Privacy Policy and Cookie Policy
Bista Standard Sp. z o. o. in Bydgoszcz
Document version and date: 12.2025

Website privacy policy and information about cookies

This Policy is addressed to users of the website https://bista.pl/ [hereinafter referred to as the "Website"]. When you use the services (functionalities) of the Website and when using cookies, you may provide personal data related to this use. The entity indicated below then becomes the controller of your personal data.

GDPR, or rather Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), is an EU legal act concerning the protection of personal data. Anyone processing personal data is generally obligated to comply with it.

The Policy describes the principles of personal data processing, as well as the principles of collecting and using website users' data, which is collected directly from them or via cookies and similar technologies.

  1. Data administrator and contact

The controller of your personal data is: Bista Standard Sp. z o. o. with its registered office in Bydgoszcz, address: ul. Smoleńska 29, 85-871 Bydgoszcz, registration data – KRS: 0000197822, REGON: 0931574620,
NIP: 5542559901 (hereinafter referred to as the “Administrator”), e-mail: biuro@bista.pl, +48 501 740 012.

In matters related to the processing of your data by the Administrator, you can contact us using the above address details, in particular at the e-mail address: biuro@bista.pl.

  1. Scope and source of collected data
  1. Through the use of cookies and similar technologies, the Administrator collects data related to your activity in order to temporarily record user sessions on the website (e.g. time spent on the website, number of subpages viewed, date and source of the visit).
  2. If you used the services (functionalities) of the Website or contacted the Controller via the Website (e.g. via the contact form), the data was made available to the Controller directly from you.
  3. Decisions regarding Users of the Service will not be made in a solely automated manner, including data will not be subject to profiling.
  1. Purpose and legal basis for the processing of personal data
  1. Your data may be processed for the purpose of:
  1. maintaining Website statistics (for network traffic analysis),
  2. temporarily saving user sessions on the website,
  3. ensuring security within the Website,
  4. using the contact form, which you can read more about in point IX of the privacy policy.
  5. Your data is processed on the basis of:
  1. the legitimate interest of the Controller (Article 6, paragraph 1, letter f of the GDPR), which is to adapt the content of the Website to your needs, ensure the security of services and improve them;
  2. in the scope of voluntary cookies and similar technologies – based on your consent (Article 6, paragraph 1, letter a of the GDPR);
  3. in order to respond to a request for quotation or a product inquiry before establishing cooperation, i.e. to conclude and perform a contract to which the data subject is a party, and to take steps before concluding a contract (pursuant to Article 6(1)(b) of the GDPR).
  1. Requirement and voluntary nature of data provision
  1. You may prohibit the receipt of voluntary cookies, but disabling or limiting the use of cookies may cause quite serious difficulties in using the Website, e.g. longer page loading times or limitations in the use of functionalities.
  2. To the extent your data is processed based on consent, you may withdraw your consent at any time by contacting the Controller. Withdrawing consent may make it difficult or impossible to contact you.
  1. Rights resulting from the GDPR in the field of data processed

You have the right to request from the Administrator:

  1. access to your data;
  2. receiving a copy of the data;
  3. rectification or correction of data – for example, if you notice that the data is incorrect or incomplete;
  4. deletion of data;
  5. processing restrictions.

In matters related to the processing of your personal data by the Administrator, you have the right to lodge a complaint with the President of the Personal Data Protection Office.

  1. Recipients of your personal data

The recipients of your personal data may be, in particular: entities providing IT services, including e-mail and hosting, legal and archiving services, as well as authorized public authorities and external websites, including Google in the scope of the tools used by the Website.

  1. Duration of data storage

Your personal data will be stored:

  1. in the scope of fulfilling the legal obligations incumbent on the Controller, the data will be processed for the period of fulfilling these legal obligations, and after that period for the period resulting from the provisions of generally applicable law; 
  2. within the scope of the legitimate interests of the Controller, the data will be processed for a period no longer than until the objection to the processing of personal data is positively considered;
  3. to the extent that data is processed on the basis of your consent – ​​until it is withdrawn;
  4. Data related to web traffic analysis collected via cookies and similar technologies may be stored until the cookie expires.
  1. Data transfer to a third country or an international organization

Your data may be transferred to third countries outside the European Economic Area only when necessary and with an adequate level of protection. Please be advised that, in connection with maintaining social media profiles, the administrators of these services (Facebook, LinkedIn, Google) may transfer some of their users' personal data outside the European Economic Area. We also point out that these social media administrators apply appropriate safeguards for data transfer to countries outside the EEA in the form of standard contractual clauses. Detailed information on data transfer outside the EEA is contained in their privacy policies, available on their websites.

  1. Regulations regarding the contact form available on the Website
  1. In the scope of the contact form, the Website enables you to contact the Administrator and provide him with your identification, contact details, as well as data related to the content of the message.
  2. If you contacted the Controller via a form, your data was provided to the Controller directly by you. If your data was provided in connection with a matter being handled by the person who referred the matter to the Controller, the source of the data is that person (for example, an employee providing personal data to their employer).
  3. Personal data will be processed for the purpose of responding to a request for quotation or product inquiry prior to establishing cooperation, pursuant to Article 6(1)(b) of the GDPR, i.e. to conclude and perform a contract to which the data subject is a party, and to take pre-contractual steps.
  4. Providing data in the form is voluntary, but necessary to consider the application and possibly conclude a contract.
  5. The recipients of personal data may be: entities providing IT, legal and archiving services, and authorized public authorities.
  6. The data will be processed for the period necessary to provide a response, submit an offer, conduct negotiations, conclude a contract and other activities aimed at or likely to result in establishing cooperation/selling goods in connection with the use of the form, and after that time the data will be processed for the period required by law or for the period necessary to defend or pursue claims.
  7. If the contact form is used for a purpose other than sending a request for quotation (inquiry about a product or service), the data will be processed for the purpose of answering the questions asked, conducting correspondence in order to settle the matter, on the basis of the legitimate interest of the controller, which is to fulfil user requests (Article 6 paragraph 1 letter f of the GDPR).
  1. Functions of cookies and similar technologies
  1. The website enables the collection of short text information about the user via cookies and similar technologies. Using cookies involves installing them on the user's device (computer, smartphone, tablet, etc.).
  2. Cookies on the Website store information that is necessary to perform the following functions:
  1. ensuring security – they are used to protect your data against unauthorized access by third parties;
  2. impact on the processes and efficiency of using the website - in order to ensure the smooth operation of the Website, enabling you to use the functions available on the Website, which is possible, among other things, by remembering settings;
  3. saving the session state – in order to improve the Website, increase the comfort of browsing the Website; they save information about how you use the Website;
  4. maintaining session state - they allow you to keep your session active;
  5. Creating statistics – used to analyze how you use the website (e.g., time spent on the website, number of subpages viewed, date and source of the visit). The goal is to improve the Website and adapt it to user activity. For statistical purposes, the Website uses Google tools, such as Google Analytics, which, along with some of the cookies described above, can help display more relevant content to users across Google services (e.g., in the Google search engine).
  1. Anonymization of cookies and web browser settings
  1. When visiting the Website, you can consent to the use of cookies. By default, most browsers allow all cookies. However, you can configure your web browser to block certain types of cookies and other technologies, for example, by specifying that you only accept those necessary (e.g., for proper page display). You can change your settings at any time by finding the appropriate option in your browser settings.
  2. This website uses cookies to provide you with the best possible user experience. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team understand which sections of the website you find most interesting and useful.
  3. The User has the option of using the Website in so-called incognito mode, which blocks the collection of data about his or her visit.
  4. Using the website without changing your browser settings, i.e. with the default acceptance of cookies and similar technologies, and accepting such settings when using the website (in the pop-up window), means consent to the use of cookies for the purposes specified above.
  5. Cookie settings can be changed by clicking the gear icon in the lower left corner of the website along with the note "Change cookie settings".
  6. Strictly Necessary Cookies should always be enabled so that we can save your preferences for cookie settings.
  7. This website uses Google Analytics to collect anonymous information, such as the number of visitors and the most popular pages. Enabling this cookie helps us improve our website but is optional.
  1. Miscellaneous

This Privacy Policy may change if an update is required due to, in particular, changes in legal regulations, technological advancements, or changes in the operation of the Website. Information about changes to the Privacy Policy will be posted on the Website.