Privacy Policy & GDPR
January 2026
PRIVACY POLICY AND INFORMATION CLAUSE (GDPR) OF THE THEASSIST.PL WEBSITE
Last updated date: January 29, 2026.
This Privacy Policy sets out the principles for collecting, processing, and protecting personal data, as well as the rules for storing and accessing data on the Devices of Users using the Service for the purpose of providing electronic services by the Administrator.
§1 DEFINITIONS
Service – the “theassist.pl” website operating at https://theassist.pl.
External service – services of partners, service providers, or clients cooperating with the Administrator (e.g., Framer, Google, Meta).
Administrator – VICKYPRO WIKTORIA PAWLAK, Tax ID (NIP): 1231251079.
User – a natural person for whom the Administrator provides services by electronic means.
Device – an electronic device (computer, phone) together with software through which the User uses the Service.
Cookies – text data collected in the form of files on the User’s Device.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation).
§2 CONTACT AND DATA PROTECTION OFFICER
The Controller has designated a contact point for personal data matters at the following e-mail address: wiktoria@theassist.pl.
Traditional correspondence may be sent to the following address: The Assist, ul. Reja 9, 05-532 Baniocha.
We handle all inquiries regarding your rights without undue delay, within the time limits provided for by the GDPR.
§3 INFRASTRUCTURE AND ENTRUSTMENT OF DATA PROCESSING
We operate as a professional business partner, which is why we use secure technological solutions. Your data may be entrusted to the following categories of recipients:
Framer B.V. – The Service is built and maintained on the Framer platform. Technical data and data provided in forms are processed within their infrastructure.
Accounting Services – Data necessary for issuing invoices and tax settlements is transferred to an external, licensed accounting office.
Invoicing System – Contractor data is processed in a secure cloud-based invoicing system.
Google Workspace – Email communication and collection of inquiries take place within the professional and closed domain
@theassist.pl. Access to data is granted exclusively to persons authorized by the Controller.Transfers outside the EEA: Due to the use of services such as Google or Framer, data may be transferred to third countries (e.g., the USA). The Controller uses only providers ensuring GDPR compliance through Standard Contractual Clauses.
§4 TYPES AND PURPOSES OF DATA PROCESSING
We process personal data provided voluntarily and data collected automatically (cookies):
Establishing contact: First name, email, company name, message content.
Legal basis: Article 6(1)(a) GDPR (consent).
Purpose: Responding to inquiries and business communication.
Performance of the Agreement: Data necessary for The Assist to provide services.
Legal basis: Article 6(1)(b) GDPR.
Purpose: Performing assigned tasks and customer service.
Legal obligations and settlements: Invoice data, Tax Identification Number (NIP), residential/registered address.
Legal basis: Article 6(1)(c) GDPR.
Purpose: Fulfilling tax and accounting obligations.
Legitimate interest:
Legal basis: Article 6(1)(f) GDPR.
Purpose: Establishing, pursuing, or defending against claims, and maintaining blog statistics.
§5 COOKIES AND ANALYTICAL TOOLS
We use internal Cookies (necessary) and external Cookies (partners):
Session and persistent Cookies: They are used to improve website performance and remember preferences.
List of external partners:
Statistical Services: Google Analytics, WordPress Stats.
Social Media Services: Meta (Facebook/Instagram), LinkedIn.
Multimedia: YouTube, Vimeo (displaying video content on the blog).
The User may independently change Cookie settings in their browser. Disabling Cookies may affect the correct display of some Service functions.
§6 DATA RETENTION PERIOD
Form data: Stored until communication is completed or consent is withdrawn.
Contractual data: For the duration of the contract and the limitation period for claims (usually 3 or 6 years).
Accounting data: For the 5-year period required by law, counted from the end of the calendar year in which the tax payment deadline expired.
§7 YOUR RIGHTS
Under the GDPR, you are entitled to:
The right to access your data and receive a copy of it.
The right to rectify and supplement your data.
The right to erasure of data ("the right to be forgotten").
The right to restriction of processing.
The right to data portability.
The right to object to processing (especially for marketing purposes).
The right to withdraw consent at any time (without affecting the lawfulness of processing carried out before its withdrawal).
The right to lodge a complaint with the President of the Personal Data Protection Office.
§8 SECURITY
The Administrator uses SSL encryption to secure data transmission through forms.
Data is protected against access by unauthorized persons. We operate exclusively under the
@theassist.pldomain.Cookie mechanisms do not allow the retrieval of personal data or confidential information from the User's Device.
§9 FINAL PROVISIONS
The Administrator reserves the right to make changes to this Policy in order to adapt it to legal or technological changes.
The changes become effective from the moment they are published on the Service at https://theassist.pl/polityka-prywatnosci.
§10. REFERENCES TO OTHER WEBSITES (EXTERNAL LINKS)
Blog and educational content: As part of blog articles, the Administrator may include links to external websites, tools, or partner services that they consider valuable for the User.
No control: The Administrator declares that they have no influence over the content or privacy protection rules applicable on those websites.
Security recommendation: We encourage you to review the external website’s own privacy policy and terms and conditions each time you visit it.
Limitation of liability: The Administrator shall not be liable for the consequences of using information or tools found on external websites to which links in the Service lead.