Skip to content Thank you for visiting our website.
This Privacy Policy outlines the processing of personal data by Baltic Towers Sp. z o.o., headquartered in Gdańsk, 80-873, at Na Ostrowiu 15/20, registered in the Register of Entrepreneurs of the National Court Register maintained by the District Court Gdańsk-North in Gdańsk, VII Commercial Division of the National Court Register under number 0001026771, NIP: 7011133085, REGON: 524687244 (hereinafter referred to as the “Administrator,” “Baltic Towers,” the “Company,” “We,” or the “Operator”). This includes data pertaining to the Company’s current and potential Clients and Contractors, as well as other individuals visiting the website located at https://baltictowers.pl/, managed by the Company (collectively referred to as “Users”) and our social media profiles.
As a data controller, we ensure that the processing of your personal data complies with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and the free movement of such data, repealing Directive 95/46/EC (hereinafter referred to as GDPR), and other applicable laws, including the Electronic Communications Law and the Act on Providing Services by Electronic Means.
We respect the privacy of our Users and provide this Privacy Policy to ensure that every User knows the scope and entities processing their personal data and can independently, consciously, and freely decide whether to use the services and products we offer. This Privacy Policy generally describes how and to what extent we collect Users’ personal data, the purposes for which we use it, to whom we disclose or entrust it, how we protect it, and what rights Users have.
Specific details of this policy may be provided in dedicated information clauses that Users will receive when their data is collected for specific activities conducted by the Company. The main legal foundation for all data subjects’ rights and the principles of data processing is the aforementioned GDPR.
The Data Protection Officer at Baltic Towers Sp. z o.o. is Mr. Paweł Modrzejewski, and the Deputy Data Protection Officer is Ms. Izabela Walczak.
Contact with the appointed Data Protection Officer is possible via email: iod@baltictowers.pl.
The Deputy Data Protection Officer can be reached by phone at +48 791 543 400.
We value the trust our Users place in us. Below are the key principles we follow when processing personal data:
Baltic Towers Sp. z o.o. implements technical and organizational measures to protect personal data against unlawful or unauthorized access or use, as well as accidental destruction, loss, or integrity breaches. We ensure the involvement of management and all personnel in maintaining the Information Security Management System, including personal data processing, and adopt a process-based approach to data processing. To ensure the security of processed personal data, we commit to the following:
Users’ personal data may only be processed by third parties if such entities commit to ensuring appropriate technical and organizational measures guaranteeing data processing security, including maintaining confidentiality. Every employee and contractor of the Company with access to personal data is properly authorized and obligated to maintain confidentiality.
Personal data login and input points are secured at the transmission layer (SSL certificate) and the storage layer (encryption). A specified password policy is implemented.
The service is hosted on servers provided by a reputable supplier. The hosting provider ensures technical reliability and maintains server-level logs, which may include:
Baltic Towers Sp. z o.o. processes Users’ personal data exclusively for specific, lawful purposes and on defined legal grounds, including:
Responding to inquiries sent via any communication channel (e.g., email, contact form, phone, or social media), particularly regarding interest in our services/products. The legal basis is the necessity to take actions at the User’s request before entering into a contract and the legitimate interest of the data controller (Art. 6(1)(b) and Art. 6(1)(f) GDPR), depending on whether the User is a party to the contract or represents a contracting party.
Fulfilling a contract, where the legal basis is Art. 6(1)(b) GDPR (if the User is a party to the contract) or Art. 6(1)(f) GDPR (legitimate interest of the Company if the User represents an entity that has entered into a contract or is a contact person for contract execution). Typically, we process basic business data such as name, email address, and phone number.
Compliance with legal obligations applicable to the Company as the data controller, e.g., under accounting or tax laws (Art. 6(1)(c) GDPR).
Marketing activities, such as sending newsletters or presenting marketing offers, based on expressed consent (Art. 6(1)(a) GDPR) or our legitimate interest (Art. 6(1)(f) GDPR).
Recruitment purposes in case of applications for specific job positions, based on applicable regulations (Art. 6(1)(c) GDPR) or, in certain cases, consent (Art. 6(1)(a) GDPR).
Cookie-related purposes, as detailed in the “Cookies Policy” section, based on consent (Art. 6(1)(a) GDPR) or the Company’s legitimate interest (Art. 6(1)(f) GDPR).
