Customy Website Privacy Policy

In this Privacy Policy we want to provide you with a detailed guide on the scope of information we collect, why we do it, how we process them and how to control it. If you want to know more about your right to privacy just drop us an email at

What is covered by this Privacy Policy and when it applies?

This Privacy Policy applies every time you use the website. If you don’t agree with this Privacy Policy, please refrain from using website.


Much has been said about GDPR, so not to bore you, we will point out the most important facts to have a common understanding:

Term Definition
User A person whose data are processed and who can be identified by those data; shortly speaking – you, as a user of this website
Data controller An entity which sets the rules on how data are processed, and is responsible for their processing in accordance with the law. As a principle, when you use the website, the Controller of your personal data is Smart Labs Sp. z o.o. (owner of the Customy brand), address contact: Chorzów 41-500, ul. Metalowców 13, Poland.
GDPR Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Personal data Any information relating to an identified or identifiable natural person (User). So it will be for example your name, surname, address, date of birth, phone number, e-mail address, information about your education and work experience, your photo and your IP address. It is of course a non-exhaustive list.
Cookies (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data stored on the User’s computer/devices by the web browser while browsing a website.

Your rights

As the Data controller, we respect your rights to:

  • object to the processing of your data – it means that in some cases you can demand to stop processing your Personal data; a detailed procedure on how to do it is available below;
  • access your data and obtain a copy of your data – it means that you can ask us what information about you Data controller has and request a copy of your Personal data;
  • correct your Personal data – (rectification) it means that if we process your inaccurate or incomplete personal data, we have to correct them upon your request;
  • erase your data, it means that you can request to delete your Personal data when it’s no longer needed or if processing it is unlawful;
  • restrict processing of your Personal data, it means that in some cases you can ask us to limit processing your data only to store it and not processing it for other purposes;
  • make a complaint with your local Data Protection Authority. Full list is available here:;
  • data portability – it means that you have right to receive your Personal data in a machine-readable format and you can ask us to send it to another data controller;


You must be aware that in some cases we may still process your Personal data, even if you have requested to delete them, for example to determine, pursue or defend claims (for the time necessary to fulfil these purposes).

Legal basis, purpose and retention

The purpose Legal basis for processing Period
For using the website and ensuring its proper operation The legal basis for personal data processing is the fulfillment of objectives following from legitimate interests pursued by the data controller (Article 6.1 (f) of GDPR) in this respect. 2 years from visiting website
Correspondence related to the inquiry via our contact form The legal basis for personal data processing is the fulfillment of objectives following from legitimate interests pursued by the data controller (Article 6.1 (f) of GDPR) in this respect. Providing data is voluntary but necessary to achieve the indicated purposes. Until the statute of limitations on civil law claims related to the correspondence.
To possibly establish and enforce claims or defend against them The legal basis of the processing is the legitimate interest of the data controller consisting of the protection of its rights (Article 6.1 (f) of GDPR) in this respect. 6 years from after the end of cooperation

Data Recipients

The Data controller will transfer personal data only to trusted recipients such as IT service providers, accountants, law firms, postal and courier companies (who process personal data on the controller’s behalf).

Security of the data

We apply technological and organisational means to secure your Personal data. Among others, the SSL (Secure Socket Layer) certificates shall be applied. Your data are as well collected and stored on a secured server. Moreover, the Personal data is secured by procedures of the hosting providers.

Transfer of Personal data to USA

Due to the fact that we use the services of Google LLC, your data may be transferred to the USA. We have concluded an agreement with Google LLC – the so-called Standard Contractual Clauses. This means that in accordance with the decision of the European Commission No. 2010/87 / EU of February 5, 2010, your personal data may be processed by this company in the USA. More information about the decision at:


Cookies are widely used by online service providers to facilitate and help to make the interaction between users and websites, mobile apps and online platforms faster and easier, as well as to provide reporting information. Cookies set by the website and/or mobile app and/or platform owner (in this case, Smart Labs Sp. z o.o.) are called “first party cookies”. Cookies set by parties other than the website and/or mobile app and/or platform owner are called “third party cookies”. Third party cookies enable third party features or functionality to be provided on or through the website and/or mobile app and/or platform (e.g. like analytics). The parties that set these third party cookies can recognise your computer or device both when it visits the website and/or mobile app and/or platform in question and also when it visits certain other websites and/or mobile apps and/or platforms.

Why we use cookies

We use first party and third party cookies for several reasons. Some cookies are required for technical reasons in order for our websites and/or App and/or website to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies also enable us to track and target the interests of our Users to enhance the experience on our website. Third parties serve cookies through our website for analytics and other purposes. This is described in more detail below.

What we use cookies for

On the this website, we cookies for the following purposes:

Administrator Cookie name Purposes of using cookies Retention
Universal Analytics (Google) with its registered office in the USA _ga _gali These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited. 2 years

How you can control and delete cookies

Most browsers offer the option of accepting or rejecting all cookies. You can easily change the cookies settings in the browser’s settings section. Please take into account that blocking all cookies may cause difficulties in operation or completely prevent the use of some of our website functionalities. Managing and deleting cookies varies depending on the browser used. Detailed information on this subject can be obtained by using the Help function in the browser or by visiting the website which step by step explains how to control and delete cookies in most browsers. You can see information about individual browsers at:
  • Google Chrome
  • Microsoft Edge
  • Mozilla Firefox
  • Microsoft Internet Explorer
  • Opera
  • Apple Safari

Personal data vs. cookies mechanism

Information obtained through the cookies mechanism and operational data may constitute personal data within the meaning of GDPR in certain exceptional situations (for example IP address). Such personal data are processed only to the extent that is necessary for the correct display of the page and provision of the Services. Basis for processing of data collected through “Essential” cookies and operational data is the so-called legitimate interest of the Service administrator (Article. 6.1. (f) of GDPR). To this end, the following may occur:
  • occasional analysis of log files to determine: which browsers are used by site visitors, which bookmarks, pages or subpages are most or least frequently visited or viewed, whether the page structure has no errors;
  • prevention of unauthorised access to the website and distribution of malicious codes, interruption of denial of service attacks, as well as prevention of damage to computer systems and electronic communication systems
You have the right to object to such processing. However, if you agree for the use of “optional” cookies (e.g. provided by Google Analytics), the basis for data processing is your consent (Article 6.1. (a) of GDPR). You can withdraw your consent and delete cookies at any time (by clicking on the appropriate opt-out links provided in the cookie table above.). Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Obtained data will be deleted or anonymised no later than the expiry of the limitation period for potential claims related to the use of the website or sooner if you object effectively or withdraw consent.

Information about voluntary or obligatory data provision

Providing data is voluntary, although it is necessary to fulfil any commitments or execute the contract. Without providing your personal data committing or executing the contract will be impossible.

© copyright 2021 Smart Labs sp. z o.o.