PRIVACY POLICY – STARX

1. General Information

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or submit an enquiry via www.starxflag.com.

Personal data refers to any information that can identify you directly or indirectly, such as your name, email address, IP address, or enquiry details.

We process your personal data in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR) and Polish data protection regulations.

Please note that data transmission over the internet (e.g. via email) may involve security risks. Complete protection against unauthorized access by third parties cannot be guaranteed.

2. Data Controller

The controller responsible for processing your personal data is:

KICKSTARTX Sp. z o.o.
Rychnowy 120
77-300 Człuchów
Poland
VAT Number: PL8431440481
KRS: 0000919342

Email: info@starxflag.com

3. How We Collect Personal Data

a) Data You Provide Directly

You provide personal data when you:

  • Submit an enquiry
  • Request a quotation
  • Complete a contact form
  • Subscribe to a newsletter
  • Contact us via email or other communication channels

b) Data Collected Automatically

When you visit our website, certain technical data is collected automatically, including:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname of the accessing device
  • Date and time of access
  • IP address

This data is necessary to ensure the stability, security, and proper functioning of the website.

4. Purpose and Legal Basis of Processing

We process your personal data for the following purposes:

  • Responding to enquiries
  • Preparing and managing quotations
  • Customer communication
  • Ensuring website security and functionality
  • Analysing website usage and improving services
  • Conducting marketing activities (where consent has been given)

Legal basis for processing:

  • Article 6(1)(a) GDPR – consent
  • Article 6(1)(b) GDPR – pre-contractual steps / contract performance
  • Article 6(1)(f) GDPR – legitimate interest (e.g. website optimisation and security)

5. Cookies

Our website uses cookies to enhance usability, security, and performance.

Cookies are small text files stored on your device.

Some cookies are essential for website operation, while others are used for analytics or marketing purposes.

You can configure your browser to:

  • Inform you about the use of cookies
  • Allow cookies only in specific cases
  • Block cookies entirely
  • Automatically delete cookies when closing the browser

Please note that disabling cookies may limit certain functionalities of the website.

6. Server Log Files

Our hosting provider automatically collects and stores information in server log files, including:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname
  • Time of request
  • IP address

This data is not merged with other data sources and is processed on the basis of Article 6(1)(f) GDPR (legitimate interest in ensuring technical stability and security).

7. Contact Forms and Communication

If you contact us via a form or email, the data you provide will be stored for the purpose of handling your enquiry and any follow-up communication.

Legal basis: Article 6(1)(a) GDPR (consent)

Data will be deleted once it is no longer required, unless statutory retention obligations apply.

8. Your Rights as a Data Subject

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

You also have the right to lodge a complaint with a supervisory authority.

The competent authority in Poland is:
UODO (Personal Data Protection Office)

9. SSL / TLS Encryption

Our website uses SSL/TLS encryption to protect the transmission of confidential data.

Encrypted connections are indicated by “https://” and a lock symbol in the browser.

10. Analytics and Advertising Tools

Google Analytics

We use Google Analytics to analyse website usage.

Google Analytics uses cookies to collect information about how users interact with the website.

We use IP anonymisation.

Legal basis: Article 6(1)(f) GDPR (legitimate interest)

You can opt out via browser settings or Google tools.

Google Ads & Remarketing

We use Google Ads remarketing to display personalised advertisements.

This is only activated after your consent.

Legal basis: Article 6(1)(a) GDPR (consent)

Hotjar

We use Hotjar to analyse user behaviour (e.g. clicks, scrolling).

Data is processed in anonymised or pseudonymised form.

Legal basis: Article 6(1)(a) GDPR (consent)

Google reCAPTCHA

We use reCAPTCHA to protect forms from spam and abuse.

Legal basis: Article 6(1)(f) GDPR (legitimate interest)

11. Social Media & Embedded Services

Facebook Plugins

Pages may include Facebook plugins. Interaction may transfer data to Facebook.

YouTube

Embedded videos may establish a connection to YouTube servers.

Google Web Fonts

Fonts are loaded from Google servers.

Google Maps

Maps require transmission of your IP address to Google.

Legal basis: Article 6(1)(f) GDPR (legitimate interest)

12. Newsletter (MailerLite)

If you subscribe to our newsletter, we process your email address (and optionally your name).

The newsletter is sent via MailerLite (EU-based provider).

Legal basis: Article 6(1)(a) GDPR (consent)

You may unsubscribe at any time.

13. Objection to Marketing Emails

The use of contact details published on this website for unsolicited marketing is prohibited.

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy.

The current version published on the website shall apply.