Privacy policy

This document is a detailed story of how we process your personal data and protect your privacy.

From this document you will learn:

  • for what purposes and for how long we will process your personal data,

  • what categories of entities may have access to your personal data,

  • what rights you may exercise in relation to the processing of your personal data,

  • how is the use of cookies regulated.

The prepared Policy is closely related to the need to apply the new data processing requirements resulting from EU data protection legislation, i.e. Regulation 2016/679, also known as GDPR.

What do the terms used in the Privacy Policy mean? 

1. Prepper / Controller – FOLX HR Sp. z o.o. with headquarters at ul. Puławska 39/40, 02-508 Warszawa, email: [email protected]

2. User- any natural person visiting the Website or using one or more services or functionalities made available on the Website.

3. GDPR - General Data Protection Regulation of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

4. Personal data  - any information relating to an identified or identifiable natural person ("data subject").

5. Account - Employer Panel or User Account, respectively - a set of resources and functionalities created for either the Employer or the User, used to manage the services provided by the Website.

6. Client / Employer - a legal person, an organizational unit without legal personality (organizational units with no legal personality but which are granted legal capacity under the law), as well as a natural person running a business, using the Services provided by Prepper in connection with the conducted business activity, as well as an entity acting for and on behalf of the Employer.

7. Cookies - IT data, in particular text files, which are stored on the Website User's end device and are intended for using the Website's pages.

8. Policy - this Privacy Policy.

9. Website - the website run by the Controller at

Who is your personal data Controller? 

The Controller of your personal data is FOLX HR Sp. z o.o. with its registered office at ul. Puławska 39/40, 02-508 Warszawa. Contact with the Controller is possible in writing to the address indicated above, or by the email address: email: [email protected].

What is the purpose and the legal grounds for processing your data? 

Below you can find purposes and legal grounds for processing personal data for Users:

  1. to provide electronic services in the field of providing Users with the content collected on the Website - the legal basis is the necessity to process for the performance of the contract [Article 6 section 1 b) of the GDPR]

  2. in order to carry out marketing of services of the Website [Article 6 section 1 f) of the GDPR]

  3. in order to ensure security of the Website and provided services [Article 6 section 1 f) of the GDPR]

  4. in order to comply with obligations relating to the exercise of the rights set out in the GDPR [Article 6 section 1 c) of the GDPR]

What rights may you exercise in relation to the processing of your personal data? 

Within the limits of the relevant provisions of the applicable law relating to the processing of your personal data by Prepper, you may exercise the following rights:

  1. access – you have the right to obtain from the Controller confirmation as to whether or not personal data are being processed, including but not limited to [under article 15 of GDPR]:  - the legal basis of the processing, - the purposes of the processing, - the categories of personal data, - the recipients or categories of recipients to whom the personal data have been or will be disclosed.

  2. copy – you have the right to receive the copy of all personal data being processed [under article 15 of GDPR],

  3. rectification – you have the right to obtain without undue delay the rectification of inaccurate personal data [under article 16 of GDPR],

  4. supplement – you have the right to have incomplete personal data supplemented [under article 16 of GDPR],

  5. erasure – you have the right to demand the deletion of data [under article 17 of GDPR], restriction of processing – you have the right to obtain from the Controller the temporary or permanent restriction of the processing of all or some of your personal data in all cases [under article 18 of GDPR].

How should you submit a request for the exercise of your rights? 

If you would like to access, correct, update or delete any personal data you should contact us via electronic form using email address: [email protected] If possible the application should precisely determine the requested features, in particular:  you should indicate the right you want to execute (listed above in paragraph 4), you should specify the processing requested, you should identify the purposes of the processing requested.

If we determine the need to clarify the content of the application Prepper will contact you without undue delay.

Prepper will reply to the application as soon as possible, not longer than a month, starting from the date of receiving the application. The reply will be provided to the email address which was used to send the application.

How long do we process your personal data? 

The duration of data processing depends on the type of service provided, the purpose of processing and the legal basis:

  1. if Prepper processes personal data on the basis of consent, the processing period lasts until the consent is withdrawn,

  2. if Prepper processes your personal data based on our legitimate interests (other than processing for marketing purposes), e.g. to provide certain services/development or to keep statistics, we will process your personal data until your objection to the processing of your data for these purposes is deemed to be effective,

  3. if Prepper processes cookies, Prepper will process your personal data for the period in which cookies will be stored on your device.

Who can we share your data with? 

In connection with the provision of specific services to us by external parties, these parties may gain access to your personal data to the extent necessary to provide these services. In this connection, personal data may be shared in particular with:

  1. entities providing hosting services,

  2. providers of email and chat systems,

  3. banking companies,

  4. payment operators.

Cookies Policy

Cookies are small blocks of data created by a web server while you are browsing the website and placed on your computer or other device by your web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a device during a session. On our Website we use only the cookies that are strictly necessary for us to provide the services of the following types: temporary cookies - to determine if your browser accepts cookies, this cookie contains no personal data and is discarded when you close your browser, Google Analytics cookies - are files used by the Google company to analyze how the User uses the Website, to create statistics and analyzes on the functioning of the Website. Google does not use the collected data to identify the User. Information on the scope and principles of data collection in connection with this service can be found at the link:

You can change the cookie settings in your browser at any time to limit or even block their automatic handling, but it may result in reducing the usability of the Website and may even make the usage of selected services impossible.