Privacy Policy

Introduction

  • This Privacy Policy defines the rules for processing personal data of users of the aiideals.com website (hereinafter referred to as the "Service").
  • The personal data controller is KursyIT, Tax ID: 6722099040, REGON: 389325284, address: Stefana Batorego 18/108, 02-591 Warsaw, Poland (hereinafter referred to as the "Controller").
  • The Controller processes personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the Personal Data Protection Act.
  • Contact the Controller regarding personal data: aideals_info@kursyit-online.pl

I. Scope of Processed Data

  • The Controller processes the following personal data:
  • - Email address (required)
  • - Invoice data: first and last name or company name, address, Tax ID (optional)
  • - Technical data: IP address, browser information, operating system
  • - Order data: purchase history, selected products, transaction amounts
  • - Cookies and similar technologies

II. Purposes and Legal Bases of Processing

  • 1. Order fulfillment and service provision
  • - Legal basis: performance of a contract (Art. 6(1)(b) GDPR)
  • - Purpose: order processing, product delivery, customer contact
  • 2. Issuing invoices and accounting documentation
  • - Legal basis: legal obligation (Art. 6(1)(c) GDPR)
  • - Purpose: fulfillment of tax and accounting obligations
  • 3. Marketing of own products
  • - Legal basis: legitimate interest of the Controller (Art. 6(1)(f) GDPR)
  • - Purpose: informing about products, promotions and news
  • 4. Newsletter (with consent)
  • - Legal basis: consent (Art. 6(1)(a) GDPR)
  • - Purpose: sending newsletter with information about products and promotions
  • 5. Analytics and statistics
  • - Legal basis: legitimate interest of the Controller (Art. 6(1)(f) GDPR)
  • - Purpose: analysis of user behavior, Service optimization, remarketing
  • 6. Complaint handling
  • - Legal basis: performance of a contract and legal obligation (Art. 6(1)(b) and (c) GDPR)
  • - Purpose: handling complaints and claims

III. Data Recipients

  • Personal data may be transferred to the following categories of recipients:
  • - Stripe Inc. - payment operator (data necessary to process payments)
  • - Supabase Inc. - hosting and database service provider
  • - Google LLC - Google Analytics, Google Ads (analytical and marketing data)
  • - IT service providers - to the extent necessary to maintain technical infrastructure
  • - Accounting and legal service providers - to the extent necessary to conduct business
  • - Public authorities - in case of legal obligation
  • All recipients process data on the basis of data processing agreements and ensure an appropriate level of protection.

IV. Data Transfer to Third Countries

  • Some service providers (Stripe, Supabase, Google) may process data in the United States or other countries outside the European Economic Area.
  • Data transfer takes place on the basis of:
  • - Standard contractual clauses approved by the European Commission
  • - Privacy Shield program or other mechanisms ensuring an appropriate level of protection
  • - European Commission decision establishing an adequate level of protection

V. Data Retention Period

  • Order fulfillment data: for the period necessary to perform the contract and pursue claims (up to 6 years from the end of the tax year in which the tax obligation arose)
  • Invoice data: 5 years from the end of the tax year in which the tax obligation arose
  • Marketing data: until consent is withdrawn or objection is raised
  • Cookie data: according to the cookie policy (from leaving the site to a maximum of 24 months)
  • Complaint handling data: until claims arising from the contract are time-barred

VI. Rights of Data Subjects

  • Each person whose data is processed has the right to:
  • 1. Access to data - obtain information about processed data and a copy of the data
  • 2. Data rectification - correct inaccurate or complete incomplete data
  • 3. Data erasure - in cases provided for by GDPR ("right to be forgotten")
  • 4. Restriction of processing - in cases provided for by GDPR
  • 5. Data portability - receive data in a structured format and transfer it to another controller
  • 6. Object to processing - particularly to processing for marketing purposes
  • 7. Withdraw consent - in case of processing based on consent, without affecting the lawfulness of processing before withdrawal
  • 8. Lodge a complaint with the supervisory authority - President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, Poland)
  • To exercise your rights, contact the Controller: aideals_info@kursyit-online.pl

VII. Cookies and Similar Technologies

  • The Service uses cookies and similar technologies:
  • 1. Necessary cookies - enable basic Service functions (session, cart)
  • 2. Functional cookies - remember user preferences (language, currency)
  • 3. Analytical cookies - Google Analytics - help understand how users use the Service
  • 4. Marketing cookies - Google Ads, remarketing - used to display personalized ads
  • Users can manage cookies in browser settings. Disabling cookies may affect Service functionality.
  • Detailed information about cookies used can be found in the cookie consent settings in the Service.

VIII. Data Security

  • The Controller applies appropriate technical and organizational measures to ensure the security of personal data:
  • - SSL/TLS connection encryption
  • - Regular data backups
  • - Access control to personal data
  • - System security monitoring
  • - Regular software updates
  • - Employee training in personal data protection
  • - Data processing agreements with external entities

IX. Marketing and Advertising

  • The Controller uses data for marketing purposes:
  • 1. Direct marketing - information about products and promotions for existing customers (legitimate interest)
  • 2. Newsletter - sending email messages after user consent
  • 3. Remarketing - displaying ads tailored to user interests (Google Ads, Facebook)
  • 4. Behavior analysis - examining the effectiveness of marketing campaigns and offer optimization
  • Users can at any time:
  • - Unsubscribe from newsletter - link in the footer of each message
  • - Object to direct marketing - aideals_info@kursyit-online.pl
  • - Disable remarketing - Google Ads settings

X. Privacy Policy Changes

  • The Controller reserves the right to make changes to the Privacy Policy.
  • Users will be informed about any changes by publishing a new version of the Privacy Policy on the Service website.
  • In case of significant changes, the Controller will additionally inform users via email (if possible).
  • Changes take effect upon publication of the new version of the Privacy Policy.

XI. Contact Details

  • Personal Data Controller:
  • KursyIT
  • Tax ID: 6722099040
  • REGON: 389325284
  • Address: Stefana Batorego 18/108, 02-591 Warsaw, Poland
  • Email: aideals_info@kursyit-online.pl
  • Website: aiideals.com
  • If you have questions about personal data processing, please contact us by email: aideals_info@kursyit-online.pl
Data ostatniej aktualizacji / Last updated: 3/10/2026