Privacy Policy
concerning the protection of personal data processed
within the website

In order to respect your right to privacy and out of concern for the security of your personal data, GT Group Tomaszek sp. z o.o. with its registered office in Warsaw, Rondo ONZ 1, 00-124 Warsaw, entered into the Register of Entrepreneurs of the National Court Register by the District Court in Rzeszów, XII Commercial Division of the National Court Register, under the following number: 0000224213, with NIP 8151664972, REGON 1800041130 (hereinafter also referred to as “Company”), as the owner and administrator of the website located under the following domain: and its subpages (hereinafter referred to as “Website”), as well as the controller of data collected and processed as part of functioning of the above-mentioned Website, applies appropriate solutions that provide the above-mentioned security.

This Privacy Policy provides explanation on how we use your personal data, how we collect and store it. By using the Website, you give consent to the practices described in this Privacy Policy. We collect your personal data, provided during use of the Website, with the greatest diligence and in accordance with applicable legal provisions, i.e. the Act of 10.05.2018 on the protection of personal data, as well as the Regulation (EU) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), while observing the rights to privacy protection, and we provide a guarantee to all persons using the Website that the provided data will be properly protected against interception by third parties.

We make every effort in order to protect your interests. Especially, we ensure that we collect your data for specified, lawful purposes and that we do not subject them to further processing incompliant with the above-mentioned purposes. Moreover, we ensure that your data is substantially correct and adequate in relation to the purposes for which it is processed and stored, for no longer than it is necessary to achieve the purpose of processing.

Who is the controller of your personal data?

The controller of your personal data is GT Group Tomaszek sp. z o.o. with its registered office in Warsaw, Rondo ONZ 1, 00-124 Warsaw, KRS 0000224213, NIP 8151664972, REGON 1800041130 (hereinafter also referred to as “Seller”). You can contact us by writing to the following address: GT Group Tomaszek sp. z o.o., ul. Cetnarskiego 35/37, 37-100 Łańcut.

Data Protection Officer

The Data Protection Officer (DPO) of the Company is Mr. Jacek Chmiel. In order to contact the Data Protection Officer in matters associated with the processing of your personal data by the Company, including the exercise of your rights resulting from the GDPR, use the following e-mail address:

What type of data is collected and for what purpose?

During the use of the Website, you may be asked to provide some of your personal data, especially by filling out the following forms:

contact form,
newsletter subscription form.

The data collected with the use of above-mentioned forms includes: e-mail address and telephone number.
Provision of the above-mentioned data is voluntary, however necessary in order to:
1) reply to the correspondence sent by you and to provide information to the question submitted in the contact form;

2) send marketing information (promotional and advertising information) regarding offered Products and services, including promotional codes and vouchers that may be used in our stores and furniture studios.

Moreover, we can also record your data when you contact us via phone, e-mail or traditional mail, by writing or by calling the numbers and addresses indicated on the Website.

Additionally, we can process your personal data entered on social media, especially on Facebook, Instagram, YouTube, Linkedln, in order to promote the Controller’s brand, as well as its business and social activities. In the scope in which we have control over the processing of data in social media, you are entitled – as a user of our profile – to the rights described in this Privacy Policy.

Your activity on the Website, including your data, is registered in the system logs (it is a special computer program used to store chronological records including information about the events and activities concerning the IT system, which is used to provide services by the Controller). The information collected in the logs may include data concerning: access to the website, volume of transferred data, used browser, used operating system, IP address and the internet service provider. The Controller processes the above-mentioned data on the basis of its legitimate interest, mainly for purposes associated with the provision of services, correct display of the website contents, for technical purposes, for the purposes of ensuring the IT system’s security and its management, as well as for analytical and statistical purposes.

Moreover, the Website also uses cookies. They are used in order to provide high-quality services and to optimise the contents available on the Website, to adapt them to the individual needs of each user, as well as for advertising and statistical purposes. The use of data collected via this technology takes place based on the legitimate interest of the Controller and only provided that you gave consent to the use of cookies, in accordance with the cookie policy described in detail in the subsequent section of this document.

