Skip to content
Home » Privacy Policy

Privacy Policy

COMPANY INFORMATION
Legal Name: LEX CORPORATION SP. Z O.O.
REGON: 540760365
KRS: 0001151749
Registered Office: under XII COMMERCIAL DIVISION OF THE NATIONAL COURT REGISTER,
COUNTRY : POLAND, CITY : WARSAW
ADDRESS : Krucza 16/22 , Lokal- 411, 00-526 Warszawa
Tax ID (NIP): 7011243632
Data Protection Officer (DPO): (+48) 573 467 138, info@lexcorporation.pl
E-Commerce Support: info@lexcorporation.pl

  1. DATA PROTECTION & PRIVACY POLICY

Data We Collect

Lex Corporation may process the following categories of Personal Data:

  • Identification Data: Name, date of birth, place of birth, nationality, ID/Passport number, etc.
  • Contact Data: Email address, phone number, postal address.
  • Employment Data: Resume, CV, work experience, education, skills, etc. (if applicable)
  • Financial Data: Bank details, payment information (if applicable).
  • Immigration Data: Visa applications, residency permits, work permits, etc. (if applicable).
  • Legal Case Data: Information related to legal cases, such as court documents, correspondence with authorities (if applicable).
  • Other Data: Any other information that may be necessary to provide the requested services.
    2.1 How We Use Data
     Provide legal/immigration services (Contract)
     Process online orders (Contract)
     Marketing (Consent)
     Fraud prevention (Legitimate Interest)
    2.2 Data Security
    SSL/TLS Encryption:
     “All data transmitted via our website (https://lexcorporation.pl) is encrypted using TLS 1.2/1.3 (HTTPS).”
     “Payment pages are secured with 256-bit encryption.”
PCI DSS Compliance for Payments:

 “We comply with PCI DSS v4.0 standards for processing payments via Przelewy24.pl (SAQ A-EP attestation).”
 “Card data is never stored on our servers; all payments are processed through PCI-certified gateways.”

System Protections:

 “Firewalls (WAF), DDoS protection, and regular vulnerability scans (quarterly) are implemented.”
 “Database encryption (AES-256) for stored personal data.”
Organizational Safeguards

Access Controls:

 “Strict role-based access (RBAC) to personal data (only authorized employees).”
 “Multi-factor authentication (MFA) for admin accounts.”

Staff Training:

 “Annual GDPR training for all employees handling personal data.”
2.3 Data Retention
(GDPR Art. 5(1)(e) | Polish Tax Ordinance Art. 86)

Customer Orders : 5 years from end of calendar year , Polish Tax Ordinance (required for tax audits)
Marketing Data: Until consent withdrawal + 30-day grace period, GDPR Art. 7(3) (right to revoke consent)
Legal Case Files : 10 years from case closure, Polish Bar Association Rules (Art. 12)
Financial Records: 5 years (invoices) / 10 years (contracts), Polish Accounting Act (Art. 74)
Website Logs: 12 months (IP addresses anonymized after 30 days), GDPR Art. 32 (security necessity)

CLIENTS RIGHTS (GDPR/PDPA)
(GDPR Arts. 15-21 | Polish PDPA Art. 10)

  1. Right of Access (Art. 15)
    “Request a copy of all personal data we hold about you in machine-readable format (JSON/CSV).”
    Response Time: 30 days (free of charge).
  2. Right to Rectification (Art. 16)
    “Correct incomplete/outdated data (e.g., change of address).”
    Required Proof: Recent utility bill for address updates.
  3. Right to Erasure (“Right to Be Forgotten”) (Art. 17)
    Applies When:
    Data is no longer necessary
    You withdraw consent (and no other legal basis exists)
    Exceptions: Legal case files (retention required by law).
  4. Right to Portability (Art. 20)
    “Receive your contract data (e.g., service agreements) in structured, commonly used format.”
  5. Right to Object (Art. 21)
    Marketing: Opt out anytime via [unsubscribe link] in emails.
    Legitimate Interest Processing: Object via email to DPO (e.g., for analytics).
  6. Right to Restriction (Art. 18)
    “Request temporary freezing of data processing during disputes.”
  7. E-COMMERCE REGULATIONS
    3.1 Order Process
    Add to Cart → Checkout
    Payment Methods: Card (Visa/Mastercard), CASH
    Bank Transfer (PLN/ EURO/DOLLARS)
    Confirmation: Instant email with order number and PDF invoice
    Digital services: immediate access link
    3.2 14-Day Withdrawal Right
    Applies to: Standard services
    Excludes: Custom legal documents (Art. 38 Polish Consumer Rights Act)
    How to withdraw: Email [info@lexcorporation.pl] with order number
    3.3 Complaints
    Deadline: 30 days from purchase
    Response: Within 14 business days
    Submit to: [info@lexcorporation.pl]
    3.4 Delivery & Payments
    Service Type
    Digital Services: Immediate, Email/download
    Physical Documents: 3-5 business days, Poczta Polska (tracked)
    Payments Accepted: Cards (3D Secure required)
    BLIK
    Bank transfer (ING/PKO BP)
  8. PRIVACY POLICY
    Terms and conditions of sale
    Published on the website (e.g. in the footer or in the dedicated “Terms and Conditions” tab).
    Contains the seller’s data (name, address, tax identification number), payment and delivery terms, complaint and contract withdrawal rules.
     Consumers have the right to withdraw from the contract within 14 days from the date of delivery, without stating any reason.
     To exercise this right, the customer must notify Lex Corporation in writing via email or post.
     Returned goods must be unused, undamaged, and in their original packaging.
     Refunds will be issued within 14 days of receiving the returned goods, using the same payment method originally used by the customer.
    Privacy Policy
    Easily accessible (footer, separate tab).
    Compliant with GDPR: purposes and legal basis of processing, storage periods, user rights, administrator data.