• English
  • Polish
  • German
  • French
  • Czech
  • Hungarian
  • Italian

Privacy Policy

3 March 2026
1. Data Controller

The controller of your personal data is:

Paweł Sumorowski, conducting business activity under the name:
E4C Paweł Sumorowski
Żarki (42-310), ul. Myszkowska 45A, Poland

Contact regarding data protection matters:
Email: contact@5cnc.eu

For the purposes of this Policy, “we”, “us” or “our” refers to the Data Controller indicated above.

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • visits to and use of the website 5cnc.eu (the “Website”);

  • enquiries sent via contact forms or email;

  • quotation requests and technical consultations;

  • conclusion and performance of contracts;

  • business communication with customers, suppliers and partners;

  • use of cookies and similar technologies.

This Policy does not apply to third-party websites linked from our Website.

3. Categories of Personal Data We Process

Depending on the nature of your interaction with us, we may process:

3.1 Identification and Contact Data

  • name and surname

  • company name

  • position / professional role

  • email address

  • telephone number

  • business address

3.2 Contractual and Transaction Data

  • quotation details

  • order information

  • invoicing details (including VAT data where applicable)

  • correspondence related to project execution

3.3 Technical Data

  • IP address

  • browser type and version

  • operating system

  • access time and pages visited

  • cookie identifiers

3.4 Communication Data

  • content of correspondence (including attachments such as drawings, specifications, CAD files, etc.)

We do not intentionally collect special categories of personal data.

4. Purposes and Legal Bases for Processing

We process personal data only where we have a lawful basis under Regulation (EU) 2016/679 (GDPR) and, where applicable, UK GDPR.

4.1 Performance of a Contract (Art. 6(1)(b) GDPR)

Processing necessary for:

  • preparing and sending quotations;

  • concluding and performing contracts;

  • delivering services and products;

  • handling after-sales communication.

4.2 Legal Obligations (Art. 6(1)(c) GDPR)

Processing necessary for:

  • accounting and tax compliance;

  • issuing invoices;

  • maintaining statutory records;

  • fulfilling regulatory requirements.

4.3 Legitimate Interests (Art. 6(1)(f) GDPR)

Processing necessary for:

  • responding to enquiries;

  • maintaining business relationships;

  • securing IT systems and preventing abuse;

  • establishing, exercising or defending legal claims.

4.4 Consent (Art. 6(1)(a) GDPR)

Processing based on consent may apply to:

  • non-essential cookies;

  • optional marketing communications (if implemented).

Consent may be withdrawn at any time without affecting the lawfulness of prior processing.

5. Data Retention Period

Personal data is retained only as long as necessary for the purposes described above:

  • Contractual and accounting data: for the period required by applicable tax and accounting laws.

  • Business correspondence: for the duration of cooperation and applicable limitation periods.

  • Enquiries without contract conclusion: until correspondence is completed and for a limited archiving period.

  • Technical and log data: for security and system integrity purposes for a limited period.

6. Data Recipients

Your data may be shared with:

  • accounting service providers;

  • IT and hosting providers;

  • software providers (CRM, email systems, cloud infrastructure);

  • legal and tax advisers;

  • public authorities where required by law.

Processors act solely on our instructions and are bound by confidentiality obligations.

7. International Transfers

If personal data is transferred outside the European Economic Area or the United Kingdom, such transfers will be based on:

  • an adequacy decision of the European Commission; or

  • Standard Contractual Clauses (SCCs); or

  • other legally recognised safeguards.

8. Your Rights

You have the right to:

  • access your personal data;

  • obtain a copy of your personal data;

  • request rectification of inaccurate data;

  • request erasure (subject to legal limitations);

  • request restriction of processing;

  • object to processing based on legitimate interests;

  • withdraw consent at any time (where applicable);

  • receive your data in a structured, commonly used, machine-readable format (data portability);

  • lodge a complaint with a supervisory authority (in Poland: President of the Personal Data Protection Office; in the UK: ICO).

To exercise your rights, contact: contact@5cnc.eu

9. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects concerning you.

10. Security

We apply appropriate technical and organisational measures to protect personal data, including:

  • encrypted HTTPS communication;

  • access controls;

  • secured IT infrastructure;

  • restricted internal access to data.

11. Changes to This Policy

We reserve the right to update this Privacy Policy. The current version is always available on 5cnc.eu.