Debt recovery or claims handling, when necessary, for the pursuit of civil claims or their defense, which constitutes our legitimate interest (Art. 6(1)(f) GDPR).
Statistical and archival purposes, under applicable legal provisions or our legitimate interest (Art. 6(1)(c) and Art. 6(1)(f) GDPR).
In cases where a User sends us an inquiry, requests contact, or messages us via social media, their data will be forwarded to the relevant team responsible for handling that specific area.
Providing contact details in an email or other communication is voluntary; however, failure to do so may prevent us from responding to the inquiry.
Providing data is mandatory in situations where processing is required under legal provisions. Failure to provide such data will result in the inability to conclude or execute a contract.
We primarily collect personal data from our Clients/Contractors directly. For individuals listed as contacts in contracts, the data source is typically the entity signing the agreement with the Company. Data is collected to the minimum extent necessary to deliver a specific service/product, including:
Email or phone inquiries: Basic identification and contact data such as name, email address, message content, phone number, NIP (Tax ID), and business address.
Contact form on the website: Basic identification and contact details, including name, email address, phone number, and details provided in the message’s subject and content.
Supplier contact form: Basic identification and contact data such as company name, email address, phone number, subject, message content, and any attached files.
Job applications via the “Careers” section: Data provided by Users interested in applying for a position, including name, email address, phone number, and uploaded CV.
Connection parameters: The Service may record connection details (e.g., timestamp, User’s IP address).
Form-related data linking: In certain cases, the Service may save information linking form data to the User’s email address. The email address may appear within the URL of the page containing the form.
Additionally, while using the Baltic Towers website, we collect data stored in system logs (more details in the Cookies Policy).
Social media plugins for LinkedIn and YouTube are available on the website. Clicking these links will redirect the User to the respective platforms, which may involve the transfer of specific data to the administrator of the selected platform. More information is provided in the “Social Media Profiles” section.
If Users prefer not to provide data via online forms, they may contact us by emailing the address provided for correspondence or calling the phone number listed on the website.
Baltic Towers Sp. z o.o. ensures that Users’ rights related to their personal data are upheld in accordance with GDPR provisions (Articles 15-22). Users are entitled to:
Requests must comply with the law and social norms and must not infringe on the rights and freedoms of others. Requests can be submitted via email to office@baltictowers.pl / kontakt@baltictowers.pl or in writing to the Company’s registered address, marked “Personal Data.”
Requests will be addressed without undue delay, typically within one month of receipt. In cases of complexity or a high volume of requests, this period may be extended.
In interactions with the User, including within services offered via the website, the User may be asked to provide consent for the processing of personal data for marketing purposes, including electronic marketing, if such consent constitutes the appropriate legal basis for processing personal data. Giving consent is always voluntary. We emphasize that the obligation to obtain consent may also arise from legal provisions other than GDPR, for example, consent for telephone or electronic marketing is obtained based on the provisions of the Electronic Communications Law or the Act on Providing Services by Electronic Means.
The User has the right to withdraw their consent at any time by directly contacting the Company’s office or via email at:
office@baltictowers.pl / kontakt@baltictowers.pl.
Withdrawal of consent does not result in any negative consequences or inconveniences. However, the withdrawal may lead to the inability to use services such as receiving our newsletter.
Withdrawal of consent does not affect the legality of data processing that was carried out based on the consent before its withdrawal.
Requests to withdraw consent will be processed promptly. Once the request is fulfilled, we will cease processing personal data for marketing purposes, including sending marketing and commercial information via email or telephone. However, until the request is fully processed, the User may still receive communications that they have opted out of by withdrawing consent.
We also emphasize that if we process data for other purposes (e.g., contract execution, service provision, presenting evidence, or claims handling), we may continue processing the data for these purposes based on another legal basis
The Company stores personal data for the period necessary to fulfill the purposes for which the data was collected. The storage period is determined in strict compliance with applicable laws. Typically, this period is five years from the issuance of an invoice, counting from the end of the year in which the invoice was issued, while considering the possibility of pursuing claims.
Users have the right to obtain information from us regarding the retention period of their personal data. When data is processed based on consent, it will be processed until the consent is withdrawn, unless the purpose for which the consent was given has already been achieved.
