Skip to content

How we process personal data

SNOK Sp. z o.o. processes personal data in accordance with the GDPR.

1. Data controller

The data controller is SNOK Sp. z o.o., Rondo ONZ 1, 00-124 Warsaw, Poland, KRS 0000896866, NIP 7011032504, REGON 388919917. Contact: office@snok.ai.

2. Scope and purposes

Personal data (first name, last name, business email, organisation, role) is processed to handle enquiries submitted through the contact form and for further business communication, where the individual has consented to it.

3. Legal basis

Processing is based on consent (Article 6(1)(a) GDPR) and on the controller's legitimate interest (Article 6(1)(f) GDPR).

4. Retention period

Data is retained for as long as necessary to handle the enquiry, and - where an agreement is concluded - for the term of that agreement plus 5 years after its conclusion.

5. Data subject rights

You have the right to access your data, to rectification, erasure, restriction of processing and data portability, as well as the right to object and to lodge a complaint with the President of the Polish Data Protection Authority (UODO).

6. Recipients of data and processors

Personal data may be entrusted to the following processors, acting under data processing agreements (Article 28 GDPR):

  • Vercel Inc. (Delaware, USA) - hosting of the snok.ai site and Vercel Web Analytics (cookieless, aggregated analytics without personal identifiers).
  • Resend Inc. (Delaware, USA) - delivery of emails sent from the contact form.
  • HubSpot Inc. (Massachusetts, USA) - CRM system used to manage enquiries and any subsequent business communication.
  • Microsoft Corporation (Washington, USA / EU) - Microsoft 365 mailbox for the snok.ai domain.
  • Google LLC (Delaware, USA) - Google Analytics 4, loaded only after consent is given in the cookie banner (Google Signals disabled - no advertising profiling).

Transfers of data to the USA are carried out on the basis of the European Commission's adequacy decision on the EU-US Data Privacy Framework (decision of 10 July 2023) and standard contractual clauses (SCCs) as an additional safeguard.

7. No profiling or automated decision-making

We do not make decisions based solely on automated processing or profiling within the meaning of Article 22 GDPR. The site uses Google Analytics 4 only after consent given in the cookie banner (Google Consent Mode v2, denied by default) - Google Signals and advertising features are disabled, so data is not combined with advertising profiles. See the cookie policy for details. The site does not use Meta Pixel, LinkedIn Insight Tag or similar advertising profiling mechanisms.

8. Information security

SNOK Sp. z o.o. holds ISO/IEC 27001:2022 certification (information security management) and ISO 9001:2015 certification (quality management). Data processing uses encryption in transit (TLS 1.3) and role-based access control.

9. Changes to this policy

We give 14 days' notice of any material changes to this policy on the homepage. The current version is always available at snok.ai/en/privacy-policy.

Get in touch