Privacy Policy

Use of the website implies acceptance of the following terms of the Privacy Policy and Cookies Policy.

The Privacy Policy is for information purposes and serves satisfaction of information obligations imposed on the personal data controller under the GDPR, i.e. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

  1. This Privacy Policy and Cookies Policy sets out the rules for the processing and protection of personal data provided by Users and Cookies, as well as other technologies appearing on the website.
  2. If you have any concerns regarding the provisions of this Privacy Policy and the Cookies Policy, please contact the Data Controller via e-mail at
  3. The Data Controller reserves the right to make changes to the privacy policy, and each User of the Site is obliged to know the current privacy policy. The reason for changes may be the development of Internet technology, changes in generally applicable law or the development of the Site.


„ Data Controller” – The Controller of Customers’ personal data is the Seller, i.e. Mirosław Osowiecki, pursuing a business activity under the business name KIM Mirosław Osowiecki, address: Sosnkowskiego 33, 02-495 Warsaw, on the basis of an entry in the Central Registration and Information on Business (CEIDG), Tax Identification Number NIP: 5221918408, National Business Registry Number REGON 011804520

Contact with the Data Controller can be made by email through the email address:

„Personal Data” – all information about a natural person identified or identifiable by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity, including, if personally identifiable, the device’s IP, location data, online identifier, and information collected through cookies and other similar technologies

“Privacy Policy” – this Privacy Policy.

„GDPR” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

“User” – any entity staying on the site and using it

“Site” – the website maintained by the Data Controller located at



The Data Controller uses three types of form within the Site:

  1. Contact form – allows you to send a message to the Data Controller. Data is processed by the Data Controller in accordance with this Privacy Policy in order to contact the User.
  2. Interior design offer form – allows you to send a message to the Data Controller. Data is processed by the Data Controller in accordance with this Privacy Policy in order to contact the User about preparing an offer for an interior design in the variants selected by the User.
  3. Consultation scope form – allows you to send a message to the Data Controller. Data is processed by the Data Controller in accordance with this Privacy Policy in order to contact the User about the scope of consultation expected by the User.


  1. The purpose and scope of processed personal data are determined by the scope of data completed by the Customer and sent to the Seller means of a relevant form. Processing Customer’s personal data may pertain to his/her e-mail address, first and last name, address, phone number, computer IP address, Tax Identification Number NIP, data collected by Google Tag Manager, Google Analytics, Facebook Pixel and other data necessary for provision of services by the Seller. Due to the nature of services provided by the Seller, they cannot be provided anonymously.
  2. Providing personal data is voluntary, but as a result of lack of consent to process the personal data marked as obligatory the Seller will be prevented from performing the services and agreements, in particular it will prevent creation of an Account and performance of Sales Agreements.
  3. Personal data of Customers are processed for the following purposes
    1. implementation of legal provisions—the legal basis is the statutory authorisation to process data necessary to act in line with the law (Article 6.1(c) of the GDPR);
    2. marketing actions of the Seller—the legal basis is a legitimate interest of the Data Controller (Article 6.1.(f) of the GDPR), which involves direct marketing or voluntary consent of the Customer (Article 6.1(a) of the GDPR);
    3. analytical and statistical purposes—the legal basis is a legitimate interest of the Data Controller (Article 6.1.(f) of the GDPR), which involves conducting analyses of Customers’ activity and manner in which they use the Store as well as their preferences, for the purpose of improving the used functionalities.
    4. in the case of queries sent to the Seller—for the purpose of handling sender’s query—the legal basis is the necessity for performance of an agreement for provision of a service (Article 6.1(b) of the GDPR).
  4. The User shall at any time have the right to access the content of his/her data and the ability to correct, rectify or request restriction of their processing. The User’s consent may be revoked at any time, which will result in the removal of the e-mail address from the Data Controller’s resources. The User has the right to portability of his personal data and to lodge a complaint with the President of the DPA.


  1. In the case of marketing actions, Customer’s personal data will be processed until the Customer withdraws the consent or raises an objection, and thereafter they will be stored only for the purpose of defence against any possible claim of the data subject.
  2. Upon the lapse of the above mentioned time, personal data will be deleted, unless their processing is necessary under another legal basis.


  1. The Seller will transfer data to third countries, i.e. beyond the European Economic Area: to the United States on the basis of the Commission Implementing Decision of 12 July 2016 introducing the so-called Privacy Shield (under this decision data will be transferred only to certified entities, as a result of which those entities are obliged to appropriately secure personal data), and to other countries, only on the basis of standard contractual clauses under which the entities which will receive those data are obliged to appropriately secure them.


  1. The Seller will also carry out profiling for the purposes of marketing, market research, improving services and Online Store, by analysing Customers’ behaviour in the Store, in order to adjust the Store to Customers’ preferences. Such profiling will result in automatic assessment of Products the Customer may be interested in, also within the frames of the website of the Seller’s Store, as well as display of personalised advertisements of Products. At the same time, profiling carried out by the Seller will not result in making decisions against the Customer with a legal or similarly significant effect on the Customer.
  2. The Customer may raise an objection against such profiling at any time by sending an e-mail to


  1. Personal data of Customers may be transferred for processing only for the purpose of performance of agreements for provision of services by electronic means by the Seller and Sales Agreements to the following entities: a hosting company maintaining the Store, a company providing accounting services to the Seller, a company providing e-mail services, the provider of a payment system, a legal firm and a courier mail company,
  2. Personal data collected by the Seller may also be disclosed to: competent state bodies upon their request on the basis of relevant provisions of law, or other persons and entities—in the cases prescribed in the provisions of law.
  3. Each entity to which the Seller transfers Customers’ personal data for processing on the basis of a personal data transfer agreement (“Transfer Agreement”) guarantees an adequate level of security and confidentiality of the processing of personal data. The entity processing Customer’s personal data on the basis of the Transfer Agreement may process Customer’s personal data through another entity only upon prior written consent of the Seller.
  4. Disclosing personal data to unauthorized entities under this Privacy Policy may take place only upon prior consent of the Customer to whom such data refer.