Recipients of your personal data may include entities authorized to receive the data under applicable legal provisions, such as public authorities and entities performing public tasks or acting on behalf of public authorities, within the scope and for the purposes resulting from generally applicable laws.
In the case of project implementation, data may also be transferred to entities collaborating with us on project execution.
Data may also be shared with entities affiliated with us by capital or with entities collaborating with us in delivering our services/products. These include entities processing personal data on our behalf based on prior agreements for the delegation of data processing (e.g., hosting providers, IT companies, software suppliers, marketing companies, courier companies).
As a rule, we do not transfer your data to third countries. However, we inform you that we maintain profiles on social media platforms such as Facebook, YouTube, LinkedIn, and Google. Data located on the servers of these platforms may be processed in third countries, including the USA, under the privacy policies of these platforms.
According to their respective regulations, these providers ensure that processing is conducted in accordance with applicable laws and with the highest security standards (e.g., transfers to the USA are based on the Data Privacy Framework, DPF). For entities not listed in the DPF program, the legal basis for transfer will be the entity’s commitment to complying with the standard contractual clauses issued under the European Commission’s implementing decision.
For more information and links to the relevant privacy policies, refer to the section “Profiles on Social Media.”
We inform you that when using our website, we collect data contained in system logs. This data is primarily used for technical purposes related to the administration of our website. Additionally, the Company uses this information for statistical purposes, allowing us to analyze the use of functionalities provided by the website.
System logs include information such as IP addresses (network interface numbers); however, this data does not enable us to directly identify Users (e.g., a specific individual using a computer or another internet-connected device). Cookies are small text files sent by the website and stored on the User’s computer (or another device they use).
The website operated by the Company uses cookies to recognize the personal preferences of Users. In other words, the cookies we use allow us to identify the User’s computer during subsequent visits to the site and are intended to facilitate website usage.
Within the Service, two main types of cookies are used:
In many cases, web browser software (internet browsers) allows cookies to be stored on the User’s device by default. Users can change their cookie settings at any time, particularly to block the automatic handling of cookies in their browser settings or to notify them whenever cookies are placed on their device. Detailed information on the management of cookies is available in the settings of the web browser.
We inform you that restricting the use of cookies on the website may impact certain functionalities available on our website. Cookies may be placed on the User’s device by the Baltic Towers website and may also be used by our advertisers and partners, as well as by entities cooperating with the website operator, including:
Detailed instructions on changing cookie settings and managing them in the most popular web browsers can be found in their help sections or via the following links:
Users can delete their data from our Analytics database at any time by using this plugin:
https://tools.google.com/dlpage/gaoptout
Additionally, Users can adjust settings on their Google accounts at any time to limit displayed advertisements by accessing:
https://myaccount.google.com/privacy#ads in the Ad Settings section.
Statistical Analysis with Google Analytics:
The Operator uses Google Analytics (provided by Google Inc., headquartered in the USA) to perform statistical analysis of website traffic. The Operator does not share personal data with Google Analytics; only anonymized information is provided. The service relies on cookies stored on the User’s end device. Users can review and edit the information collected by Google’s advertising network via the tool:
https://www.google.com/ads/preferences/.
Remarketing Techniques:
The Operator employs remarketing techniques to tailor advertising messages to the User’s behavior on the website. This may create the impression that the User’s personal data is being used for tracking. However, no personal data is transmitted from the Operator to advertising operators. The technological condition for these actions is the enabled use of cookies.
Facebook Pixel:
The Operator uses Facebook Pixel technology. This allows Facebook (Facebook Inc., headquartered in the USA) to recognize that a registered user on their platform is visiting the Service. This recognition is based on data managed solely by Facebook. The Operator does not share any additional personal data with Facebook. The service relies on cookies stored on the User’s end device.
Behavioral Analysis with Heat Maps and Session Recording:
The Operator employs tools to analyze user behavior by creating heat maps and recording activity on the website. This information is anonymized before being sent to the service provider, ensuring the identity of the physical person is not disclosed. In particular, passwords and other personal data are not recorded.
Automation of Website Interactions:
The Operator uses automated solutions in the Service to interact with Users, such as sending emails to Users who visit specific subpages, provided they have consented to receive commercial communications.
