1. General information

1.1. About us

The owner of the website: https://mamczur.com and https://innovation-advocate.com (hereinafter each referred to as: “Website”) is:

Adwokat Joanna Mamczur – Kancelaria Adwokacka (hereinafter: “Law Firm”)

Address: Rondo ONZ 1/ Poziom 10, 00-124 Warsaw, Poland

Contact by email: office @ mamczur.com

NIP number (tax ID) 727 259 46 55

“Mamczur Law Firm” is the commercial brand used by us in public communication.

Joanna Mamczur is an advocate entered on the list of the Okręgowa Rada Adwokacka (District Bar Council) in Warsaw.

The site is available in Polish and English.

1.2. GDPR

This Privacy Policy is an integral whole with the legal advice agreements concluded with the Law Firm.

This Privacy Policy aims to ensure compliance of the processing of personal data with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, also referred to as the “GDPR”)

In connection with the above, terms not defined separately in this Privacy Policy should be interpreted in accordance with the terminology specified in the GDPR.

In particular:

•           “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

•           “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

The following rules apply to all personal data that we collect from you using our website (main address: www.mamczur.com) – in both language versions, as well as via e-mail correspondence, social media, traditional mail, telephone and other forms of communication. In cases where you provide us with personal data such as name, surname, e-mail address, data on legal question submitted by you or documents provided to us necessary to prepare documentation, proceedings and/or negotiations in connection with our main activity – i.e. legal advice, we act as the administrator of personal data within the meaning of the GDPR.

In some cases, such as conducting audits and other forms of control undertaken by us at the client’s request, the Law Firm acts as the data processor within the meaning of the GDPR.

2. Principles of processing operational data

2.1. User

The User is any natural or legal person who directly accesses the information available on the Website.


The information contained in system logs (e.g. IP address) resulting from the general rules of Internet connections is used by the Website for technical purposes related to the administration of our servers. In addition, IP addresses are used to collect general, statistical information about visits to the site, without detailed demographics. This type of information is automatically deleted 26 months after it has been registered in the statistical tool. In some cases, the identification and associated personalized (personalized) access to websites may be based on cookies (so-called “cookies”). Cookies, i.e. types of computer code, can also be used to collect general, statistical information about the use of our services by Users and in order to ensure the proper display of the Website. You will find additional information on cookies in the box displayed on our website upon your visit. Our website Mamczur.com is covered by a SSL certificate.

2.3. Contact Forms

The contact form on our website redirects email communication to the associated email address regularly checked on business days. The e-mail system is equipped with an anti-spam mechanism that can block some e-mails sent to us. In such cases, we do not process personal data, as they are automatically blocked before reaching us. If you experience such communication problems, you can contact us via traditional mail and telephone. Contact details are provided in the “Contact” tab of our website.

2.4. References to the content of other websites

Articles posted on this website may contain elements of other websites (such as movies, images, articles, etc.). These elements work in the same way as the website from which they originate.

These websites may collect personal data, cookies, external tracking programs, as well as monitor user interactions with externally placed elements, if the user has an account on this page and is logged in.


The website has the technical ability to create a comments section. As a rule, we do not publish comments, and any comments added by Users are usually deleted by us, along with related information after reading their content. When visitors leave comments, we collect the data presented in the comment, the IP address of the commenter and the User Agent String of the browser to eliminate spam. An anonymous email address string (so-called hash) can be made available to Gravatar to determine if this address is used. The Gravatar privacy policy is available at: https://automatic.com/privacy/. After accepting the comment, the author’s profile picture can be made public with the comment. However, as a general rule, we do not provide the option to post comments or other external information as part of our website. This type of information is promptly deleted after its review.

2.6. Media

When placing images on our website or sharing them with us by email, pay special attention not to send files bearing location data (EXIF GPS) because visitors to the site have the option of downloading such images and obtaining such location information from them.

2.7. Entities from third countries

We do not disclose personal data to entities from third countries, with the exception of an e-mail service provider based on servers located in the European Union or belonging to service providers registered under the Privacy Shield. By sending us an email you accept the processing of your personal data by such external servers. For additional information, you can contact us individually.

