Privacy notice

This information about privacy principles (Privacy Notice) contains methods adopted by CRIF Spółka z ograniczoną odpowiedzialnością with its registered office in Kraków at 34 Lublańska Str., 31-476 Kraków, incorporated in the Trade Register of the National Court Registry maintained by the District Court for Kraków-Śródmieście in Kraków, 11th Economic Department of the National Court Registry under number KRS 0000185908, VAT Reg. Number: 5251556766, share capital: 3.163.500,00 PLN, hereinafter called CRIF, for the purpose of managing its website: and processing personal data of its users. It refers to information collected by CRIF on persons visiting its website, users registered on the website as well as users of services provided by CRIF. CRIF is the administrator of personal data collected by CRIF in connection with the use of the website;, which hosting and administration is handled by CRIF. It has got a significant meaning especially in connection with entry into force of Regulation (EU) 2016/679 of The European Parliament and of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR.

General information
CRIF is a member of CRIF Group and deals with, inter alia, the supply of risk management solutions based on CSP. CRIF has a team of several experienced engineers and data analysts. Owing to the above, CRIF offers a full assortment of advanced products and solutions related to optimization of the process of making the lending decisions.
This policy specifies the purpose for which the personal data are used as well as the details regarding the use of cookies files and similar technologies (such as beacons) in order to enable the user to effectively search our website. Moreover, this document sets forth details such as the information protection methods used by us. Those protection practices and methods shall cover everyone having any contact with our website, including customers, guests visiting the website or recipients of e-mail messages sent automatically by our website.

Rules of data processing
1. Via our website the user can contact CRIF by fulfilling contact form placed on this website.
2. In addition, in limited scope, CRIF can collect personal data automatically using cookies files inclued on our website.
3. The controller of the user`s personal data provided in a contact form is CRIF Sp. z o.o. with its registered seat in Krakow, ul. Lublańska 34, 31–476 Krakow, mail:, tel. no. +48 12 291 55 85.
4. Contact details of the data protection officer are:
5. Personal data provided in a contact form are processed, according to consents granted by the user, to:
a) process questions addressed by the user to CRIF;
b) provide the user by electronic mail with commercial information within the meaning of the Act of 18 July 2002 on providing electronic services, uniformed text Journal of Laws 2017.1219 as amended, and conducting direct marketing using telecommunication end devices and automatically calling up systems within the meaning of the act of 16 July 2004 Telecommunication Law, uniformed text Journal of Laws 2017.1907 as amended.
6. The legal basis for processing of personal data is the user`s consent.
7. Granting consent and providing data is voluntary with the reservation that providing personal data indicated as obligatory and providing at least e-mail address or telephone number and granting consent on processing personal data for purposes of processing questions addressed by the user to CRIF is obligatory to addresses questions to CRIF.
8. The user has got the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
9. The user`s personal data provided in the contact form are stored:
a) for the time of process of questions addressed by the user to CRIF – in case of granting consent for process data to process questions addressed by the user to CRIF;
b) till the moment of the consent withdrawal – in case of granting consent for providing the user by electronic mail with commercial information and conducting direct marketing.
10. In addition CRIF process data collected by CRIF for the following purposes resulting from legitimate interests pursued by CRIF, for the time of existence of CRIF`s legitimate interests or till the moment of the user`s object to processing:
a) hosting and infrastructure facilities;
b) analysis and statistics of activity regarding the users of our website.
11. The user has got the right to request access to and rectification or erasure of personal data or restriction of processing as well as the right to object and the right to data portability.
12. The user has got the right to lodge a complaint with a supervisory authority.

The use of cookies files by CRIF
In order to obtain detailed information on what “cookies” are (small text files which are stored on a user’s computer by the server of the website), what they do and which cookies files are actually used by us, please read our Cookies Files Policy.

Methods of data processing
Data shall be processed appropriately and according to the law in order to ensure data security and confidentiality. Personal data shall be processed using electronic devices or other systems of the highest possible computerized type.
CRIF states that they ensure sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of the rights of the data subjects. Especially CRIF`s IT system ensures, by proper technical and organizational measures, personal data processing in a manner ensuring proper security of personal data, including protection against illicit or illegal processing and accidental lost, destruction or damage.

Types of data processing
IT systems as well as software procedures used to manage this website acquire personal data in the course of its normal operation. Transfer of such data is included in the use of Internet Protocols. The aforementioned information is not collected to correlate them with identified persons but due to their nature may facilitate user identification in the course of processing and associating with data stored by third parties. The type of collected data includes IP addresses, names of users’ computer domains used to connect with this website, addresses of resources in URI (Uniform Resource Identifier) standard, the time of filing an inquiry about resources, the method used to send inquiry to the server and other parameters connected with the user’s operating system and the computing environment.

Links to other/external websites
Our website may contain links which allow an easy access to other websites that may interest you. Using any such links for the purpose of leaving our website, one has to pay attention to the fact that CRIF exercises no control over other websites. For this reason we assume no liability for protection and confidentiality of information provided by you during visiting such websites that are not covered by our privacy policy. CRIF shall not be liable for any such websites. You are advised to exercise caution while providing personal information on Internet and to read the privacy principles regarding the specific website.
In view of ensuring the maximum of security, we check on a day-to-day basis and implement new technologies. CRIF assumes no liability for the content or privacy practices applied by other websites to which links have been placed on CRIF website.

Changes to our Privacy Notice
This Privacy Notice may be amended or modified from time to time by posting the updated version of the Privacy Notice on the CRIF website prior to introducing any material changes.

In case of any queries regarding the present Privacy Notice please contact us at