Legal document

Privacy Policy

Last updated: February 17, 2026

1. Data Controller

The controller of personal data is KPXTG GROUP sp. z o.o. (hereinafter: "Controller"), registered in the National Court Register under KRS: 0001190339, NIP: 6793339480, REGON: 542528112, with its registered office in Krakow at: Kalwaryjska 69/9, 30-504 Krakow, Poland.

Contact regarding data protection matters: contact@defenstra.pl

2. Scope of Collected Data

When using the defenstra.pl website, we may collect the following data:

2.1. Contact Form

  • Full name
  • Email address
  • Phone number (optional)
  • Message content

2.2. Automatically Collected Data

  • IP address
  • Browser type and operating system
  • Website activity data (via Google Analytics)
  • Technical data required for CAPTCHA verification (Cloudflare Turnstile)

3. Purposes and Legal Basis for Processing

Purpose Legal Basis
Responding to contact form inquiries Art. 6(1)(a) GDPR (consent)
Analytics and website improvement Art. 6(1)(f) GDPR (legitimate interest)
Protecting the website against spam and bots Art. 6(1)(f) GDPR (legitimate interest)
Managing cookie consents Art. 6(1)(a) GDPR (consent)

4. Cookies

The defenstra.pl website uses cookies for the following purposes:

4.1. Cookiebot (Consent Management)

We use the Cookiebot platform to manage cookie consents. Cookiebot allows you to give, change, or withdraw consent for individual cookie categories. Data regarding consents is stored in accordance with legal requirements.

4.2. Google Analytics

We use Google Analytics (identifier: G-FQYVBMG6EN) to analyze website traffic. Google Analytics collects anonymous statistical data about visits, such as: pages visited, time spent on the site, and traffic source. This data is processed by Google LLC. More information: Google Privacy Policy.

4.3. Cloudflare Turnstile

To protect the contact form against spam and bots, we use Cloudflare Turnstile. This service processes technical data (including IP address, browser data) to verify whether the user is human. More information: Cloudflare Privacy Policy.

4.4. Managing Cookies

You can change your cookie settings at any time via the Cookiebot banner displayed on the website or through your browser settings. Blocking certain cookies may affect the functionality of the website.

5. Data Recipients

Personal data may be shared with the following categories of recipients:

  • Cloudflare, Inc. — hosting and content delivery (CDN), attack protection
  • Google LLC — web analytics (Google Analytics)
  • Cybot A/S (Cookiebot) — cookie consent management

The above recipients may process data outside the European Economic Area (EEA). In such cases, data transfer is based on Standard Contractual Clauses approved by the European Commission or adequacy decisions.

6. Data Retention Period

  • Contact form data — until the end of correspondence and fulfillment of the inquiry, no longer than 12 months from the last contact
  • Analytics cookie data — in accordance with Google Analytics retention policy (up to 14 months)
  • Consent data (Cookiebot) — for 12 months from the date of consent

7. Your Rights

Under the GDPR, you have the following rights:

  • Right of access — you can obtain information about your processed data
  • Right to rectification — you can request correction of inaccurate data
  • Right to erasure — you can request deletion of your data ("right to be forgotten")
  • Right to restriction of processing — you can request limitation of data processing
  • Right to data portability — you can request your data in a machine-readable format
  • Right to object — you can object to processing based on legitimate interest
  • Right to withdraw consent — you can withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal

To exercise any of the above rights, please contact us at: contact@defenstra.pl

You also have the right to lodge a complaint with the supervisory authority — the President of the Personal Data Protection Office (UODO) (ul. Stawki 2, 00-193 Warsaw, Poland, uodo.gov.pl).

8. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Data transmission encryption (SSL/TLS)
  • Hosting on Cloudflare infrastructure with DDoS protection
  • Form protection using Cloudflare Turnstile

9. Changes to This Privacy Policy

The Controller reserves the right to make changes to this Privacy Policy. Users will be informed of any significant changes through the update of the date on this page. We recommend regularly reviewing this document.

Back to homepage