Skip to content Skip to footer

Privacy policy

Last Updated: 7/04/2026

1. Introduction

This Privacy Policy describes the rules for processing personal data and the use of cookies on the website www.atp-aviation.com, operated by AT-P Aviation Sp. z o.o.

We respect your privacy and ensure that personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

2. Data Controller

The controller of your personal data is:

AT-P Aviation Sp. z o.o.
ul. Poligonowa 1/2
04-051 Warsaw, Poland
Email (data protection matters): info@atp-aviation.com

The Controller has not appointed a Data Protection Officer (DPO/IOD) because there is no legal obligation to do so under Article 37 GDPR.

3. Scope of Data Collection
3.1 Data Provided Voluntarily by the User

Contact Form
When contacting us via the contact form, we process:

  • first and last name,
  • email address,
  • phone number (optional),
  • message content.

Providing data is voluntary but necessary to receive a response.

Newsletter Subscription (MailerLite)
When subscribing to the newsletter, we process:

  • email address,
  • information confirming consent,
  • technical data related to subscription confirmation.

Providing an email address is voluntary but necessary to receive the newsletter.

3.2 Automatically Collected Data (Technical Data)

When visiting the website, the following may be collected automatically:

  • IP address (shortened/anonymized),
  • browser type and version,
  • operating system,
  • website activity data,
  • pages visited and time spent on the website.
4. Purposes and Legal Basis for Processing

Personal data is processed based on Article 6 GDPR:

4.1 Contact Handling

Purpose: responding to inquiries.
Legal basis:

  • Art. 6(1)(f) GDPR — legitimate interest of the Controller (general contact),
  • Art. 6(1)(b) GDPR — taking steps prior to entering into a contract (business or offer inquiries).
4.2 Newsletter

Purpose: sending newsletters and marketing information.
Legal basis:

  • Art. 6(1)(a) GDPR — consent.

Consent may be withdrawn at any time.

4.3 Website Analytics

Purpose: analyzing traffic and improving website functionality using Google Analytics 4.
Legal basis:

  • Art. 6(1)(a) GDPR — user consent expressed via cookie banner.
4.4 Legal Obligations

Purpose: compliance with applicable laws.
Legal basis:

  • Art. 6(1)(c) GDPR.
5. Cookies and Analytics Technologies

Cookies are small text files stored on your device. The website uses the following types:

Necessary Cookies

Required for proper website functioning and security.
Example:

  • session cookies.

These cookies do not require consent.

Analytical Cookies (Google Analytics 4)

Used only after user consent. Google Analytics helps us understand how users interact with the website.

Features:

  • IP anonymization is applied automatically,
  • data retention occurs in accordance with Google Analytics settings,
  • data is processed in aggregated statistical form.

You can withdraw consent at any time via cookie settings.

6. Newsletter Provider — MailerLite

Newsletter services are provided by MailerLite, acting as a data processor. MailerLite processes data solely on our instructions and in accordance with GDPR requirements.

7. Data Recipients

Personal data may be shared with trusted service providers, including:

  • hosting providers,
  • IT support and website administrators,
  • MailerLite (newsletter delivery),
  • Google (analytics services).

Data is shared only to the extent necessary to provide services.

8. International Data Transfers

Some providers (e.g., Google, MailerLite) may process data outside the European Economic Area, including the United States.

Transfers are based on:

  • the EU-US Data Privacy Framework (DPF), or
  • other safeguards approved by the European Commission.
9. Data Retention Period

Personal data is stored only as long as necessary:

  • Contact inquiries — for the duration of correspondence and up to 12 months after completion,
  • Newsletter data — until consent is withdrawn,
  • Analytical data — in accordance with Google Analytics settings,
  • Data processed under legal obligations — for periods required by law.
10. Social Media Profiles

The Controller maintains profiles on:

  • LinkedIn,
  • Facebook,
  • Instagram.

The website contains only links redirecting users to these platforms. Clicking a link transfers the user to external services governed by their own privacy policies. The Controller does not transfer data to these platforms automatically.

11. Profiling and Automated Decision-Making

Data collected through analytics tools may be used for statistical analysis and improving website usability.

The Controller:

  • does not perform profiling producing legal effects,
  • does not make automated decisions within the meaning of Article 22 GDPR.
12. Obligation to Provide Data

Providing personal data is voluntary, but:

  • necessary to receive a response via the contact form,
  • necessary to subscribe to the newsletter.

Failure to provide data may prevent service delivery.

13. Data Subject Rights

You have the right to:

  • access your data,
  • rectify data,
  • erase data,
  • restrict processing,
  • object to processing,
  • withdraw consent at any time,
  • data portability (where applicable).

Requests may be sent to: info@atp-aviation.com

You also have the right to lodge a complaint with:
President of the Personal Data Protection Office (UODO)
ul. Stawki 2, 00-193 Warsaw, Poland.

14. Security Measures

We implement technical and organizational safeguards including:

  • SSL encryption,
  • restricted access to data,
  • secure hosting infrastructure.
15. Changes to This Privacy Policy

The Controller may update this Privacy Policy. The current version is always available on this website with an updated revision date.

Go to Top