This Privacy Policy sets out the principles for the processing and protection of personal data provided by users in connection with their use of the website Atrium Tower.

1. Controller

1.1 The controller of personal data of the Atrium Tower website users is Atrium Tower Sp. z o.o. with the registered office in Warsaw, address: Al. Jana Pawła II 25, entered in the register of entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw, XII Commercial Division of the National Court Register under KRS number 0000048588, NIP (tax identification number): 5271012265, REGON: 010831087 (“Controller“)

1.2 The Controller is responsible for using your data in a secure manner in accordance with the applicable law – in particular in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; “GDPR“), and in some cases also in accordance with the contract concluded between you and the Controller.

2. Contact data

2.1 In matters related to the protection of personal data the Controller can be contacted via e-mail, phone number or by mail at the address below.


Telephone number: +48 22 653 44 00

address: Jana Pawła II Avenue 25, 00-854 Warsaw

3. Scope, purpose and legal basis of data processing

3.1 The Controller only collects and processes data voluntarily provided directly by the user of the website.

3.2 The Controller provides the possibility to contact them using an electronic contact form. Using the form requires providing personal data necessary to contact you and to answer your enquiry. You may also provide other, additional data to facilitate contact or handling of the enquiry. Provision of data marked as obligatory in the contact form is required in order to receive and process the enquiry, and failure to provide such data results in the lack of possibility to process the enquiry. Provision of other data is voluntary.

3.3 Personal data are processed in order to identify the sender and to process the sender’s request sent via the form provided – the legal basis for the processing is the necessity of the processing for the performance of the contract for the provision of services (Article 6(1)(b) of the GDPR) or the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consisting of conducting correspondence addressed to it in connection with its business activities; with regard to additionally provided data, the legal basis for the processing is consent (Article 6(1)(a) of the GDPR).

3.4 In case of e-mail or postal correspondence to the Controller which is not related to the services rendered to the sender or to any other agreement concluded with the sender, personal data included in the correspondence shall be processed solely for the purpose of communication and resolution of the matter to which the correspondence refers.

3.5 The legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consisting of conducting correspondence addressed to it in connection with its business activities.

3.6 In case of contacting the Controller by phone, in matters not related to the concluded agreement or the provided services, the Controller may require providing personal data only when it is necessary to handle the matter which the contact concerns. In such case, the legal basis is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR), which consists in the necessity to resolve the reported matter related to the Controller’s business activity.

3.7 We also process your personal data which you do not make available to us directly. The Controller uses cookies for functional, analytical and marketing purposes. Functional cookies are necessary to use the website. The cookies collect the following personal data: location data, IP address or application identifiers, browser type and device type, website language.

4. Data recipients

4.1 In connection with activities requiring the processing of personal data, personal data may be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems and equipment, entities providing accounting services, postal operators, couriers, marketing or recruitment agencies.

4.2 The Controller reserves the right to disclose selected information concerning the data subject to competent authorities or third parties who request such information on an appropriate legal basis and in accordance with the provisions of the applicable law.

4.3 Your personal data will not be transferred outside the European Economic Area.

4.4 Should your personal data be transferred to another country where there are restrictions on the international transfer of personal data, we will use the standard contractual clauses set out by the European Commission or other data transfer mechanisms consistent with local laws, such as consent, to provide an adequate or the same level of protection for your personal data as that applicable in the country of origin.

5. Data retention periods

5.1 We will process your personal data for the duration of our ongoing relationship (e.g. answering questions, making offers, exchanging correspondence) and after the relationship has ended for a period of one year. After this period, we may contact you to inquire about the possibility of further processing your data.

5.2 The duration of data processing by the Controller depends on the type of service provided and the purpose of processing. The period of data processing may also result from legal provisions, when they constitute the basis for processing. If the data are processed on the basis of the legitimate interest of the Controller, e.g. for security reasons, the data shall be processed for the period enabling the Controller to pursue this interest or to lodge an effective objection to the processing of the data. Where processing is based on consent, data shall be processed until the consent is withdrawn. Where processing is based on non-necessity for the conclusion and performance of a contract, data are processed until the contract is terminated.

6. Your rights in relation to the processing of your personal data

6.1 You have the following rights in relation to the processing of your personal data:

– the right to object to the processing of your data on grounds relating to your particular situation,
– the right of access to your personal data,
– the right to request the rectification of your personal data,
– the right to request erasure of your personal data,
– the right to ask for the restriction of the processing of your personal data.

6.2 To exercise the above rights, please contact us (contact details at points 1 and 2 above).

The security of your personal data is important to the Controller. The Controller shall take such legal, technical and organisational measures as it considers necessary to maintain the confidentiality and security of your personal data and shall comply with the relevant obligations and exceptions laid down in the applicable legal provisions.


Cookies are small text files sent by a web server and stored on your computer (usually on your hard drive). The default cookie parameters allow only the server that created the cookie to read the information it contains. Cookies are most commonly used for counters, polls, online shops, login pages, re-advertisements and to monitor visitor activity.

The main purposes for storing and accessing cookies:

– personalisation of the website (for example: remembering the chosen font size, choosing a version for the visually impaired or a colour version;
– remembering user data and choices (for example: not having to enter login and password each time on each sub-page, remembering login on next visit;
– enabling interaction with social networking sites (for example, posting to Facebook and Google+ directly from the site);
– customizing the advertising content displayed on the website;
– compiling website statistics and statistics on the flow of users between different websites.

The user can delete already stored cookies from his/her terminal device by using the appropriate functions of the browser or other software and applications designed for this purpose. You can find instructions on how to delete cookies in the various browsers, e.g. at the following addresses:

1. Firefox:

2. Safari:

3. Chrome:

The website uses two main types of cookies: “session” (session cookies) and “permanent” (persistent cookies). Session” cookies are temporary files that are stored on the user’s terminal equipment until log-off, leaving the website or switching off the software (web browser). “Persistent” cookies are stored on the user’s terminal equipment for the time specified in the cookie file parameters or until they are deleted by the user.

The website uses the following types of cookies:

(a) “essential” cookies which make it possible to use the services available on the website, e.g. authentication cookies used for services which require authentication on the website;
(b) cookies used for security purposes, e.g. used for the detection of abuse of authentication in the website;
(c) “performance” cookies, which enable the collection of information on the use of the website;
(d) “functional” cookies which make it possible to “remember” the user’s selected settings and personalize the user’s interface, e.g. with regard to the selected language or region of the user’s origin, font size, website layout etc;
(e) “advertising” cookies which make it possible to provide users with advertising content more suited to their interests.