  1. The Online Store may store http enquiries, therefore files containing web server logs may store certain data, including the IP address of the computer sending the enquiry, the name of Customer’s station–identification through the http protocol, if possible, the date and system time of registration in the Store and receipt of the enquiry, the number of bytes sent by the server, the URL address of a site visited by the Customer before if the Customer has entered the Store through a link, details of the Customer’s browser, information on errors occurring by realization of the http transaction. Web server logs may be collected as material for the purposes of proper administration of the Online Store. Only persons authorized to administer the IT system have access to data. Files containing web server logs may be analyzed for the purposes of preparing statistics concerning traffic in the Store and occurring errors. Summary of such details does not identify the Customer.


  1. The Data Controller hereby informs that he has not appointed a Personal Data Protection Officer (ABI) and performs independently his duties under the Act of August 29, 1997 on Personal Data Protection (Journal of Laws of 2016, item 922, hereinafter referred to as “PDPA”).
  2. The Seller applies technological and organizational means in order to secure the processing of personal data corresponding to the threats and category of data to be secured, in particular, through technical and organizational means the Seller secures data against being published to unauthorized persons, taken over by an unauthorized person, processed in violation of the law and changed, lost, damaged or destroyed; among others the SSL (Secure Socket Layer) certificates are applied. The set of collected Customers’ personal data is stored on a secured server; moreover, the data are secured by Seller’s internal procedures related to the processing of personal data and information security policy.
  3. The Seller has also implemented appropriate technical and organizational means, such as pseudonymisation, designed to effectively enforce the data protection principles, such as data minimisation, and for the purpose of providing the processing with necessary safeguards, so as to meet the GDPR requirements and protect the rights of data subjects. The Seller implements all necessary technical measures as specified in Articles 25, 30, 32-34, 35–39 of the GDPR, providing for enhanced protection and security of the processing of Customers’ personal data.
  4. At the same time the Seller states that using the Internet and services provided by electronic means may pose specific teleinformatic threats, such as: presence and operation of worms, spyware or malware software, including viruses, as well as possibility of being exposed to cracking or phishing (fishing passwords) and other. In order to obtain detailed and professional information related to security in the Internet, the Seller recommends taking advice from entities specializing in such IT services.


  1. For the purposes of a correct operation of the Store, the Seller uses cookie support technology. Cookies are packages of information stored on a Customer’s device through the Online Store, usually containing information corresponding to the intended use of a particular file, by means of which the Customer uses the Online Store—these are usually: address of the Internet service, date of publishing, lifetime of a cookie, unique number and additional information corresponding to the intended use of a particular file.
  2. The Seller uses two types of cookies: session cookies, which are permanently deleted upon the closing of the session of the Customer’s browser, and permanent cookies, which remain on the Customer’s device after closing the session until they are deleted.
  3. It is not possible to identify the Customer on the basis of cookie files, whether session or permanent. The cookie mechanism prevents collection of any personal data.
  4. Cookies used in the Store are safe for the Customer’s device, in particular they prevent viruses or other software from breaking into to the device.
  5. Files generated directly by the Online Store may not be read by other Internet services. Third-party cookies (i.e. cookies provided by associates of the Seller) may be read by an external server.
  6. The Customer may individually change the cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. First and foremost, the Client may disable storing cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the Store.
  7. The Seller uses own cookies for the following purposes: authenticating the Customer in the Store and preserving Customer’s session; configuring the Store and adjusting the content of pages to Customer’s preferences, such as: recognizing Customer’s device, remembering settings set up by the Customer; ensuring security of data and use of the Online Store; analyses and researches of views, number of clicks and paths taken, number and frequency of visits in the Store, maintaining statistics; providing advertising services.
  8. The Seller uses third-party cookies for the following purposes:
Tool: Purpose of storing:
Google Tag Manager Control and management of the codes posted on the Site
Google Analytics
Analysis of traffic and behavior on the Site
Facebook Pixel Analyzing traffic to the Site and displaying Site ads on Facebook to users of the web portal Facebook who have shown an interest in the Site’s offerings or who have certain common ratios (such as interests in certain topics or goods determined by the websites they visit)
  1. Details concerning cookies support are available in the settings of the browser used by the Customer.


  1. In order to use the website it is necessary to have:
    1. a device with access to the Internet
    2. an active electronic mailbox that receives e-mail messages
    3. a web browser capable of displaying web pages.


  1. The Data Contoller shall not be liable for the use of the content of the Site or actions or omissions taken on the basis thereof.
  2. All materials (except those separately indicated on the Site), including elements of graphics, the composition of these elements, trademarks and others, available on the Site are the subject of exclusive rights, and in particular are the subject of copyright protection and industrial property rights. The use of materials made available on the Site in any form requires each time the consent of the Data Controller.

This Privacy Policy shall come into effect as of 18.01.2023 r.