COMPANY INFORMATION
Legal Name: LEX CORPORATION SP. Z O.O.
REGON: 540760365
KRS: 0001151749
Registered Office: under XII COMMERCIAL DIVISION OF THE NATIONAL COURT REGISTER,
COUNTRY : POLAND, CITY : WARSAW
ADDRESS : Krucza 16/22 , Lokal- 411, 00-526 Warszawa
Tax ID (NIP): 7011243632
Data Protection Officer (DPO): (+48) 573 467 138, info@lexcorporation.pl
E-Commerce Support: info@lexcorporation.pl
Privacy Policy (GDPR & Polish Law Compliant)
Last Updated: 07 July 2025
1. Data Controller
LEX CORPORATION SP. Z O.O.
- REGON: 540760365
- KRS: 0001151749
- Tax ID (NIP): 7011243632
- Registered Office: Krucza 16/22, Lokal 411, 00-526 Warszawa, Poland
- Data Protection Officer (DPO): (+48) 573 467 138 | Email: info@lexcorporation.pl
2. Data We Collect
We process personal data per GDPR (Art. 6) and Polish PDPA:
| Category | Examples | Legal Basis |
|---|---|---|
| Identification Data | Name, date of birth, ID/passport number | Contract (Art. 6(1)(b)) |
| Contact Data | Email, phone, address | Contract/Legitimate Interest |
| Financial Data | Bank details, payment info (processed via PCI-DSS gateways) | Legal Obligation (Art. 6(1)(c)) |
| Immigration/Legal Case Data | Visa applications, court documents | Consent (Art. 6(1)(a)) |
| Employment Data | CV, work history (for recruitment) | Consent |
| Website Analytics | Anonymized IP, cookies (see Section 6) | Legitimate Interest (Art. 6(1)(f)) |
3. How We Use Data
- Service Provision: Legal/immigration services, order processing.
- Marketing: Only with explicit consent (opt-in). Unsubscribe anytime.
- Security: Fraud prevention, encryption (TLS 1.3, AES-256).
- Legal Compliance: Tax/accounting records (Polish Tax Ordinance Art. 86).
4. Data Security Measures
Technical Protections
- Encryption: TLS 1.3 (HTTPS), PCI-DSS v4.0 for payments (Przelewy24.pl).
- Infrastructure: WAF firewalls, DDoS protection, quarterly vulnerability scans.
- Data Storage: AES-256 encryption; no card data stored.
Organizational Protections
- Access Control: RBAC, MFA for admin accounts.
- Staff Training: Annual GDPR compliance training.
5. Data Retention
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Customer Orders | 5 years (tax audits) | Polish Tax Ordinance Art. 86 |
| Marketing Data | Until consent withdrawal + 30 days | GDPR Art. 7(3) |
| Legal Case Files | 10 years (case closure) | Polish Bar Association Rules |
| Financial Records | 5 years (invoices) / 10 years (contracts) | Polish Accounting Act Art. 74 |
| Website Logs | 12 months (IPs anonymized after 30 days) | GDPR Art. 32 |
6. Your Rights (GDPR Arts. 15–21)
| Right | How to Exercise | Response Time |
|---|---|---|
| Access (Art. 15) | Request data copy (JSON/CSV) via DPO. | 30 days (free) |
| Rectification (Art. 16) | Submit proof (e.g., utility bill for address changes). | 30 days |
| Erasure (Art. 17) | Request deletion (excludes legal retention requirements). | 30 days |
| Portability (Art. 20) | Receive structured data (e.g., contracts). | 30 days |
| Object (Art. 21) | Opt out of marketing (unsubscribe link) or legitimate interest processing. | 15 days |
| Restriction (Art. 18) | Freeze processing during disputes. | 15 days |
Contact DPO: info@lexcorporation.pl | (+48) 573 467 138
7. E-Commerce Module
7.1 Order Process
- Checkout: Cart → Payment (card/BLIK/bank transfer).
- Confirmation: Email with order number + PDF invoice.
- Delivery:
- Digital services: Immediate download.
- Physical documents: 3–5 days (Poczta Polska, tracked).
7.2 Withdrawal & Refunds
- 14-Day Right to Withdraw: 14 days of delivery without stating a reason.
- Process: Email info@lexcorporation.pl with order number. Refund issued within 12 calendar days of receiving written notice
- Cancellations
Full refund: Cancelled 48+ hours before service.
50% refund: Cancelled 24–48 hours before service.
No refund: Cancelled <24 hours before or after work has begun.
Non-refundable: Any initial deposits.
7.3 Complaints
- Deadline: 30 days from purchase.
- Response: Within 7 calendar days (submit to info@lexcorporation.pl).
Complaints Procedure
- Filing a Complaint
- Consumers may submit complaints regarding services or products provided by LexCorporation via:
- Email: Send a written notice to info@lexcorporation.pl.
- Post: Send a written complaint to LexCorporation’s registered office address.
- Consumers may submit complaints regarding services or products provided by LexCorporation via:
- Required Complaint Content
The complaint should include:- Consumer’s contact details (name, address, email/phone).
- Description of the issue.
- Relevant order/service reference (if applicable).
- Any supporting evidence (e.g., photos, documents).
7.4 Payments
- Methods: Visa/Mastercard (3D Secure), BLIK, bank transfer (PLN/EUR/USD).
- Security: PCI-DSS compliant; no card data stored.
8. Policy Updates
- Notified via website banner or email (if material changes).
Legal Basis for This Information
- The requirements for Terms & Conditions are set by the Polish Consumer Rights Act (30 May 2014).
- The Privacy Policy follows the EU GDPR (2016/679).