Privacy Policy

Privacy Policy 

(updated on 10.03.2025) 

This document contains information regarding the processing of your personal data by: 

Buglo Play Sp. z o.o.
BoWiD 4
75-209 Koszalin 

(hereinafter referred to as the “Company”) in connection with the use of services available on the website buglo.pl (hereinafter referred to as the “Website”), as well as in connection with establishing or maintaining contact with the Company through other communication channels, including email, telephone calls, or traditional postal correspondence.

1. Conditions for Processing Personal Data 

Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR” or “General Data Protection Regulation”), we inform you that: 

1. BUGLO Play Sp. z o.o., with its registered office at Bojowników o Wolność i Demokrację 4, Koszalin (75-209), is the controller of personal data obtained when users access the Website. Users’ personal data is processed in accordance with the principles of the General Data Protection Regulation of 27 April 2016 (hereinafter referred to as the “GDPR”) and other applicable regulations. 
2. Compliance with data protection rules is supervised by the designated Data Protection Officer, who can be contacted via email at iod@buglo.pl. 
3. Personal data will be processed for the following purposes and based on the following legal grounds: 

Purpose of Data Processing Legal Basis for Data Processing 

Taking actions aimed at entering into a contract 

Art. 6(1)(b) GDPR (taking actions at the request of the data subject prior to entering into a contract and performance

Entering into and executing cooperation agreements 

Conducting recruitment processes for a specified position, contacting selected candidates 

Conducting promotional and marketing activities, including via electronic communication tools (e.g., email). Selected communication methods, such as sending newsletters, may require obtaining additional consent under separate legal provisions. 

of a contract) – concerning the ordering party 

Art. 6(1)(f) GDPR (legitimate interest – contact with representatives of clients and suppliers) 

Art. 6(1)(b) GDPR (conclusion and execution of a contract) – concerning the contracting parties, e.g., client, supplier 

Art. 6(1)(f) GDPR (legitimate interest of the Controller – ensuring contact with persons executing the contract or order) – concerning representatives and persons responsible for contract execution (contact persons on the client’s or supplier’s side) 

Art. 6(1)(a) GDPR (consent – expressed through a clear affirmative action, i.e., submitting application documents) in cases where the candidate provides more data than required by law or consents to retaining their data for future recruitment processes 

Art. 6(1)(b) GDPR (taking actions at the request of the data subject prior to entering into a contract) 

Art. 6(1)(f) GDPR (legitimate interest – direct marketing of own services)

Handling complaint procedures Art. 6(1)(b) GDPR (taking actions at the request of the data subject related to 

complaints in accordance with the contract) 

Art. 6(1)(c) GDPR (legal obligation of the 

controller) – handling complaints in 

accordance with the provisions of the 

Civil Code concerning warranty for 

defects and quality guarantees 

Receiving inquiries and providing responses (via the form available on the Website or via email, phone, or postal contact) 

Conducting analytical and statistical activities related to user activity on the Website via cookies or similar 

technologies. The installation of cookies for this purpose may require obtaining additional user consent under separate legal provisions. 

Pursuing claims and taking actions related to debt collection, as well as defending against claims 

Organizing promotional events, including webinars, conferences, trade fairs 

Processing employee images and other categories of individuals 

Art. 6(1)(f) GDPR (legitimate interest – ensuring contact with the Controller, receiving inquiries regarding offered goods and/or services, and providing responses) 

Art. 6(1)(f) GDPR (legitimate interest – conducting analytical and statistical activities concerning the Website to develop and improve services) 

Art. 6(1)(f) GDPR (legitimate interest – establishing, pursuing claims, taking debt collection actions, defending against claims) 

Art. 6(1)(f) GDPR (legitimate interest – promoting the Company and its employees, publishing materials from events) 

Art. 6(1)(f) GDPR (legitimate interest – publishing images based on consent)

4. Recipients of Personal Data 

The recipients of personal data will include entities providing services to the Controller, in particular IT service providers, hosting service providers, mailing service providers, tool providers used by the Website [MR2], as well as other entities providing services under a data processing agreement. The recipients of your data may also include entities authorized to receive data under legal provisions. 