As a result of the above, your personal data may be processed in an automated manner (including in the form of profiling), however this will not cause any legal effects in regard to you, nor affect your situation in a similar manner. The profiling is carried out with the use of IT tools, among others from such companies such as Google Inc. and Facebook Inc., in order to analyse or forecast personal preferences and interests, and in order to adapt the contents on the Website to these preferences, as well as to adapt the marketing offer to the above-mentioned preferences.

What is the legal basis on which we process the collected data?

In the case of data processing for the purpose of responding to the correspondence sent by you, the legal basis for processing is our legitimate interest (article 6 section 1(f) of the GDPR), which consists of providing our clients and users with full information and ensuring that they have a positive experience with our Website.

In the case of processing your data for marketing purposes, especially informing about the Products, promotions, discounts and additional services offered by the Company, as well as sending (displaying) advertisements adapted to your preferences, the legal basis for data processing is our legitimate interest (article 6 section 1(f) of GDPR), including presenting you with offers, promotions, advertisements that may be of interest to you, as well as other information concerning our activities. We will send you the above-mentioned commercial information, if you previously provided us with your e-mail address.

In a similar manner, in the case of processing your data for analytical and statistical purposes, as well as ensuring security on the Website, our activities are based on our legitimate interest (article 6 section 1(f) of the GDPR), which consists of providing a user-friendly, attractive and secure website, as well as its optimisation, in order to achieve our business objectives and to meet your expectations.

While processing your personal data in the form of cookies and other similar technologies for marketing purposes, as well as sending you advertisements adapted to your preferences, analysing your activity, improving relevant functionalities and for statistical purposes, we do it based on our legitimate interest (article 6 section 1(f) of the GDPR), provided that you gave consent to the use of cookies, in accordance with the provisions of the Telecommunications Law Act.

How long do we process your data?

The duration of permitted processing of your personal data depends on the legal basis, which constitutes the premise for the processing of personal data. As a result:

1) if we process personal data based on your consent, then the processing period lasts until you withdraw your consent;

2) if we process personal data based on our legitimate interest, then the processing period lasts until expiration of the above-mentioned interest (e.g. limitation period for civil law claims) or until you will object to such subsequent processing – in the case of processing of data for marketing purposes.

What are your rights regarding personal data?

In connection with the processing of your personal data, you have the following rights:

the right to access data;
the right to rectify data;
the right to delete data;
the right to limit the processing of data;
the right to transfer your data;
the right to submit objection (when the processing is based on legitimate interest of the Controller);
the right to withdraw consent (when the processing is based on your consent).

The exercise of above-mentioned rights depends on the conditions determined in the GDPR. In the case of refusal to accept the request, you will receive a reply with the justification for a given refusal.

Please note that:

the right to delete data and the right to demand limitation of processing only apply in the cases determined in the provisions of the GDPR;
the right to transfer your data applies only if the legal basis for processing is consent or performance of a contract;
we may refuse to delete your data despite submitting such a request, provided that one of the exceptions listed in the GDPR applies, e.g. when the processing of data is necessary to fulfil a legal obligation or to establish, pursue or defend claims;
in certain cases, we may refuse to take into account your objection to data processing based on our legitimate interest, when there are legally justified grounds for data processing, which override your interests, rights and freedoms, or when there are grounds for establishing, pursuing or defending claims.

Moreover, from May 25, 2018, you also have the right to lodge a complaint with the competent supervisory body, if you believe that we violate the law by processing your personal data. In Poland this body is the President of the Personal Data Protection Office.

Who do we share your data with?

Within the provision of services available on the Website, we transfer your personal data to the companies that support us in the scope of ICT services, as well as entities implementing widely understood marketing activities for us.

In special situations, i.e. associated with the cooperation with global companies such as Google Inc. or Facebook Inc., your personal data may be transferred outside the European Economic Area. In the case of the above-mentioned entities, i.e. our company’s use of Google Analytics, Google Adwords, Google Search Console and Facebook Analytics, the data is transferred based on the relevant contracts. Such contracts are based on standard contractual clauses issued by the European Commission in accordance with art. 46 sec. 2(c) of the GDPR. A copy of the above-mentioned standard contractual clauses can be obtained from the Data Protection Officer.

