Privacy Policy

Privacy Policy




This Privacy Policy sets out the rules for the processing of personal data via the website available at (hereinafter: the Website) and the use of cookies.



2 Administrator and contact details

  1. The administrator of personal data of the Website Users is IBI HOLDINGS TRUST limited  liability company with its seat in Warsaw, ul. Złota 59, 00-120 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register under the number 0000799206, NIP 7010940174, REGON 384108599, share capital PLN 5,000. (hereinafter: Administrator).
  2. In the matter of personal data protection, Website Users may contact the Administrator at the following addresses:
    1. address: Złota 59, 00-120 Warsaw,
    2. e-mail: ,
    3. tel: +48 22 490 48 75.


3 Processed data


  1. Website users remain anonymous until they voluntarily provide their personal data.
  2. If the User uses the Website, the information contained in the system logs (e.g. IP address) is used by the Administrator for technical purposes related to the operation of the Website and for statistical purposes.
  3. Using the contact form on the Website requires the inclusion of personal data in the form of company name, tax identification number, land and mortgage register number and real estate address, name, telephone number and e-mail address.


4 Purposes and legal grounds for data processing


  1. The Administrator processes the personal data of the Website Users in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95 / 46 / EC (hereinafter GDPR) and the Act of 10 May 2018 on the protection of personal data (Journal of Laws 2019, item 1781, i.e. as amended).
  2. The administrator processes personal data for the purpose of:
    1. enabling the Administrator to contact the Website User contacting the Administrator via the contact form, including sending a reply (legal basis: Article 6 (1) letter f) of the GDPR),
    2. if an agreement is concluded with the Administrator – enabling the Administrator to correctly perform the agreement (legal basis: Article 6 (1) (b) of the GDPR),
    3. if an agreement is concluded with the Administrator – implementation of the obligations incumbent on the Administrator under applicable law (legal basis: Article 6 (1) (c) of the GDPR),
    4. if an agreement is concluded with the Administrator – receiving marketing information after prior consent has been given (legal basis: Article 6 (1) (a) of the GDPR),
    5. if a contract is concluded with the Administrator – possible pursuit of civil law claims or defense against such claims (legal basis: Article 6 (1) (f) of the GDPR),
    6. data of representatives and employees of clients for the purpose of considering the loan application, submitting the offer, possible conclusion and performance of the contract (legal basis: Article 6 (1) (f) of the GDPR),
    7. statistical analyzes (legal basis: Article 6 (1) (f) of the GDPR).
  3. The provision of his data by the User is voluntary, however necessary to contact the Administrator. Failure to provide data will prevent the Administrator from contacting and providing a response.


5 Method of processing personal data


  1. Personal data is processed:
    1. in accordance with the provisions on the protection of personal data and the GDPR,
    2. in accordance with the implemented internal procedures for the protection of personal data,
    3. to the extent necessary to answer or conclude, shape the content of the contract, change or terminate it,
    4. to the extent necessary to fulfill legally justified purposes, and the processing does not violate the rights and freedoms of the data subject.
  2. Personal data is processed mainly in electronic and / or paper form, by saving, processing, archiving and transferring data, also with the use of IT tools. The tools and media used in the data processing process ensure the security and confidentiality of data.
  3. The data is not profiled (however, when recognizing the loan application, the Administrator may use the profiling results provided by the Economic Information Bureau or the Credit Information Bureau).
  4. The decision is not made automatically.


6 Sharing and entrusting personal data


  1. Administrator has the right to share personal data with entities authorized under the applicable law (e.g. law enforcement authorities or other persons to the extent necessary to comply with the law).
  2. Personal data may be disclosed to the Administrator’s employees or associates, as well as entities providing support to the Administrator on the basis of outsourced services and in accordance with the entrustment agreements concluded (e.g. software suppliers, suppliers in the areas of: accounting, hosting, website management), entities providing postal services, courier.
  3. Each of the above-mentioned entities will be selected with due diligence in terms of their trust in the market, ensuring the security of personal data, and in addition, the obligations imposed on them through contracts concluded with
  4. In the event of the planned transfer of data to entities other than the above-mentioned, the User will be notified and asked for consent.
  5. The data may be transferred outside the European Union only if the necessity will result from the contract concluded with the User, only after applying the appropriate guarantees required by applicable law.


7 Personal data storage period


  1. Personal data will be stored:
    1. in the field of communication: for the period necessary for the proper implementation of communication,
    2. within the scope of the contract: for the duration of the obligations arising from the contract concluded with the User or until the enforcement of the binding contract,
    3. in the scope of obligations under the law: until the cessation of legal obligations (including requests from authorities),
    4. in the field of marketing: until the consent is withdrawn,
    5. in the scope of claims: until disputes are resolved, security is maintained, and fraud is prevented,
    6. for statistics: over a period of 2 years.
  2. Personal data of persons who do not use the contact form on the Website will be stored for the period of having cookies saved on the devices. Details of the use of cookies can be found in § 10 and following of this Privacy Policy.


8 Data protection


  1. The Administrator takes special care to respect the privacy of the Website Users.
  2. Data protection is carried out in accordance with the requirements of generally applicable law, and their storage takes place on secured servers.
  3. The data is stored and processed by the Administrator with appropriate security measures.
  4. Administratorundertakes:
    1. ensure the accuracy and updating of processed data,
    2. apply security measures to ensure adequate data protection due to the possible impact of processing on the rights and freedoms of the User,
    3. notify the User, within the time limits and cases provided for in applicable law, of any breach of personal data,
    4. guarantee the compliance of processing operations with the law.