5. Processing of Contact Data for Business Relations 

If you are a representative of our client or supplier, the Controller will process your contact details (e.g., name, surname, place of employment, email address, phone number, job title) in connection with the ongoing cooperation or in order to establish cooperation. If we did not obtain this data directly from you, we received it from our client or supplier for whom you act as a representative. 

6. Data Retention Period 

Personal data will be stored: 

for the duration of the contract/order, cooperation, or use of services, for the period of correspondence or maintaining contact, 

until an objection to data processing is raised – if data processing is based on legitimate interest (as described in Section 3 above), 

until consent is withdrawn – if data processing is based on consent. 

After the above-mentioned periods, personal data will be stored for the time required by applicable legal provisions or for the limitation period of potential claims, after which it will be deleted. 

7. Rights Related to Personal Data Processing 

In connection with the processing of personal data, you have the following rights: 

The right to withdraw consent, the right to access data, the right to rectify data, the right to delete data, the right to restrict data processing, and the right to data portability.

The right to object to data processing – if your personal data is processed based on legitimate interest and under the conditions specified in the General Data Protection Regulation. 

The right to lodge a complaint with the supervisory authority (President of the Personal Data Protection Office) if you believe that the processing of your personal data violates the provisions of the General Data Protection Regulation. 

All the above rights apply within the scope provided by the GDPR. These rights can be exercised by submitting a request to the Controller’s registered office or, in the case of email contact, by sending a request to iod@buglo.pl [MR3]. 

8. Obligation to Provide Personal Data 

Providing personal data is mandatory when required by applicable legal provisions. Providing data for the purposes of other objectives (described in Section 3) is voluntary but may be necessary for their realization, such as responding to an inquiry, ordering a service, entering into and executing a contract, or using the Website.

2. Cookies Policy 

2. When visiting the Website (hereinafter also referred to as the “Service”), we may collect information from users such as cookie identifiers and data gathered via cookies or other similar technologies. 
3. Cookies are IT data, particularly text files, that are stored on the user’s device and intended for use on the Website. Cookies usually contain the name of the website they originate from, the duration of their storage on the user’s device, and a unique identifier. 
4. Cookie identifiers, as well as information collected via cookies or other similar technologies, may, in certain situations, constitute personal data. 
5. The entity placing cookies on the user’s device and gaining access to them is the Website operator, i.e., [operator’s name]. 
6. Cookies are used for the following purposes: 

○ Enabling users to utilize the Website and ensuring its proper functionality (Necessary Cookies); 

○ Creating statistics that help understand how users interact with the Website, allowing for improvements in its structure and content (Analytical Cookies).

6. The Website uses two primary types of cookies: “session” cookies and “persistent” cookies. 

○ Session cookies are temporary files stored on the user’s device until they leave the Website or close their web browser. 

○ Persistent cookies are stored on the user’s device for a period specified in the cookie parameters or until they are deleted by the user. 

7. The Website uses the following types of cookies: 
   

Nam e 

Validity Period 

Purpose 

_fbp 3 months Facebook Pixel cookie that tracks user actions, optimizes ads, and enables remarketing. [MR4] 

When visiting the Website for the first time, a banner will be displayed informing the user about the use of cookies and allowing cookie management. The user can manage which cookies are installed on their device by granting consent to all categories of cookies or only selected ones. Consent can also be withdrawn at any time by clicking the “Reject” button. 

○ If the user accepts the installation of all categories of cookies, they should click “Accept all”. 

○ To manage cookie settings for specific categories, the user should click “Customize”, adjust the corresponding switch on the cookie banner, and then click “Save and close”. 

○ The “Cookie Settings” button is located in the bottom left corner of the Website. 

○ Managing cookie settings does not apply to necessary cookies, which cannot be disabled or rejected. [MR5] 

9. Users can also change their cookie settings at any time via their web browser settings. By default, web browsers allow cookies to be stored on the user’s device. These settings can be modified to block the automatic handling of cookies or notify the user each time cookies are stored on their device. Detailed information on how to manage cookie settings can be found in the web browser settings. 
10. Analytical and Marketing Tools Used by the Website [MR6]

Please note that third parties (including Facebook, Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland – hereinafter “Facebook” – and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland – hereinafter “Google”) may use cookies and similar technologies to collect or receive information from the Website or other locations on the Internet and use that information to provide measurement and targeted advertising services. 

