PRIVACY POLICY AND GDPR COMPLIANCE

Last updated: May 2026

This Privacy Policy describes how NET LUX SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ collects, uses, processes, and protects your personal and corporate data when you visit our website, interact with our B2B demo-catalog, or communicate with our institutional desk. We are fully committed to protecting your privacy in strict compliance with the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the Polish Act on the Protection of Personal Data.

1. Data Controller Identity

The data controller responsible for the processing of your data is:

  • Entity Name: NET LUX SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
  • Registered Office Address: ul. Grochowska 207, 04-077 Warszawa, Polska
  • National Court Register Number (KRS): 0001185970
  • Tax Identification Number (NIP): 6762647430
  • Statistical Number (REGON): 525932504
  • Official Corporate Email: info@netlux-spolka.pl

2. Categories of Personal and Corporate Data We Collect

To operate our wholesale textile trade channels, coordinate custom manufacturing pipelines, and manage secure warehouse logistics, we collect and process the following categories of data when submitted via our digital forms or direct communications:

  • Identification Data: Full name, corporate title, name of the business entity, and official company registration numbers (KRS, NIP, VAT, REGON).
  • Contact Information: Corporate email address, telephone numbers, registered business address, and physical warehouse shipping locations.
  • Commercial Sourcing Data: Estimated transaction amounts, specific wholesale textile categories, supply chain preferences, and custom packaging or manufacturing layouts provided during B2B inquiries.
  • Technical Network Logs: IP address, browser type, device specifications, operating system, and anonymous statistical data regarding website interactions captured via secure server logs.

3. Legal Basis and Purposes of Data Processing

We process your data strictly under the following legal frameworks established by the European Union and the Republic of Poland:

  • Performance of a Contract or Pre-Contractual Steps (Art. 6(1)(b) GDPR): To analyze your commercial wholesale inquiries, evaluate logistics capabilities, lock supplier pricing, and execute official bilateral corporate agreements.
  • Compliance with Legal Obligations (Art. 6(1)(c) GDPR): To satisfy mandatory corporate bookkeeping, international trade declarations, tax accounting regulations, and anti-fraud protocols enforced by Polish customs and fiscal authorities.
  • Legitimate Interests (Art. 6(1)(f) GDPR): To guarantee the persistent security of our server infrastructure, prevent illicit corporate interactions, and optimize the navigation performance of our demo-catalog.

4. Data Retention Architecture

Your data is preserved exclusively for the time necessary to fulfill the specific purposes for which it was gathered. In accordance with statutory tax regulations and commercial legislation in Poland, all data connected to corporate transactions, commercial invoices, and contractual communications must be securely archived for a minimum period of 5 years starting from the end of the fiscal year in which the commercial relation concluded.

5. Third-Party Data Disclosures and Sharing Frameworks

The Company does not sell, rent, or lease your corporate or personal records to marketing agencies. Data is disclosed solely to authorized, trusted entities required to complete your requested supply chain operations:

  • State Authorities: Fiscal administrations, judicial bodies, and customs offices when required under statutory Polish or EU trade laws.
  • Logistics and Transport Providers: Authorized third-party freight forwarders, carriers, and auxiliary transport operators strictly to execute cargo movement and warehouse distribution.
  • Technical Infrastructure Partners: Regulated server hosting providers, database security services, and corporate software administrators who maintain the platform’s stability.

All data processing, database structures, and archive parameters are strictly confined within the borders of the European Economic Area (EEA), ensuring absolute alignment with GDPR structural protocols.

6. Your Statutory Rights Under GDPR

As a data subject under European Union regulations, you retain full legal entitlement to exercise the following protections directly through our compliance office:

  • Right of Access: You can request a clear copy of the data we hold regarding your entity.
  • Right to Rectification: You can request the correction of inaccurate, outdated, or incomplete corporate contact data.
  • Right to Erasure (“Right to be Forgotten”): You can request the permanent removal of your data from our active databases, provided it is no longer bound by statutory data retention laws or fiscal audit obligations.
  • Right to Restriction of Processing: You can request the limitation of your data’s application under specified legal conditions.
  • Right to Data Portability: You can request to receive your digital data in a structured, universally recognized electronic format.

To invoke any of these protections, please contact our compliance desk via info@netlux-spolka.pl. If you believe your data rights have been breached, you hold the legal right to submit a formal grievance to the primary Polish data protection inspectorate: Urząd Ochrony Danych Osobowych (UODO), Warsaw, Poland.