This Privacy and Cookies Policy provides information on the purposes, methods of processing, and security of your personal data as a User of the hotmelt.com.pl website (hereinafter referred to as the Website). By reading this Privacy and Cookies Policy, you will learn who the controller of your personal data is, what personal data is collected by the Website, for what purposes it is used, and how it is protected.

§1.
Basic Information

1. The owner of the Website and simultaneously the Personal Data Controller, hereinafter referred to as the “Controller,” is: Accurate Group Sp. z o.o. with its registered office in Toruń at ul. Wschodnia 13, KRS number 0000299241, NIP 8792547214.
2. Contact with the Controller is possible via:

1) e-mail: info@accurategroup.pl,

2) telephone: +48 56 656 61 71.

§2.
Definitions

1. GDPR – means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
2. Services – services provided electronically to Users within the Website.
3. User – any person using the Website.

§3.
Data Processing Principles

1. Personal data collected by the Controller through the Website is processed in accordance with the GDPR.
2. The Controller takes special care to respect the privacy of Users visiting the Website.
3. The Controller processes personal data respecting the following principles:

a) based on a legal basis and in accordance with the law (lawfulness),
b) fairly and honestly (fairness),
c) in a transparent manner for the data subject (transparency),
d) for specific purposes and not “in reserve” (purpose limitation),
e) no more than necessary (data minimization),
f) with care for data accuracy (accuracy),
g) no longer than necessary (storage limitation),
h) ensuring appropriate data security (integrity and confidentiality).

§4.
Purposes, Legal Bases, and Scope of Data Processing

1. We will process your data:

a) for the purpose of contacting you to respond to a User’s message sent to us via e-mail or the contact form, based on Art. 6(1)(b) and (f) of the GDPR, i.e., the fulfillment of the Controller’s legitimate interest related to the necessity of providing an answer;
b) for the performance of a contract, to respond to a User’s message sent via e-mail or the contact form on the Website for the performance of an electronically provided service. Legal basis: necessity for the performance of the contact form service contract (Art. 6(1)(b) of the GDPR);
c) for technical purposes using cookies (technical cookies), based on Art. 6(1)(f) of the GDPR, i.e., the fulfillment of the Controller’s legitimate interest related to the proper operation and functioning of the Website.

2. When using the contact form service on the subpage https://hotmelt.com.pl/kontakt/, the User provides the following ordinary personal data:

• name,
• e-mail address,
• telephone number.

3. While using the Website, additional information may be collected, in particular: the IP address assigned to the User’s computer or the external IP address of the Internet provider, domain name, browser type, access time, and operating system type.
4. Navigation data may also be collected from Users, including information about links and references they choose to click or other actions taken on the Website. Legal basis – legitimate interest (Art. 6(1)(f) of the GDPR), consisting of facilitating the use of electronically provided services and improving the functionality of these services.
5. Other data processed by the Controller is stored in cookies. The User can decide to what extent we can use cookies with their data. Providing data in this way is voluntary. The User may change their preferences at any time in their web browser or by deleting stored cookies from the Website.
6. If you like or otherwise join our social media profile (e.g., Facebook), we will process your data provided in the given medium managed by the Controller. To stop processing, you can unsubscribe from our profile.
7. External partner APIs: the Website may use APIs (Application Programming Interfaces) provided by external partners to integrate various functionalities such as maps, analytical services, advertising, or social media. Using these APIs may lead to the creation of additional cookies or the use of existing cookies to process User data. External partners may store and process this data in accordance with their own privacy policies.
8. The Controller may collect Users’ IP addresses. An IP address is a number assigned to the User’s computer by the Internet service provider. The IP number enables Internet access. In most cases, it is assigned dynamically, i.e., it changes each time you connect to the Internet, and for this reason, it is commonly treated as non-personally identifiable information. The IP address is used by the Controller to diagnose technical problems with the server, create statistical analyses (e.g., determining the regions with the most visits), manage and improve the Website, and for security purposes and potential identification of undesirable automatic programs loading the server.