Security and confidentiality

We apply all technical and organisational means aimed at ensuring the security of your personal data and protecting it against accidental or intentional destruction, accidental loss, modification, unauthorised disclosure or access. The information is stored and processed on servers characterised by a high level of security, with appropriate security measures that meet the requirements of Polish law.

We carry out a risk analysis on an ongoing basis in order to ensure that personal data is processed by us in a safe manner, which above all ensures that only authorised persons have access to data and only in the scope in which it is necessary due to the tasks implemented by them. Moreover, we make sure that all operations on personal data are recorded and carried out only by authorised employees and associates.

In addition, we undertake all the necessary steps to make sure that our subcontractors and other cooperating entities guarantee the use of appropriate security measures in every situation, in which they process personal data on our behalf.

Changes to the privacy policy

We may introduce changes to the Privacy Policy in the future, about which you will be informed. By using the Website after receiving information regarding changes to the Privacy Policy, you give consent to our subsequent processing of your personal data based on the new rules.

Information regarding cookies

Cookies are small text files, which are stored by your browser. They contain collections of information that are saved on your computer when you visit the Website. Subsequently, during the next visit, they are sent back to the Website from which they were downloaded or to another website that recognises a given cookie file.

Cookies are useful due to the fact that they enable the website to recognise the user’s device during subsequent visit on the website. We want to know which categories you visit more often than the others, so we can work to ensure that our offer and the method of its presentation perfectly meet your expectations. You give us the knowledge about the direction in which we should develop, and about your requirements.
Cookies do not in any way destroy or damage the system on your computer or your stored files, and they do not intentionally affect its performance or functionality in adverse manner. The identification is not personal – it does not use your name, but only data on the manner and form of the website use.

More information regarding cookies can be found at: or in the “Help” section of your web browser.

Why do we use cookies?

Within the Website, cookies are used for the purpose of:

providing the services;
adapting the contents to your preferences and optimising the use of websites; especially, these files allow to recognise your device and properly display the Website in a manner adapted to your individual needs;
creating the statistics that help to understand how users use the Website, which allows us to improve its structure and contents;
presenting advertisements in a manner adapted to your unique needs and interests, as well as your place of residence;
ensuring the security and reliability of the Website.


The types of used cookies

Two basic types of cookies are used within the Website:
1. session cookies – these are temporary files that are stored on your end device until you log out, leave the Website or turn off the software (web browser); and

2. permanent cookies – these are files stored on your end device for the time determined in the parameters of such cookies or until you delete them.

In terms of purpose, we use the following cookies within the Website:

required cookies – these are files necessary for efficient navigation of the Website and the use of all the functions of the Website. The user’s consent to our use of these cookies is not required;
performance cookies – these cookies collect information on the method of website use by the user, including the most frequently visited pages and error messages. They do not collect information identifying the users. Their purpose is to improve the operation of the Website;
functionality cookies – these files allow the website to remember the choices (if any) made by the user (user name, language or region) and to provide functions adapted to individual needs (if such functions are available). For example, a website can be used to remember changes in terms of text size, font, and other customised website elements. Information collected in such files is anonymous and does not track user activity on other websites;
advertising cookies – these cookies help to match the advertisements to the user’s interests. They can collect information regarding habits of using browsers and may adapt the contents of advertisements to the user’s interests;
statistical cookies – these cookies are used to count the statistics concerning the Website.

Management of cookies

Your browser is probably configured to accept all cookies by default. However, you can change the settings of cookies by yourself and at any time, by determining the conditions for their storage and access to your end device via cookies. The above-mentioned settings can be changed using the settings of your web browser. In particular, these settings can be changed in a manner blocking the automatic use of cookies in the web browser settings, or informing about their every download on your end device. Detailed information regarding the possibilities and methods of use in the scope of cookies, is available in the software (web browser) settings.
Failure to make changes means that cookies may be placed and stored on your end device, and therefore, we will store cookies on your end device and access these files.

Moreover, you can delete cookies at any time using the functions available in the used web browser.

Just remember that the limitation of use of cookies may affect some functionalities available on our Website.

Back to Top