Skip to content
Westom

Westom

  • ServicesExpand
    • Enter PolandExpand
      • Market validation
      • Sell on Allegro
      • Marketplace management
      • Localisation & SEO
      • Fulfilment partners
    • IT from PolandExpand
      • Web development
      • WooCommerce
      • AI automation
  • Evidence
  • Pricing
  • Insights
  • About
  • Contact
  • LanguageExpand
    • EN
    • FR
    • NL
Westom
Westom
  1. Home
  2. Privacy
Legal and privacy information

Privacy Policy

This notice explains how Westom processes personal data when you visit westom.eu, contact us or discuss a potential business engagement.

Last updated: 15 July 2026Version 1.0
On this page
  1. 1. Controller and contact
  2. 2. Scope and data we process
  3. 3. Purposes and legal bases
  4. 4. Sources and whether data is required
  5. 5. Recipients and international transfers
  6. 6. Retention
  7. 7. Your rights
  8. 8. Cookies, analytics and automated decisions
  9. 9. Security and changes

1. Controller and contact

The controller is Westom Tomasz Węsierski, ul. Stefana Żeromskiego 5/1, 81-346 Gdynia, Poland, NIP 5861433097, REGON 220141440 (“Westom”, “we”). Contact: biuro@westom.pl or +48 530 825 825.

Westom has not appointed a data protection officer. Privacy requests may be sent directly to the email address above with the subject “Data protection”.

2. Scope and data we process

This policy covers westom.eu and its English, French and Dutch versions. Depending on your interaction, we may process:

  • identity and business contact data, such as name, work email, telephone, company and role;
  • the information you choose to include in an enquiry, including project context, current markets, website address and timing;
  • correspondence, meeting notes, proposals and contract-related records;
  • technical security data, such as IP address, request time, URL, browser information and server logs;
  • website usage data from Google Analytics only after you grant analytics consent.

Please do not submit special-category data, confidential credentials or production secrets through the public contact form.

3. Purposes and legal bases

PurposeLegal basis
Answering an enquiry and taking requested steps before a contractArticle 6(1)(b) GDPR; where you contact us for your organisation, our legitimate interest in B2B communication under Article 6(1)(f).
Preparing, performing and documenting an engagementArticle 6(1)(b), Article 6(1)(c) for legal and accounting duties, and Article 6(1)(f) for business administration.
Website security, fraud prevention, troubleshooting and evidence of incidentsOur legitimate interest in protecting the service and users, Article 6(1)(f).
Audience measurement through Google AnalyticsYour consent, Article 6(1)(a). Analytics remains blocked until consent and can be withdrawn at any time.
Establishing, exercising or defending claimsOur legitimate interest, Article 6(1)(f), and applicable legal obligations.

Where processing relies on legitimate interests, we balance the stated purpose against the rights and reasonable expectations of the affected person.

4. Sources and whether data is required

We usually receive data from you or from a colleague contacting us for your organisation. We may also use public business sources, such as a company website or professional profile, when needed to understand an enquiry or verify business details.

Providing form data is voluntary, but the marked fields are needed to answer the request. A contract may require additional data for identification, billing, security and delivery. We do not use the enquiry form to subscribe you to a marketing newsletter.

5. Recipients and international transfers

Data may be available to providers that support hosting, email, backups, security, accounting or authorised IT maintenance, only to the extent needed for their task. Professional advisers or public authorities may receive data where required by law or necessary for claims.

If you accept analytics, Google Analytics processes usage data. Google may process information outside the European Economic Area. The applicable safeguards and locations depend on the provider’s current service terms; see the Google Privacy Policy. You can use the site without consenting to analytics.

We do not sell personal data.

6. Retention

  • Enquiries that do not become an engagement: normally up to 12 months after the last substantive contact, unless a longer period is needed for a requested follow-up or a claim.
  • Contract, billing and tax records: for the periods required by applicable law and for the limitation period of relevant claims.
  • Operational correspondence: for the engagement and a reasonable handover or claims period afterwards.
  • Security logs: normally up to 90 days, longer when needed to investigate an incident.
  • Consent choice stored in your browser: 180 days, after which the site asks again.
  • Analytics cookies: up to two years, subject to browser limits and your earlier withdrawal.

Data is deleted or anonymised when the applicable purpose and retention requirement end.

7. Your rights

Subject to the conditions in the GDPR, you may request access, rectification, erasure, restriction, portability and objection to processing based on legitimate interests. You may withdraw consent at any time without affecting processing carried out before withdrawal.

Send a request to biuro@westom.pl. We may need to verify identity and clarify the scope. You may complain to the Polish supervisory authority, the President of the Personal Data Protection Office (UODO), or another competent EEA authority.

8. Cookies, analytics and automated decisions

The current storage technologies, purposes and controls are described in the Cookie Policy. The footer’s “Cookie settings” control lets you grant or withdraw analytics consent.

Westom does not use data collected through this website for solely automated decisions that produce legal or similarly significant effects. Basic aggregated analytics does not determine whether we accept an enquiry.

9. Security and changes

We use proportionate organisational and technical safeguards, including access control, supported software, backups and transport encryption where available. No internet service can promise absolute security; please use an appropriate channel before sharing sensitive project materials.

We update this notice when purposes, tools or legal requirements change. Material changes will be dated on this page. The GDPR text is available on EUR-Lex.

WESTOM.

Poland market entry, e-commerce operations and accountable IT delivery for international companies.

Westom Tomasz Węsierski
ul. Żeromskiego 5/1, 81-346 Gdynia, Poland
NIP 5861433097 · REGON 220141440

Enter Poland

  • Market validation
  • Launch Poland
  • Sell on Allegro
  • Marketplace management

IT from Poland

  • Software & nearshore
  • Web development
  • WooCommerce development
  • AI automation

Company

  • Evidence and case studies
  • Engagement models
  • Insights
  • About Westom
  • Contact
  • Westom Polska
  • Westom Deutschland
© 2026 Westom. No ranking, citation or commercial outcome is guaranteed.
  • Legal notice
  • Privacy
  • Cookies
  • Website terms
  • Services
    • Enter Poland
      • Market validation
      • Sell on Allegro
      • Marketplace management
      • Localisation & SEO
      • Fulfilment partners
    • IT from Poland
      • Web development
      • WooCommerce
      • AI automation
  • Evidence
  • Pricing
  • Insights
  • About
  • Contact
  • Language
    • EN
    • FR
    • NL

Your privacy choices

We use a necessary language preference. With your permission, Google Analytics helps us understand visits. Analytics stays off until you choose it. Read the cookie policy.

Necessary

Language and consent preferences. Always active.