Data Profiling:
The Operator may engage in data profiling as defined by GDPR.
As part of our marketing activities, we operate profiles on the following platforms:
The Facebook social platform is operated by Meta Platforms, Inc., with its headquarters at 1 Hacker Way, Menlo Park, California 94025, USA. Meta manages the entire IT infrastructure of Facebook and related platforms and technologies (Instagram, Messenger, WhatsApp, Oculus, Workplace, Portal, Novi).
More information on data processing on these platforms can be found at:
https://www.facebook.com/privacy/policy.
The LinkedIn service is provided by LinkedIn Corporation, headquartered at 1000 W Maude, Sunnyvale, CA 94085, USA, which is part of the Microsoft group.
Details on personal data processing by LinkedIn are available at:
LinkedIn Privacy Policy.
YouTube is provided by Google LLC, located at 1600 Amphitheater Parkway, Mountain View, California 94043, USA, and within the EU by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
More information on data processing by YouTube is available at:
https://www.youtube.com/intl/ALL_pl/howyoutubeworks/user-settings/privacy/.
Our website includes plugins for LinkedIn and YouTube. By clicking on the plugin of a particular service, User data from our website, such as the IP address and browser identifier, may be transmitted to the data administrator of the respective service (especially if the User is logged into those services) in accordance with their privacy policies. For detailed information, please refer to the privacy policy of the respective service, links to which are provided above.
To assess customer satisfaction, we use tools such as Google My Business. The “Profile” is the Baltic Towers company profile visible in Google search. In accordance with the provider’s policies, if a User wishes to share their opinion about our services, they must have an account registered with Google.com. Providing a review is entirely voluntary. This serves as a method of gauging customer satisfaction to better understand their experience with our company or services.
Users can edit or completely delete added reviews at any time by clicking on the menu and navigating to the “Your Contributions” section in Google Maps (“Reviews” subsection).
Baltic Towers Sp. z o.o., headquartered in Gdańsk, 80-873, ul. Na Ostrowiu 15/20, NIP: 7011133085, is responsible for managing fan pages and profiles on social media platforms. Data processed through these profiles is co-administered with the entities managing the respective platforms.
The Company collects and processes only a portion of the data shared with us by Users on these platforms. We ensure that our fan page/profile complies with the requirements outlined in the terms and conditions of the respective platforms.
Through the operation of our social media profiles, we collect and process the following personal data:
Personal data collected through communication with Users is processed solely for responding to inquiries if necessary. User activity related to interacting with our fan page/profile will not be archived outside the platform unless required for evidence purposes.
Data processing on our fan page/profile is based on the following legal grounds:
The information we hold from User messages will be retained for as long as necessary to respond to inquiries. Comments made publicly on our profiles will remain until removed by the author or the administrator. Data such as the history of posts, activity in communication apps, and interactions via Facebook/YouTube/LinkedIn are subject to retention policies outlined in the respective platform’s terms and conditions.
As per GDPR, every User has the following rights concerning their personal data:
For any requests concerning images, please specify the relevant photo.
Engaging with the administrator or using the portal is entirely voluntary. Users may withdraw their consent to data processing or object to processing at any time.
No automated decision-making processes are employed.
Data may be transferred outside the EEA (e.g., to the USA, where platform servers are located). Generally, such transfers are conducted under the Data Privacy Framework. For more details, visit:
https://www.dataprivacyframework.gov/.
Baltic Towers Sp. z o.o. reserves the right to make changes to this policy, which may result from the need to adapt to changes in legal regulations, applicable privacy standards, or the expansion of our offerings. Accordingly, the Company will notify about any changes via an appropriate announcement on its website.
All rights to the website: https://baltictowers.pl/, including all its graphic elements, photos, layout, and any other components, are reserved. The website and all its elements are protected under applicable laws, particularly the Act of February 4, 1994, on Copyright and Related Rights, the Act of April 16, 1993, on Combating Unfair Competition, and the Act of July 27, 2001, on the Protection of Databases.
Updated: December 15, 2024
At Baltic Towers, we harness the potential of wind energy to support sustainable development and build the Polish supply chain. Our dedication to innovation translates into clear benefits for the environment and society.
Na Ostrowiu 15/20
Gdańsk 80-873 PL