Privacy Policy

Version 2.0

Effective Date: 01.12.2025

Introduction

ALLSTARSIT (“we,” “us,” or “our”) operates the website www.allstarsit.com (the “Site”). We respect your privacy and are committed to protecting your personal data in accordance with applicable privacy laws, including the EU General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”) other privacy laws where applicable.

This Privacy Policy explains how we collect, use, share, and protect your personal data when you visit our Site or submit information through our contact forms.

Who We Are

Data Controller:

ALLSTARS POLAND SP. Z O.O.

ul. Złota 75A/7

00-819 Warsaw, Poland

Email: star.team@allstarsit.com  

Data Protection Officer:

Email: dpo@allstarsit.com

Key Points

• We collect limited personal data: name, email, and optionally phone number and company name through our contact form;

• We use cookies to improve your experience and analyze Site performance;

• You have rights over your data, including access, deletion, and objection to processing;

• We do not sell your personal data;

• We implement appropriate security measures to protect your information.

1. Personal Data We Collect

Personal data means information that identifies or can be used to identify you as an individual.

1.1 Information You Provide to Us

When you submit our contact form, we collect:

• Name (required) – to address you appropriately;

• Email address (required) – to respond to your inquiry;

• Phone number (optional) – if you prefer phone contact;

• Company name (optional) – to understand your business context.

We do not collect sensitive personal data (such as health information, political opinions, or biometric data).

1.2 Information Collected Automatically

When you visit our Site, we automatically collect:

• Technical data: IP address, browser type and version, operating system, device type;

• Usage data: pages viewed, time spent on pages, links clicked, referral source;

• Cookie data: as described in Section 4 below.

This information is collected through cookies and similar technologies.

2. How We Use Your Data

We use your personal data for the following purposes:

2.1 To Respond to Your Inquiries

• Answer questions submitted through the contact form;

• Provide information about our services;

• Follow up on business opportunities.

2.2 To Improve Our Site

• Analyze how visitors use the Site;

• Identify technical issues and improve performance;

• Optimize user experience and content.

2.3 To Comply with Legal Obligations

• Respond to legal requests and court orders;

• Comply with tax, accounting, and regulatory requirements;

• Prevent fraud and maintain security.

2.4 For Legitimate Business Interests

• Maintain and improve our business operations;

• Develop new services and features;

• Conduct analytics and research.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:

Consent: When you submit the contact form, you consent to our processing of your data to respond to your inquiry. You may withdraw consent at any time.

Legitimate Interests: We have legitimate interests in:

• Analyzing Site usage to improve functionality and content;

• Maintaining security and preventing fraud;

• Operating and improving our business.

We balance these interests against your rights and only process data when our interests do not override your fundamental rights.

Legal Obligation: We process data when required by law, such as responding to valid legal requests or maintaining records for tax purposes (if any).

4. Cookies and Tracking Technologies

4.1 What Are Cookies

Cookies are small text files stored on your device when you visit a website. They help us recognize your browser and remember your preferences.

4.2 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the Site to function properly. These cannot be disabled without affecting core functionality.

Analytics Cookies: Help us understand how visitors interact with the Site by collecting anonymous information about page views, navigation patterns, and user behavior. We use:

• Google Analytics: Tracks and reports website traffic. View Google's privacy policy at https://policies.google.com/privacy

Preference Cookies: Remember your choices and settings to provide a more personalized experience.

Cookie Consent Cookies: Record your cookie preferences so we don't ask repeatedly.

4.3 Cookie Consent Management

We use EasyCookie by SIMPLO s.r.o. to manage your cookie preferences. You can adjust your settings at any time through the cookie banner or settings panel.

For more information about EasyCookie's data processing, visit: https://app.easycookie.io/privacy-policy

4.4 Managing Cookies

You can control cookies through your browser settings:

• Chrome: Settings > Privacy and security > Cookies;

• Firefox: Options > Privacy & Security > Cookies and Site Data;

• Safari: Preferences > Privacy > Cookies and website data;

• Edge: Settings > Privacy, search, and services > Cookies.

Blocking all cookies may affect your ability to use certain Site features.

You can also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

4.5 Do Not Track Signals

We honor Do Not Track (”DNT”) signals. When DNT is enabled in your browser, we do not track your activity or use advertising cookies.

5. How We Share Your Data

We do not sell your personal data to third parties.

We may share your data in the following limited circumstances:

Service Providers – We work with third-party vendors who process data on our behalf:

• Web hosting providers;

• Analytics services (e.g., Google Analytics);

• Email service providers (e.g., MailChimp);

• CRM (e.g., HubSpot);

• Cookie consent management tools (e.g., EasyCookie).

These providers are contractually obligated to protect your data and use it only for specified purposes.

Legal Requirements – We may disclose data when required by law or to:

• Comply with legal obligations, court orders, or government requests;

• Enforce our terms and conditions;

• Protect our rights, property, or safety, or that of others;

• Investigate fraud or security issues.

