Privacy Policy


  1. This document defines the Privacy Policy of internet website, which includes, in particular, regulations on personal data protection and security of other data provided to the shop by the User.
  2. The Privacy Policy constitutes an integral appendix to ToS.


  1. Controller – co.brick Sp. z o.o. with registered seat in Gliwice ul. Gwarków 8 lok. 12, 44-100 Gliwice, registered under KRS no. 0000546609, NIP 6312656512, e-mail:;
  2. Service – internet website with all its subsites;
  3. Parties – Controller and User;
  4. User – natural person who uses the Service and provides within its framework his or her personal data.


  1. The Controller is the administrator of the personal data in the understanding of the General Data Protection Regulation of April 27th, 2016. (GDPR)
  2. The Controller processes the data in the scope and time and for the purpose specified each time in the contents shared under the form used to collect personal data from the user.
  3. The personal data shall be transferred exclusively to Controller’s trustworthy subcontractors, i.e. IT service providers, accounting company, administration.


  1. In case of changes to personal data, the User should update the data by sending an appropriate message to the Controller.
  2. The user has the right to request access to the content of his or her personal data, data rectification and deletion and the right to limit the processing of the data. Moreover, the user holds the right to withdraw the consent, at any time, regardless of the impact on compliance with law on data processing, the right to data transfer and the right to object to the processing of personal data.
  3. The User has the right to file a complaint with the President of Personal Data Protection Office.
  4. It is voluntary to provide personal data, however lack of consent to process the data renders use of the Service impossible.
  5. The Controller may refuse to delete User’s personal data, if the preservation of the personal data is required due to the obligation imposed on to the Controller by the provisions of law.


  1. The Controller shall take all technical and organisational measures possible in order to ensure the safety of User’s personal data and protect the said data against accidental or intentional destruction, accidental loss, alteration, unauthorised or unlawful disclosure or access. The information is stored and processed on servers with high level of protection and maintaining proper safety levels in compliance with the requirements of Polish law.
  2. The Controller is obliged to store backup containing User’s personal data.
  3. The entrusted data are stored on high-end equipment and servers located in appropriately protected data centres, which can be accessed only by authorised personnel.
  4. The Controller conducts the actions related to personal data processing in compliance with all legal and technical requirements imposed on him by the provisions on protection of personal data.


  1. For User’s convenience the Service uses cookies, among others in order to adjust the Service to the needs of the Users and for statistical purposes. Cookies are small size text files send by internet service, that is visited by the internet user, to the user’s device.
  2. The Service uses two types of cookies: session cookies and persistent cookies. Session cookies are temporary files, stored in User’s terminal device until the User logs out, leaves the website or disables the software (internet browser). Persistent cookies are stored at User’s terminal device through definite period of time, defined in the cookies’ parameters or until they are deleted by the User.
  3. The Service uses the following types of Cookies:
    1. “essential” – enable the use of services available in the framework of the Service, e.g. they are used to handle user authorisation,
    2. security” – ensure security, e.g. they are used to detect misuse of services offered by the Service,
    3. performance” – allow to collect the information on the way the Service is used,
    4. functional” – allow to save the settings selected by the User, as well as User’s interface, e.g. regarding choice of language, region the User comes from, font size, Service layout etc.
    5. advertising” – allow to provide the user with personalised advertisements, adjusted to User’s interests,
    6. integrational” – related to third party services used in the Service e.g. Google Analytics,
  4. Third party Services, the materials of which we present, may also use cookies, which allow logging, and are used to deliver adds relevant to the preferences and behaviour of the user.
  5. Settings regarding cookies can be modified from the level of internet browser Lack of modifications to those settings is understood as acceptance of the use of the cookies.

§7 [LOGS]

  1. In line with the practice of majority of www services, we store HTTP requests directed to our server (server’s logs). In relation to the above we store:
    1. IP addresses, from which the users view the contents of our Service;
    2. time when the request was received;
    3. time when the response was sent;
    4. name of client station – identification executed by HTTP protocol;
    5. information on issues which occurred during the execution of the HTTP transaction,
    6. reference link – URL address of the website previously visited by the User;
    7. information on Users browser.
  2. Data collected in log files are used exclusively for the purpose of Service administration.
  3. The collected logs are stored for indefinite period of time as additional material used for Service administration. Their content is made available only to authorised Service administrators. Log files may be used to create statistics supporting system administration. Collective summary in the form of such statistics does not contain any traits characterising particular persons visiting the Service.


  1. The User may at any time contact the Controller in order to obtain the information on whether and how the Controller uses his or her personal data.
  2. The User may also ask the Controller to delete his or her personal data in total or given part of it.
  3. To contact the Controller please send an email to: