Privacy policy

The purpose of this Privacy Policy is to explain the principles on which your personal data is processed and to discuss your basic rights related to the processing of your personal data.

Administrator of personal data
The administrator of personal data is the Institute of Behavioral Design & Sebastian Kotów, ul. Mokotowska 59, 00-542 Warsaw, NIP 6331883083, Mail: Personal data is processed according to the rules set out in the provisions on the protection of personal data, including Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement such data and the repeal of Directive 95/46 / EC (general regulation on data protection) (“RODO”) and Polish regulations issued in connection with the RODO, including the Act of 10 May 2018 on the protection of personal data. The Administrator keeps personal data confidential and protects them against unauthorized access by third parties on the terms specified in the above-mentioned legal acts.

Administrator of personal data
If you have any questions regarding data processing, please contact: Institute of Behavioral Design & Sebastian Kotów, ul. Mokotowska 59, 00-542 Warsaw, NIP 6331883083, Mail:

The scope and purposes of personal data processing
As part of their activities, personal data is collected and processed:
(a) for the purposes resulting from the legitimate interests pursued by the Administrator of personal data: to provide services to clients, marketing services of the Administrator, including to inform about new products offered by the Administrator and its activities (eg as part of the newsletter) as well as for analytical, statistical and telecommunication security purposes related to the Administrator’s website (legal basis of Article 6 (1) letter f) of the RODO);
(b) for the purpose of executing contracts concluded by the Administrator with clients, including organizing trainings, in order to cooperate with suppliers and other entities cooperating with the Administrator (legal basis of Article 6 (1) (b) of the GDPR);
(c) to recruit persons interested in working or cooperating with the Administrator (legal basis, respectively, Article 6 (1) (c) and Article 6 (1) (a) of the RODO);
We also process personal data to fulfill the legal obligations of the Administrator (legal basis of Article 6 (1) (c) of the RODO).

Your rights
The processing of your personal data takes place on a voluntary basis, however, depending on the circumstances, the refusal to provide data or request for their removal may prevent us, for example, contacting you, providing you with information about the Administrator’s activity or providing the service. The processing of personal data as part of the provision of legal aid services is regulated in contracts concluded with clients or in general terms regarding the provision of legal services. Sending commercial information by e-mail, eg by e-mail, is conditioned by receiving your prior consent, including the one provided by subscribing to the newsletter or by submitting instructions to receive specific information, including thematic legal alerts. In accordance with the rules set out in the legal provisions on the protection of personal data and in the scope provided for in them, you have the right to access your personal data, the right to rectify it, delete or limit processing and the right to data transfer. Some of these rights may not apply to the processing of data as part of the provision of legal assistance. If you do not want the Administrator to process your personal data for marketing purposes, you can object at any time to the processing of personal data for this purpose.

The right to lodge a complaint
You have the right to file a complaint related to the processing of personal data by the Administrator to the President of the Office for Personal Data Protection (until the entry into force of the Act of 10 May 2018 on the protection of personal data – to the Inspector General for Personal Data Protection).

Processing period
Personal data will be processed, as appropriate, until the relevant legitimate interests are fulfilled by the data controller related to the processing of specific data until the expiry of the limitation periods related to the contract with which the processing of personal data or limitation of obligations under the law are involved until opposition to the processing for marketing purposes. Newsletter and other similar information shall be sent until such objection is raised.

Transfer of personal data to other entities
Recipients of your personal data may in particular be entities directly or indirectly connected with the Administrator, in particular in an organizational or personal manner, which would be established in one of the European Union Member States, as well as external service providers (eg entities providing IT services, including cloud computing services, entities providing call center services and marketing and promotional activities, other entities processing data on behalf of the Administrator on the basis of a contract for entrusting the processing of personal data). Your personal data is processed at the Administrator’s office. Personal data is not transferred to countries outside the European Union. In the event of transfer of personal data to third countries located outside the EU, the Administrator will apply appropriate instruments to ensure the security of your personal data. The administrator, in connection with cooperation with his suppliers and other law firms, may entrust the processing of your personal data to the above-mentioned entities. However, in each case, these entities will be obliged to keep your personal data confidential and to process them in accordance with the provisions on the protection of personal data and appropriate Administrator’s instructions.

Your personal data will be subject to profiling as one of the forms of automated processing of personal data in accordance with art. 22 ust. 1 and 2 RODO in order to prepare the best offer for you

Changes to the Privacy Policy
Any changes we make to the Privacy Policy in the future will be published on the Administrator’s website, will apply only for the future and will come into force after accepting the modified privacy policy, which you will be notified of by pop-up window. If possible, we kindly ask you to check our site regularly in order to check the update of our Privacy Policy. If you do not accept our Privacy Policy or changes to the Privacy Policy, you should stop using our website.

Cookie Policy

1. Cookie files (so-called “cookies”) are IT data, in particular text files, which are stored on the Website User’s end device and are intended for using the Website’s websites. Cookies usually contain the name of the website from which they originate, their storage time on the end device and a unique number.
2. The entity that places cookies on the Website User’s end device and obtains access to them is the operator of the Institute of Behavioral Design & Sebastian Kotów with the registered office at ul. Mokotowska 59, 00-542 Warsaw, e-mail:
3. Cookies are used to:
a) adjusting the content of the Website pages to the User’s preferences and optimizing the use of websites; in particular, these files allow to recognize the device of the Website User and properly display the website, tailored to his individual needs;
b) create statistics that help to understand how Website Users use websites, which allows improving their structure and content;
c) maintaining the Website User’s session (after logging in), thanks to which the User does not have to re-enter his login and password on every subpage of the Website;
4. The Website uses two basic types of cookies: “session” and “persistent” cookies. Session cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). Persistent cookies are stored on the User’s device for the time specified in the cookie file parameters or until they are deleted by the User.
5. The following types of cookies are used as part of the Website:
a) “necessary” cookies, enabling the use of services available on the Website, e.g. authentication cookies used for services that require authentication on the Website;
b) cookies used to ensure security, e.g. used to detect fraud in the field of authentication on the Website;
c) “performance” cookies, enabling the collection of information on the use of Website pages;
d) “functional” cookies, which allow “remembering” the settings selected by the User and personalization of the User’s interface, eg in terms of the language or region of the User’s origin, size of the font, appearance of the website, etc .;
6. In many cases, software used for browsing websites (web browser) allows cookies to be stored in the User’s device by default. Website Users can change their cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser’s settings or inform them of each entry in the device of the Website User. Detailed information about the possibilities and ways of handling cookies are available in the software (web browser) settings, e.g.
in Internet Explorer
in the Mozilla Firefox browser
in the Chrome browser
in the Safari browser
in the Opera browser
7. The Website Operator informs that restrictions on the use of cookies may affect some of the functionalities available on the Website.
8. Cookies placed on the Website User’s end device may also be used by partners cooperating with the operator.
9. More information about cookies is available in the “Help” section in the browser’s menu.