Business Transfers – If we are involved in a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. You will be notified of any such change.

6. International Data Transfers

Our primary operations are in EEA and Ukraine. If you are located in the EEA, UK, Switzerland, or other jurisdictions with data protection laws, your data may be transferred to and processed in countries that do not provide the same level of data protection.

Group Company Transfers. Your data may be transferred to and processed by other entities within the ALLSTARSIT corporate group, including our affiliates and subsidiaries located in:

• Israel;

• United States of America (USA);

• United Arab Emirates (UAE);

• Sakartvelo (Georgia);

• Colombia;

• Costa Rica;

• Other countries where we operate.

These transfers are necessary for our business operations, including providing services, technical support, and managing client relationships. All group entities are required to comply with our internal data protection policies and applicable data protection laws.

When we transfer data internationally, we use appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission;

• Adequacy decisions issued by the European Commission;

• Other legally recognized transfer mechanisms under GDPR.

You may request a copy of the safeguards we use by contacting us at dpo@allstarsit.com.

7. Data Retention

We retain your personal data only as long as necessary for the purposes described in this Policy or as required by law.

Contact Form Data. We retain inquiries submitted through the contact form for 3 years from the date of submission, or until you request deletion.

Analytics Data. Cookie and analytics data is retained according to our analytics provider's retention settings, typically 26 months for Google Analytics.

Legal Obligations. Some data may be retained longer to comply with legal, accounting, or regulatory requirements.

When data is no longer needed, we securely delete or anonymize it.

8. Your Privacy Rights

8.1 Rights Under GDPR (EEA, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have the following rights:

Right of Access. Request a copy of the personal data we hold about you.

Right to Rectification. Request correction of inaccurate or incomplete data.

Right to Erasure (”Right to Be Forgotten”). Request deletion of your data in certain circumstances, such as when it is no longer necessary for the purposes collected or if you withdraw consent.

Right to Restriction of Processing. Request that we limit how we use your data in certain situations.

Right to Data Portability. Receive your data in a structured, commonly used format and transmit it to another controller.

Right to Object. Object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent. Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal.

Right to Lodge a Complaint. File a complaint with your local data protection authority if you believe we have violated your privacy rights.

8.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the CCPA:

Right to Know. Request disclosure of:

• Categories and specific pieces of personal information we have collected;

• Categories of sources from which we collected your data;

• Business or commercial purposes for collecting your data;

• Categories of third parties with whom we share your data.

Right to Delete. Request deletion of personal information we have collected from you, subject to certain exceptions.

Right to Opt-Out of Sale. We do not sell personal information, so there is no need to opt out.

Right to Non-Discrimination. We will not discriminate against you for exercising your CCPA rights by:

• Denying goods or services;

• Charging different prices or rates;

• Providing a different level or quality of services.

Shine the Light Law. California residents may request information about the disclosure of personal information to third parties for direct marketing purposes. As we do not share data for such purposes, no disclosure is required.

8.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: dpo@allstarsit.com

• Mail: ALLSTARSIT POLAND SP. Z O.O., ul. Złota 75A/7, 00-819 Warsaw, Poland

We will respond to your request within:

• 30 days for GDPR requests (may be extended by 2 months if the request is complex);

• 45 days for CCPA requests (may be extended by an additional 45 days).

We may need to verify your identity before processing your request by asking for identifying information such as your email address.

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, alteration, or disclosure.

Our security measures include:

• Encryption: Data transmitted between your browser and our Site is encrypted using SSL/TLS technology;

• Access controls: Limited access to personal data based on role and necessity;

• Security monitoring: Regular monitoring for security threats and vulnerabilities;

• Vendor management: Contractual obligations requiring service providers to maintain adequate security;

• Incident response: Procedures to detect, respond to, and notify affected parties of data breaches.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

If we become aware of a data breach that affects your personal data, we will notify you and relevant authorities as required by applicable law.

10. Children’s Privacy

Our Site is not directed to children under the age of 16 (or under 18 for California residents). We do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has provided personal data to us, please contact us at dpo@allstarsit.com. We will promptly delete such information from our systems.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

• Update the “Effective Date” at the top of this Policy;

• Notify you through a prominent notice on the Site;

• Where required by law, obtain your consent to the changes.

We encourage you to review this Policy periodically to stay informed about how we protect your data.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ALLSTARS POLAND SP. Z O.O.

ul. Złota 75A/7

00-819 Warsaw, Poland

Data Protection Officer:

Email: dpo@allstarsit.com

For GDPR-related inquiries: If you are in the EEA, UK, or Switzerland and have concerns about our data processing, you may also contact your local data protection authority or our Data Protection Officer at dpo@allstarsit.com.

For CCPA-related inquiries: California residents may contact us using the information above to exercise CCPA rights.