9 Permissions


  1. The user has the right to:
    1. access to the content of their data – the User has the right to obtain confirmation whether Administrator processes his data, and if so, to obtain information about what data is processed, for what purposes, whether the data is transferred to recipients, for what period of time it is stored, and to obtain information about its rights,
    2. to correct and rectify data – the data will be immediately rectified or corrected in the event of a request by the User, when the data is incomplete, the User may submit supplementary data,
    3. request deletion of data in cases provided for by law (the right to “be forgotten”) – despite the request to delete Administrator may keep certain personal data to the extent necessary for the purposes of establishing, investigating or defending claims or ensuring security and possible investigation of a possible fraud or other breach,
    4. withdrawal of consent to the processing of personal data at any time – withdrawal of consent has effect from its implementation, without affecting the lawfulness of the processing which was carried out on the basis of consent before its withdrawal; withdrawal does not entail any negative consequences for the User,
    5. restrict data processing by Administrator, when the User:
      1. questions the correctness of their personal data –Administrator limits their processing for the time necessary to verify the correctness of data,
      2. in his opinion, the processing of his data is illegal,
  • personal data are no longer necessary for the purposes Administrator, but the person needs them in order to establish, exercise or defend claims,
  1. he objected to the processing of data by Administrator- the restriction takes place for the time necessary to recognize the objection,
  1. transferring data to other administrators – the User has the right to receive his personal data that he has provided Administrator and then send them to another administrator of your choice, at the request of the User, the transfer will be made directly by Administrator another administrator, if technically possible,
  2. object to data processing at any time – objecting is possible if the Administrator processes the User’s data based on his legitimate interest; objecting is possible for reasons related to the particular situation of the User. In the case of direct marketing, an objection may be raised regardless of the User’s situation,
  3. lodge a complaint to the President of the Personal Data Protection Office if it is found that the processing of data by Administrator violates the provisions of national and EU law on the protection of personal data.
  1. In the event of exercising the rights, the User may contact Administrator via the contact details contained in § 2 para. 2 of this Privacy Policy.
  2. If the User exercises his rights Administrator complies with the request or refuses to comply with it within one month. However, if due to the complexity of the request or the number of requests, the above deadline cannot be met Administrator will inform you about the extension of the deadline by up to two more months and the reasons for the extension.



10 Consent to use cookies


  1. By using the Website, the User agrees to the use of cookies and other similar technologies in accordance with this Privacy Policy.
  2. If the User does not agree to use by Administrator cookies and / or other similar technologies, should change the settings of your browser in an appropriate manner or resign from using the Website.


11 What are cookies


  1. Cookies are small files sent by the Website server, saved and stored on Users’ devices (computer, tablet or smartphone) while the User visits various websites on the Internet. A cookie usually contains the name of the website it comes from, the cookie’s “lifespan” (that is, its lifetime) and a randomly generated unique number used to identify the browser from which the website is connected. When the browser reconnects with the website, the website recognizes the type of device from which the User connects. The parameters allow the information contained in them to be read only by the server that created them. Cookies therefore facilitate the use of previously visited sites.
  2. The collected information concerns: IP address, type of browser used, language, type of operating system, Internet service provider, information about time and date, location and information sent to the website via the contact form.
  3. The following cookies are used on the Website:
    1. “Necessary” – enabling the use of the Website,
    2. “Performance” – enabling the collection of information about the way of use Service,
    3. “Functional” – enabling “remembering” the settings selected by the User and personalization, e.g. in the scope of the selected language,
    4. “Advertising” – enabling the delivery of targeted advertising content to Users
  4. The cookie mechanism is safe for Users’ devices. In particular, it is not possible for viruses or other unwanted software or malware to enter Users’ devices in this way.


12 What do we use cookies for


  1. The administrator uses cookies for various purposes:
    1. ensure proper operation Service and its safety,
    2. content customization Service to the User’s preferences,
    3. optimizing the use of Service and improving the functioning Service,
    4. monitoring and checking how Users use Service,
    5. collecting anonymous, aggregated statistics.
  2. Cookies allow you to recognize the basic parameters of the User’s device, such as the type of device, screen resolution, country from which the Website is accessed, thanks to which it is possible to properly display the Website.
  3. The website contains links and links to other websites. The administrator is not responsible for the privacy protection rules applicable to them.


13 How long are data stored in cookies


  1. The Website uses two types of cookies – session cookies and persistent cookies.
  2. Session cookies remain on the User’s device only while using the Website.
  3. Permanent cookies remain on the User’s device as long as they have the “lifetime” set or until they are deleted.


14 Use of third party cookies


When using the Website, the User may receive cookies from third parties cooperating with the Administrator, such as, for example, Facebook, Instagram. More information on these cookies can be found by the User on the websites of these entities.


15 How to change browser settings or delete cookies


  1. Most web browsers are set to automatically accept cookies. However, you can change your browser settings to block cookies – in whole or in part.
  2. If the User blocks the cookies used by the Administrator, it may have a negative impact on the convenience of using the Website, e.g. the User will not be able to visit certain areas of the Website. It will also prevent the collection of anonymous information on the use of the Website in order to improve the content.





  1. About any changes or additions to the Privacy Policy Administrator will inform Users by posting information on the Website, and in the case of significant changes also through separate notifications to the e-mail address provided by the Users.
  2. The privacy policy does not limit any rights of Users in accordance with the law.
  3. Questions related to the Privacy Policy should be directed to the data indicated in § 2 para. 2 of this Privacy Policy.
Contact Us

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean vel est imperdiet, bibendum purus sit amet, vestibulum


      We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. if you continue to use this site, you consent to our use of cookies.