Privacy policy

How we process your data.

Last updated: 15 June 2026

1. Data controller

The controller of your personal data is MSGA, with its registered office in Łódź, ul. Piotrkowska 276A, 90-361 Łódź, Poland, Tax ID (NIP): 7331362657, Business Registry No. (REGON): 383902384 (hereinafter: the "Controller").

Contact regarding personal data matters: [email protected]

2. Source of the data

The contact data was obtained from publicly available sources, such as: industry services, social media platforms (LinkedIn), company websites, public registers (the National Court Register (KRS), the Central Register and Information on Economic Activity (CEIDG)), and other publicly accessible business databases.

Pursuant to Article 14(3) of the GDPR, this information is provided no later than within one month of obtaining the personal data, or at the first contact with the data subject.

3. Legal basis for processing

The legal basis for processing your personal data is the legitimate interest of the controller within the meaning of Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the GDPR).

The legitimate interest consists in establishing business contacts, conducting commercial (B2B) communication, and presenting an offer of services related to the recipient's professional activity.

4. Scope of the data processed

We process only professional data:

5. Purpose of the data processing

We process your data for the following purposes:

6. Data retention period

Your data will be processed for a period no longer than 12 months from the last contact or attempted contact. After this period, the data will be reviewed to assess whether further processing is justified. If there is no legitimate interest in continuing the processing, the data will be permanently deleted.

The data will be deleted earlier if an effective objection to its processing is raised.

7. Your rights

Under the GDPR, you have the following rights:

To exercise your rights, send a message to: [email protected]. We will respond without undue delay, no later than within 30 days.

8. Data recipients

Your data may be shared only with entities that support the Controller in achieving the processing purposes. The categories of recipients include:

Each of these entities processes the data on the basis of appropriate data processing agreements.

9. Transfers of data outside the EEA

In connection with the use of technological tools (including CRM platforms and analytics tools), your data may be transferred to countries outside the European Economic Area. In such cases, the transfer takes place on the basis of standard contractual clauses approved by the European Commission or an adequacy decision.

10. Automated decision-making

The Controller does not make decisions concerning you based solely on automated processing, including profiling, that would produce legal effects concerning you or similarly significantly affect you.

11. Data security

We apply appropriate technical and organisational measures to protect your data against unauthorised access, loss, or destruction. Access to the data is granted only to authorised persons, and the systems we use are secured in accordance with current industry standards.

12. Changes to the privacy policy

The Controller reserves the right to update this Privacy Policy. We will inform you of any material changes via the website. The current version of the document is always available at: msga.pro/en/privacy-policy