by third parties, e.g. providers cloud-basedsoftware as a service, website hosting and management, data backup, security and storage services. The servers powering and facilitating that cloud infrastructure for the Controller are located in secure data centers in the EU.
  • Third party organizations that provide the Controller with goods, information or services.
  • Third parties as required by law. It may happen that the Controller will need to share personal information with e.g. law enforcement bodies or governmental agencies in order to be compliant with the applicable law. This is when the need to establish, exercise or defend legal rights or to investigate an alleged crime arises.


Exercising individual rights

When their data is processed, individuals have certain rights data controllers and processors are responsible for fulfilling these rights.Please find below a list of rights that you have and how to exercise them from us, the Data Controller:


Access to personal data

You have the right of access to your personal data held by the Controller as a data controller.  If you want to exercise it and ask the Controller what personal data is he processing, send an e-mail at [email protected]  The Controller will respond to your request as promptly as possible, within the legally required time limits.


Withdrawal of consent

In general, the Controller do not process data based on consent. This is because usually the Controller can rely on another legal basis.  In cases where the Controller rely on consent, you have the right to withdraw it at any time. To withdraw consent to the Controller’s processing of your personal data, send an e-mail at [email protected] or, to stop receiving an email from the Controller’s marketing list, please click on the unsubscribe link in the received email.


Amendment of personal data

Whenever the Controller become aware that the personal data that he processes is no longer accurate, the Controller will make the appropriate amendments. In case you want to update the personal data that the Controller is processing, please send an e-mail to [email protected]


Other rights

Starting May 25th, 2018, you will have the right to demand erasure of your personal data, to demand restrictions in processing and the right to data portability.  If you wish to exercise those rights, please send an e-mail to [email protected].



If you want to complain about the Controller’s use of your personal data, please send an email with the details of your complaint to [email protected]. The Controller will investigate and reply to your complaint as soon as possible.

You also have the right to lodge a complaint with the Office for Personal Data Protection (UODO, Poland). For further information on your rights and how to submit a complaint, please visit accordingly: the website of the UODO.


Data Controller: details and contact information

When processing personal data, the entity that decides why and how the data is processed is a Data Controller. The Data Controller in this case is Marcin Pluta MP Business Solutions, holding NIP 5631803509 and with registration address at 54 Koszykowa Street, 00-675 Warsaw, Poland).


The Data Protection Officer was not appointed at the Controller in accordance with the applicable laws.

If you have additional questions, please contact:


54 Koszykowa St.

00-675 Warsaw, Poland

e-mail: [email protected]

tel. no.: +48 (22) 272 92 22


Changes to this privacy statement

This privacy statement was last updated on 1 of June 2022.

Once a year, the Controller conducts an audit of the correctness of personal data processing and its compliance with the applicable laws and the applicable instructions of the Office for Personal Data Protection.

Provided our commitment to processing data and informing you about your rights in a transparent way, the Controller will keep this privacy statement under regular review.