BRJ-STUDIO
Privacy Policy for the website www.brj-studio.com
1. Data controller
The controller of personal data collected via the website operating atwww.brj-studio.com (hereinafter: ‘the Website’) is: BRJ-Studio Robert Bednarczyk, ul. Jana III Sobieskiego 45, 05-300 Minsk Mazowiecki, Poland Tax ID (NIP): 8251413152 | National Business Registry Number (REGON): 540547329 Contact: kontakt@brj-studio.com. The Controller ensures the protection of Users’ personal data and processes it in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), the Act of 10 May 2018 on the protection of personal data, and other applicable legal provisions.
2. Scope of personal data collected
The Data Controller collects only the data necessary for the proper provision of the services offered via the Website. Users’ personal data may include:
• first name and surname (or company name),
• email address,
• phone number.
Providing the above data is voluntary; however, it is necessary for the provision of services requiring contact or identification of the User (e.g. contact form, enquiry). The data is not subject to automatic verification.
• first name and surname (or company name),
• email address,
• phone number.
Providing the above data is voluntary; however, it is necessary for the provision of services requiring contact or identification of the User (e.g. contact form, enquiry). The data is not subject to automatic verification.
3. Purposes and legal basis for data processing
Users’ personal data is processed for the following purposes and on the following legal grounds (Article 6 of the GDPR):
3.1 Provision of services and responding to enquiries
Legal basis: Article 6(1)(b) of the GDPR (performance of a contract or taking steps prior to entering into a contract). The data is processed for the purpose of handling enquiries, establishing a business relationship, and providing architectural and design services.
3.2 Marketing and communication
Legal basis: Article 6(1)(a) of the GDPR (the User’s consent). Data is processed for the purpose of sending information about BRJ-Studio’s services, news and marketing materials – solely upon the User’s prior consent. Consent may be withdrawn at any time without affecting the lawfulness of processing carried out prior to its withdrawal.
3.3 The Controller’s legitimate interest
Legal basis: Article 6(1)(f) of the GDPR. Data may be processed for the purposes of pursuing or defending against claims, ensuring the security of the website, and compiling statistics.
4. Users’ rights
Under the GDPR, every user has the right to:
1. access to your personal data (Article 15 of the GDPR),
2. correction of inaccurate or incomplete data (Article 16 of the GDPR),
3. the right to erasure (‘the right to be forgotten’) – Article 17 of the GDPR,
4. restrictions on data processing (Article 18 of the GDPR),
5. the right to data portability (Article 20 of the GDPR),
6. to object to the processing of data (Article 21 of the GDPR),
7. to withdraw consent at any time, where processing is based on consent,
8. to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, www.uodo.gov.pl.
To exercise the above rights, please contact the Data Controller at: kontakt@brj-studio.com. The Data Controller will respond to your request without undue delay, and no later than within 30 days.
1. access to your personal data (Article 15 of the GDPR),
2. correction of inaccurate or incomplete data (Article 16 of the GDPR),
3. the right to erasure (‘the right to be forgotten’) – Article 17 of the GDPR,
4. restrictions on data processing (Article 18 of the GDPR),
5. the right to data portability (Article 20 of the GDPR),
6. to object to the processing of data (Article 21 of the GDPR),
7. to withdraw consent at any time, where processing is based on consent,
8. to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, www.uodo.gov.pl.
To exercise the above rights, please contact the Data Controller at: kontakt@brj-studio.com. The Data Controller will respond to your request without undue delay, and no later than within 30 days.
5. Sharing of personal data
As a general rule, the Data Controller does not disclose Users’ personal data to third parties. Data may only be disclosed:
• data processors acting on behalf of the Controller (e.g. hosting service providers, communication tool providers), with whom the Controller has entered into appropriate data processing agreements (Article 28 of the GDPR),
• to state authorities or other bodies authorised by law – solely upon their documented request.
Personal data is not transferred to third countries (outside the European Economic Area) without ensuring an adequate level of protection.
• data processors acting on behalf of the Controller (e.g. hosting service providers, communication tool providers), with whom the Controller has entered into appropriate data processing agreements (Article 28 of the GDPR),
• to state authorities or other bodies authorised by law – solely upon their documented request.
Personal data is not transferred to third countries (outside the European Economic Area) without ensuring an adequate level of protection.
6. Data retention period
Personal data is retained for the period necessary to fulfil the purposes for which it was collected:
• data processed on the basis of consent – until such consent is withdrawn,
• data relating to the provision of services – for the duration of the partnership and for the limitation period of any claims (generally 6 years),
• data processed on the basis of a legitimate interest – until an objection is successfully lodged or that interest ceases to exist.
Once the above-mentioned periods have elapsed, the data is permanently deleted or anonymised.
• data processed on the basis of consent – until such consent is withdrawn,
• data relating to the provision of services – for the duration of the partnership and for the limitation period of any claims (generally 6 years),
• data processed on the basis of a legitimate interest – until an objection is successfully lodged or that interest ceases to exist.
Once the above-mentioned periods have elapsed, the data is permanently deleted or anonymised.
7. Data security
The Controller implements appropriate technical and organisational measures to ensure the protection of the personal data being processed, commensurate with the risks and the category of data; in particular, it safeguards the data against unauthorised access, disclosure, loss and destruction. Access to the data is restricted to persons authorised by the Controller, who are bound by a duty of confidentiality.
8. Cookies and technical data
8.1 What are cookies?
Cookies are small text files stored on the User’s device by the web browser when they visit the Website. Among other things, they enable the storage of preferences, traffic analysis and content personalisation.
8.2 Types of cookies used
• Essential – necessary for the proper functioning of the Website (basis: the Controller’s legitimate interest).
• Analytical – these enable us to analyse traffic and how the Website is used, e.g. Google Analytics (basis: the User’s consent).
• Marketing cookies – used to display personalised content and adverts (based on the User’s consent).
• Analytical – these enable us to analyse traffic and how the Website is used, e.g. Google Analytics (basis: the User’s consent).
• Marketing cookies – used to display personalised content and adverts (based on the User’s consent).
8.3 Managing cookies
You can manage your cookie settings at any time – accept selected categories or all of them, or withdraw your consent – via the cookie banner displayed when you first visit the Website or via your browser settings. Disabling certain categories of cookies may limit the functionality of the Website.
8.4 Technical specifications
The Website may automatically record technical data transmitted by the User’s browser, such as IP address, browser type, operating system, time of visit and pages visited. This data is used solely for statistical purposes and to ensure the security of the Website, and is not linked to the User’s personal data.
9. Links to external websites
This website may contain links to external websites. The website administrator accepts no responsibility for the privacy policies and practices of third-party websites. We recommend that you review the privacy policy of each website you visit.
10. Changes to the Privacy Policy
The Controller reserves the right to amend this Privacy Policy. Any changes will be published on the website www.brj-studio.com and will come into effect on the date of publication, unless otherwise expressly stated. In the event of significant changes, the Administrator may notify Users by email (if they have provided their address). Please review the current version of the Privacy Policy regularly. This Privacy Policy is effective from: 8 April 2026.
10. Changes to the Privacy Policy
For matters relating to the protection of personal data or this Privacy Policy, please contact:
BRJ-Studio Robert Bednarczyk
45 Jana III Sobieskiego Street, 05-300 Mińsk Mazowiecki
Email: kontakt@brj-studio.com
Website: www.brj-studio.com
BRJ-Studio Robert Bednarczyk
45 Jana III Sobieskiego Street, 05-300 Mińsk Mazowiecki
Email: kontakt@brj-studio.com
Website: www.brj-studio.com