This privacy and cookie policy defines the rules and technologies for the processing, storage and protection of personal data of users of the website . In this document you will find information about what tools and technologies we use and how we ensure confidentiality and protection of personal data.

Therefore, before using the website, please read this Privacy and Cookie Policy.


The owner of the website and the administrator of your personal data is Worktoday Sp. z o. o. with headquarters in Bydgoszcz, REGON 364192084, NIP 9562316919.

As the Administrator, the company takes care of personal data and undertakes to ensure their confidentiality and protection.

The user is each person who uses the website under the domain (hereinafter – the Website).

The purpose of this privacy and cookie policy is to inform users about how the Administrator collects, processes and ensures the protection of personal data, and meets the requirements of the GDPR (Article 13 (1) and (2), Article 24 of the GDPR).

GDPR is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

According to the GDPR:

– personal data is information about an identified or identifiable natural person, the data subject (Article 4 (1) of the GDPR);

– “processing” is an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, disseminating or any other type of sharing, adjusting or combining, limiting, deleting or destroying (Article 4 (2) of the GDPR).


This privacy and cookie policy sets out the rules for collecting and storing personal data:

  • which are collected automatically using cookies (Google Analytics)
  • which are provided by the User who, by completing the contact form, consented to the processing of personal data in accordance with art. 4 sec. 11, art. 6 sec. 1 lit. a, art. 7 GDPR.

Using cookies, we automatically collect data related to:

  • User’s device and web browser,
  • its IP address and time zone
  • gender, age and interests.

In addition, we automatically collect information:

  • about pages or phrases entered in the search engine that referred the User to our Website
  • on how Users use the Website
  • about individual pages browsed by Users.

The above-mentioned statistical data, which are collected using cookies, are not collected in a way that makes it possible to identify a specific User of the Website (Article 11 of the GDPR), unless the data subject provides additional information enabling him to be identified.

Users can visit our Site without providing us with their identity or providing any information that could identify them as a specific, identifiable person.

However, the provision of personal data by the User is necessary if he wants to contact the Administrator by filling out the contact form available at this link . In this case, the User provides such personal data as:

– e-mail address,

– name,

– telephone number (optional).


Our overriding priority is to ensure the security of user data. Therefore, we process personal data only to the extent necessary, in accordance with the principles set out in art. 5 GDPR.

Information collected automatically is used only for:

– efficient administration of the Website and identification of potential abuse cases

– compiling statistical data on the use of our Website, including the analysis of Users’ behavior on the Website

– planning marketing activities, including improving and adjusting the content of the Website to the needs of users, as well as configuring and personalizing advertisements.

The period of storing data that is collected automatically using Google Analytics is 2 months.

Personal data provided by Users when filling in the contact form are used for:

  • establishing e-mail or telephone contact at the User’s request
  • sending answers to Users’ questions and commercial offers
  • concluding or performing concluded contracts, including issuing invoices and bills, considering complaints or claims.

In addition, the processing of personal data provided by the User is necessary in situations where claims are made.

The storage and processing of personal data provided by the User takes place:

  • for the duration of the achievement of specific goals or the implementation of services
  • for the period required by law (if the Administrator’s obligations arise in accordance with tax law, commercial law).

The user may at any time withdraw his consent to the processing of personal data. However, taking into account the Administrator’s right to defend himself against claims, he reserves the right to store this personal data until the expiry of the limitation period for claims.


The processing of users’ personal data by the Administrator takes place only in cases where the User has consented to it (Article 6 (1) (a), Article 7 of the GDPR).

Meeting the requirements of the GDPR, the Controller processes personal data on the basis of:

  • 6 sec. 1, lit. b GDPR – to perform a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract
  • 6 sec. 1, lit. c GDPR – to fulfill the legal obligation incumbent on the administrator (especially obligations arising from the provisions of tax law and commercial law);
  • 6 sec. 1, lit. f GDPR – for purposes resulting from the legitimate interests pursued by the administrator (it is about establishing or defending against claims, collecting statistical data to improve the services and development of the Website).

Any information we collect, use or receive will be disclosed where required or lawful, for example to comply with a subpoena or similar legal process, and where we have a good faith belief that disclosure is necessary to protect our rights, your safety or the safety of others, to detect fraud or in response to a request from governmental authorities.


Each User has the following rights related to personal data:

  • Right to information – Art. 15 GDPR.
  • The right to correct data – art. 16 GDPR.
  • The right to delete data – Article 17 of the GDPR.
  • The right to limit data processing – art. 18 GDPR.
  • Right to object – art. 21 GDPR.
  • Rights relating to the automation of decision-making and profiling – art. 22 GDPR
  • The right to withdraw consent to the processing of personal data – art. 7 sec. 3 GDPR

Each User may exercise these rights by contacting the Administrator via the email address .

In addition, the User has the right to lodge a complaint with the supervisory body in accordance with the Personal Data Protection Act.


The administrator ensures the security of information provided by the User on computer servers in a controlled, secure environment, protected against unauthorized access, use or disclosure.

As part of the control and supervision, the Administrator uses appropriate administrative, technical and physical security measures to protect against unauthorized access, use, modification and disclosure of personal data.

  • The website is hosted on a server with advanced anti-DDoS protection, which ensures the website’s security and detection of repetitive attack patterns
  • The SSL certificate ensures the confidentiality of data transmission sent by the Website
  • Only persons authorized to process them have access to users’ personal data
  • The administrator uses only the services of such processors that provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing meets the requirements of the GDPR and protects the rights of the data subjects.

That is why we use Google services:

  • Google Analytics – to collect statistical and analytical data,
  • Gmail – for handling electronic mail.

Google’s privacy policy is available at


Our Website may contain links to other websites that are not owned or supervised by us.

Please be advised that we are not responsible for other websites or their privacy practices. For this reason, we encourage you to consciously leave our website and read the privacy policy of each website that may collect personal data.


The administrator independently performs the duties related to the processing and protection of personal data.

Any User who wants to contact the Administrator to obtain more information about this Privacy Policy or in any matter related to the processing of his personal data, may send an e-mail to .

Pursuant to Art. 12 sec. 3 GDPR, the Administrator is obliged to provide the User to whom the data relates, within one month of receiving the message, information about the actions taken in connection with the User’s request.

Date of updating this Privacy and cookie policy: 20/02/2022