2.8. How long do we process personal data

Personal data processed as part of activities related to legal advice and representation are processed for the duration of the contract with the Law Firm or for the duration of the proceedings or longer if such a need results from the concluded contract or the provisions of generally applicable law.

In addition, after the termination of the contract, the User’s data will be stored due to the obligations arising from accounting and tax regulations, for the duration thereof, and for legal security reasons, until any claims expire.

You have the right to request information about what personal data about you are processed by us and to request their rectification. You can also request the deletion of your data. This does not apply to data whose further processing is necessary for administrative, legal or security purposes.

We reserve the right to permanently delete data provided to us using our website, comments, contact form, e-mail or telephone in the event of failure to conclude a contract with the person providing the data.

If you provide us with a comment, its content and related metadata are stored indefinitely, subject to the circumstances when such comments are deleted in accordance with the provisions of this Privacy Policy. This is necessary to recognize and approve subsequent related comments. In accordance with our policy, comments are removed from the website after becoming familiar with them.

Visitors’ comments may be subject to control by an automatic spam detection system.

2.9. Contact details

We do not automatically collect any contact information. This type of data will only be available to us in the event that you decide to contact us or instruct such contact to a third party. In order to contact us you can use the form available on our website or write to us at the address of the headquarters provided at the beginning of the Privacy Policy.

3. Personal data protection

Our policy is to minimize the scope of processed personal data of our clients / potential clients, whose data we process based on concluded contracts to provide legal advice or legal representation in individual cases or matters of organizations cooperating with them (Article 6 (1) b) GDPR).

We work mainly with entrepreneurs, including companies, international corporations and as a rule we limit the scope of legal advice to the area of ​​commercial law. The personal data processed by us usually includes persons authorized to represent such entities. In principle, we do not process detailed employee personal data or client’s accounting data. We do not handle family law cases, cases related to the care of minors, health injury cases, insurance cases and criminal cases – so we do not process this type of personal data.

In the case of requirements related to accounting or generally applicable law, we may be required to process personal data provided to us for the period required by such regulations or resulting from decisions of administrative or judicial bodies (Article 6 (1) b) GDPR).

Due to the nature of our public trust profession, we may be required to process certain personal data to fulfill our legal interest as a data controller, the legal interest of a third party, or to protect individuals.

4. User rights

In connection with the processing of personal data by the Law Firm, Users have a number of rights:

• The User may obtain information on how and to what extent the Law Firm processes data and additionally receive a copy of his personal data processed by the Law Firm. The Law Firm may charge a fee for the second and subsequent copies, of which the User will be notified. The amount of the fee will correspond to the costs of preparing a copy of personal data;

• The User may request the rectification of their data (if they have been incorrectly saved or changed), their removal (if there is no reason for it to be processed by the Law Firm) or processing restrictions (if the User wants the Law Firm to process his data only to a limited extent , pending consideration of his objection or request for rectification of the data, and also if he wants the data to be stored in connection with his claims);

• The User may request the transfer of their data provided to the Law Firm, in a structured, commonly used, machine-readable format. The User can pass the received data on to another administrator of their choice. In addition, if it is technically possible, while maintaining appropriate security standards, we may do so for you at your request;

• If the processing of User’s data by the Law Firm is based on the legitimate interest of the data controller – the User may object to such processing.

If the User considers that the processing of their data by the Law Firm violates his rights – they can contact us. We try to respond to the comments and suggestions of our Users.

5. Processing of personal data

The Law Firm processes personal data in a manner consistent with applicable law on the principles set out in the Privacy Policy, in particular regarding adequate data protection.

The Law Firm processes the User’s personal data to the extent necessary to establish, shape the content, change, terminate and correctly perform the services provided electronically and in direct relationship with the client, using paper documentation.

In particular, we process Users’ personal data:

1. in order to perform the contract concluded by the User with the Law Firm (including, inter alia, the implementation of the offer, communication related to the provision of services, communication via the form and for the statistical purposes of the Website). The basis for processing is the necessity to perform the contract (art.6 par.1 lit.b RODO).