By managing cookie settings, you can decide whether to allow the collection and use of information for targeted advertising. 

Google Analytics 

The Website uses Google Analytics, a web analytics service that provides insight into traffic and data flows on the Website, offered by Google. This tool is used to generate statistics to tailor Website content to user preferences and continuously optimize it. 

You can prevent cookies from being installed by adjusting your web browser settings. Additionally, you can prevent Google from collecting data via cookies and analyzing your use of the Website by installing a Google Analytics opt-out browser add-on available [here]. More information about Google Analytics is available [here]. 

Since the Website uses Google Analytics, personal data obtained through the Website may be transferred outside the European Economic Area (EEA). Such data transfers are carried out based on standard contractual clauses concluded between the Controller and the tool provider. You are encouraged to review the data processing agreement, including the standard contractual clauses, which form part of it. 

Information on how Google processes data collected through partner websites and applications is available [here]. 

Google AdWords 

This tool enables the measurement of advertising campaign effectiveness and allows for the analysis of collected data. Google AdWords makes it possible to display advertisements to individuals who have previously visited the Website. Information on data processing by Google in relation to Google AdWords is available [here]. 

Facebook Business Tools 

By using Facebook Business Tools, we act as joint controllers with Facebook within the meaning of Article 26(1) GDPR. This joint controllership is based on agreements that define the respective responsibilities of each party in ensuring GDPR compliance. According to these agreements, we are responsible for providing you with the following information: 

• The use of business tools is based on our and our trusted partners’ legitimate interest (Article 6(1)(f) GDPR), which consists of conducting marketing activities (behavioral advertising) and measuring ad effectiveness. 
• More information about data processing can be found in Facebook’s Data Policy here.
• Facebook is responsible for ensuring data subject rights under Articles 15–20 GDPR in relation to personal data stored by Facebook after joint processing. 

Facebook also acts as our data processor, which means that it may transfer personal data outside the EEA. Such transfers are conducted based on standard contractual clauses. 

You can manage privacy settings from within your Facebook account. Facebook Pixel 

Facebook Pixel is an analytics tool available on Facebook, helping measure the effectiveness of ads by analyzing user actions taken on the Website. It is provided by Facebook, Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) and enables personalized ad targeting within Facebook. 

Other Third-Party Tools 

The Website also uses tools such as: 

• HubSpot – A marketing automation tool for managing content, SEO, social media marketing, and analytics. 
• Hotjar – A behavior analytics tool that records user interactions on the Website. ● LinkedIn Insight Tag – A tracking tool used to analyze conversions, retarget, and gain insights about Website visitors. 

More details about these tools and how they process data are available in their respective privacy policies: 

• HubSpot Privacy Policy 
• Hotjar Privacy Policy here
• LinkedIn Privacy Policy here

Social Media Platforms 

BUGLO Play Sp. z o.o. processes the data of Users visiting company profiles maintained on social media platforms. As part of managing these profiles, we act as joint controllers of your personal data together with the operators of social media platforms. 

Personal data is processed solely in connection with managing the profiles, including informing Users about company activities and initiatives, promoting its products, services, and organized events, as well as maintaining contact and interaction with Users. The legal basis for data processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR), which consists of marketing activities and ensuring interaction with Users. 

The Controller processes only personal data that has been marked as publicly available by the User. The processing of other personal data is carried out by the social media platforms and is subject to the terms and conditions outlined in their respective privacy policies.

You can find our profiles on: 

• Facebook 

In this case, the joint controller of the data is Meta Platforms Ireland Limited – you can find its privacy policy at: https://www.facebook.com/privacy 

• Instagram 

In this case, the joint controller of the data is Meta Platforms Ireland Limited – you can find its privacy policy at: 

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_ redirect 

• LinkedIn 

In this case, the joint controller of the data is LinkedIn Ireland Unlimited Company – you can find its privacy policy at: https://pl.linkedin.com/legal/privacy-policy 

• YouTube 

In this case, the joint controller of the data is Google Ireland Limited – you can find its privacy policy at: https://policies.google.com/privacy 

The Website Operator – BUGLO Play Sp. z o.o. reserves the right to modify the Privacy Policy and Cookies Policy. Any changes will be published on the Website.