§5.
Data Recipients and Transfer to Countries Outside the EEA or International Organizations

1. Recipients of Users’ personal data include:

a) entities authorized to obtain personal data based on legal provisions;
b) entities providing services to the Controller with whom the Controller has signed a data processing agreement;

2. In connection with the Controller’s social media accounts (Facebook, YouTube), Users’ personal data is transferred to Meta Platforms Ireland Limited and may be transferred to the USA. We use Facebook analytical and marketing tools, such as Facebook Pixel, to target personalized advertisements on Facebook. This involves using Facebook cookies. Information on data processing principles and the rights of Users (natural persons) under the GDPR can be found at: https://www.facebook.com/privacy/explanation. By consenting to cookies on the Website, the User also consents to the use of these Facebook cookies.
3. Users’ personal data may be transferred to service providers used by the Controller to run the Website, including hosting providers, accounting services, marketing systems, website traffic analysis systems, and marketing campaign effectiveness analysis systems. These providers either act under the Controller’s instructions (processors) or independently determine the purposes and methods of processing (controllers).
4. The Website uses Google Analytics, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Cookies collect information regarding Website visits, such as anonymized IP addresses, visitor identifiers, subpages visited, time spent, transitions between subpages, demographics, and interests. Data is aggregated and stored on Google LLC servers in the USA. You can block Google Analytics cookies at any time by installing the browser add-on available at: https://tools.google.com/dlpage/gaoptout.
5. For advertising campaigns, we use Google Ads, which uses its own cookies provided by Google LLC. By consenting to cookies on the Website, you also consent to Google Ads cookies.
6. We use Google Tag Manager to help collect analytical data and control advertising campaigns and how Users use the Website. This tool uses its own scripts and cookies.
7. Upon request, the Controller may be obliged to share personal data with authorized state authorities, in particular the Prosecutor’s Office, the Police, the President of the Personal Data Protection Office, the President of the Office of Competition and Consumer Protection, or the President of the Office of Electronic Communications.

§6.
Data Processing Period

1. Personal data collected based on consent is processed until the consent is withdrawn. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
2. Users’ personal data is stored:

2.1. Where processing is based on consent, personal data is stored until consent is revoked, and thereafter for a period corresponding to the statute of limitations for claims that the Controller or the User may raise. Unless a specific provision states otherwise, the statute of limitations is 6 years, and for claims regarding periodic benefits and claims related to business activity – 3 years.
2.2. Where processing is based on the performance of a contract, personal data is processed as long as necessary to perform the contract, and thereafter for the period corresponding to the statute of limitations for claims. Unless a specific provision states otherwise, the statute of limitations is 6 years, and for claims regarding periodic benefits and claims related to business activity – 3 years.

§7.
Automated Decision-Making and Profiling

Users’ personal data is not subject to automated decision-making, including profiling.

§8.
Information on Cookies

1. Our Website uses cookies.
2. Cookies are small text files stored on Users’ devices while browsing the Website. They are used to facilitate use, shorten loading times, remember preferences, and enable traffic analysis and behavior tracking.
3. Cookies can be persistent (stored for a specified time or until deleted) or session-based (deleted when the browser is closed).
4. The Controller uses various types of cookies:

a) Session cookies: removed from memory after the session ends or the computer is turned off. They do not collect personal or confidential data.
b) Persistent cookies: stored until deleted or expired. They do not collect personal or confidential data.
c) Technical cookies: necessary for the Website’s proper functioning (session maintenance, form handling, security). These are stored by default (under Art. 173(3) of the Telecommunications Law).
d) Third-party cookies: used by external analytical and advertising tools and social media integration.
e) Analytical cookies: used to collect info on how the Website is used (visit count, time spent, traffic source) to optimize functioning and tailor content.
f) Marketing/Advertising cookies: allow for ad personalization and remarketing based on interests. They serve to measure campaign effectiveness and optimize content.

5. The cookie mechanism is safe for Users’ computers. It is not possible for viruses or other unwanted/malicious software to enter devices through this channel. Users can restrict or disable cookie access. In such cases, using the Website will be possible, except for functions that by nature require cookies.

§9.
Why do we use cookies?

1. Cookies can significantly improve the comfort of using the Website.
2. The Controller uses cookies to present a map showing the office location via maps.google.com (External controller: Google Inc., USA).
3. They allow content to be tailored to User preferences and interests.
4. They remember settings like language, layout, or color schemes.
5. They track activity across subpages to allow easy return to previous sections or continuation of unfinished actions, such as form filling.
6. They help analyze behavior to optimize performance and deliver high-quality content.
7. They enable personalized, less invasive, and more relevant advertisements.