2. to handle complaints and any other claims. The basis for processing is the Law Firm’s legitimate interest (art.6 par.1 lit.f RODO), consisting in securing information about cooperation (including, among others, about the history of orders and communication with us) in order to handle any claims;

3. in order to provide direct marketing content to the User by the Law Firm consisting in the possibility of cooperation with our partners. The legal basis for processing is the User’s consent (art.6 par.1 lit.a RODO); communication in this regard will consist of delivering ordered marketing communications, including in the form of e-mail messages, telephone or sms containing information about current offers. The processing of your data for this purpose takes place only if you have agreed to receive marketing information by electronic means.

The User’s personal data will be processed in an IT environment, which means that it may also be temporarily stored and processed in order to ensure the security and proper functioning of IT systems, e.g. in connection with making backup copies, testing changes in IT systems, detecting irregularities or protecting against abuses and attacks.

6. Storage and protection of information

Users’ personal data is stored in a database that uses technical and organizational measures to ensure the protection of processed data in accordance with the requirements set out in the provisions on the protection of personal data, in particular in the GDPR.

Access to the database containing personal data is only available to IT system administrators who have special authorizations granted by the Law Firm (as the data controller).

In connection with the services that external entities provide to the Law Firm, these entities may gain access to the User’s personal data to the extent necessary for the implementation of these services. These entities are providers of IT services and systems, postal operators, courier companies, payment operators, providers of consulting, legal or auditing services, and other external subcontractors.

To the extent that the basis for the processing of your data is consent, your data will be processed until its withdrawal. You can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of the processing carried out before its withdrawal. If you want to withdraw your consent to the processing of personal data, please send an e-mail or letter to the address provided in point 1 of this Privacy Policy.

7. Right to verify, modify and delete personal data. Restrictions.

The User has the right to view his data at any time and has the option of updating, changing and deleting it. To prevent re-registration of persons whose access to services has been terminated due to illegal activities, we may refuse to delete the data necessary to block the possibility of re-registration. The refusal to delete data also takes place in the cases provided for by law, including the provision of art. 17 clause 3 GDPR.

8. Links to other websites

The Law Firm has no impact on the privacy policies applied by the owners or administrators of other websites (including social media such as www.facebook.com, www.linkedin.com, www.twitter.com, www.youtube.com, www.prezi.com) and therefore is not responsible for their scope or implementation by these websites. We encourage you to read the statements, regulations and policies on the protection of privacy placed on websites collecting personal data, the principles of data processing and related liability are defined by the data controllers of individual external services.

In particular, please note that by contacting us via social media platforms such as LinkedIn, Twitter, Facebook, YouTube, Prezi instant messaging and other internet platforms, you voluntarily provide your personal data to corporations owned by the said platforms (including software licensors and infrastructure owners hardware). As part of these platforms, we operate on the same principles as other users – therefore, the owners of these platforms act as data controllers and their privacy policies apply to the processing of this data. To protect your privacy, we recommend minimizing the scope of communication with us using these platforms. We recommend using email or telephone to contact you for advice or legal representation.

9. Information sent to the User

The Law Firm’s communication with the User concerns business operations in the field of legal advice.

At the moment we do not send newsletter or other forms of cyclical electronic or letter communication. We do not conduct direct marketing activities. We do not use an automated decision making process regarding personal data.

Personal data provided to us are not collected or sorted into a single CRM file to reduce system risk. Personal data processed on electronic devices are protected by a firewall and anti-malaware and anti-virus software. Email systems are covered by the Data Security & ISO 27001 certificate. Physical access to personal data is limited to authorized lawyers and supporting administrative staff.

In cases not related to business activity (in particular in the field of legal advice and legal representation), communication addressed to us will be treated as private contact and in accordance with the content of Article 2 point 2 letter c GDPR not covered by the scope of the GDPR.

10. Supervisory authority

The User also has the right to file a complaint with the supervisory authority in Poland – President of the Office for Personal Data Protection – ul. Stawki 2, 00-193 Warsaw, kancelaria@uodo.gov.pl, www.uodo.gov.pl.