§10.
Functions of Technical Cookies

1. User session maintenance: allows moving between sections without re-logging or re-entering data.
2. Remembering User preferences: language, font size, color settings, and other personalization.
3. Form support: supporting contact forms to ensure proper data submission.
4. Website performance optimization: monitoring speed and performance.
5. Security: identity verification, detecting intrusion attempts, and CSRF (Cross-Site Request Forgery) protection.

§11.
Functions of Analytical Cookies

1. Website traffic measurement: monitoring visit counts and unique users.
2. User behavior analysis: tracking navigation paths, time spent on subpages, and exit points.
3. Conversion optimization: identifying elements affecting business goals (registration, orders, forms).
4. User segmentation: grouping users to better tailor content and offers.

§12.
Functions of Advertising Cookies

1. Personalized ads: based on history and interests.
2. Remarketing: targeting users who visited but didn’t complete an action.
3. Measuring ad effectiveness: tracking clicks, conversions, and impressions.
4. Multi-channel ad management: integrating actions across search engines and social media.
5. Testing and content optimization: A/B testing formats and creative messages.

§13.
Consent for Cookie Installation

1. During the first visit, a banner informs the User about cookies. Selecting “Accept” means accepting all cookies and confirming familiarity with this policy and data transfer to partners.
2. Consent is not required for necessary (technical) cookies (Art. 173(3) of the Telecommunications Law).
3. If you do not want cookies stored, you can select “No, thanks” (rejects all except necessary ones).
4. You can also customize preferences via the checkbox banner displayed during the first visit.

§14.
User Rights

Users have the following rights:

Right to withdraw consent – legal basis: Art. 7(3) GDPR.

1.1. The User has the right to withdraw any given consent.
1.2. Withdrawal is effective from the moment it is made.
1.3. It does not affect lawfulness of processing before the withdrawal.
1.4. No negative consequences, though some functionalities may become unavailable.

2. Right to object to data processing – legal basis: Art. 21 GDPR.

2.1. The User may object at any time – due to their specific situation – to processing based on legitimate interest (marketing, statistics, satisfaction surveys).
2.2. Unsubscribing from marketing emails constitutes an objection to processing for those purposes.
2.3. If the objection is justified, the data will be deleted.

3. Right to erasure (“right to be forgotten”) – legal basis: Art. 17 GDPR.

3.1. The User may request the erasure of all or some data.
3.2. This right applies if:

3.2.1. Data is no longer necessary;
3.2.2. Consent was withdrawn;
3.2.3. An objection to marketing was raised;
3.2.4. Processing is unlawful;
3.2.5. Deletion is required by law;
3.2.6. Data was collected in relation to information society services.

3.3. The Controller may retain certain data (name, email) as necessary to establish, exercise, or defend legal claims or comply with legal obligations.

4. Right to restriction of processing – legal basis: Art. 18 GDPR.

4.1. The User may request restriction. This prevents the use of certain functionalities until the request is processed.
4.2. Applies if:

4.2.1. Accuracy is contested (restriction for up to 7 days);
4.2.2. Processing is unlawful, but User prefers restriction over deletion;
4.2.3. Data is no longer needed but required by User for claims;
4.2.4. An objection was raised (restriction while determining if Controller’s interests prevail).

5. Right of access to data – legal basis: Art. 15 GDPR.

5.1. The User may confirm if data is being processed and:

5.1.1. Gain access to data;
5.1.2. Receive info on purposes, categories, recipients, storage periods, rights, and security measures for non-EU transfers;
5.1.3. Obtain a copy of data.

6. Right to rectification – legal basis: Art. 16 GDPR.

6.1. The User may request immediate rectification or completion of data via email as per §1.

7. Right to data portability – legal basis: Art. 20 GDPR.

7.1. The User may receive their data in a .csv machine-readable format to transmit it to another controller.
7.2. Requests are fulfilled or refused within one month (extended by two months for complex cases with notification).

8. Users may submit complaints, inquiries, and requests regarding their rights.

Users have the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).

More info: www.uodo.gov.pl

§15.
Changes to the Privacy and Cookies Policy

The Privacy and Cookies Policy may change without individual notification. Questions should be directed to: info@accurategroup.pl.
Last modified: 07.03.2026.