• Mon-Fri | 8:00 - 17:00
  • Makuszyńskiego Street 10a, Kraków

Privacy policy

Dear Sir or Madam,
Due to the fact that your personal data is stored in a database owned by MBPOWER.pl, a limited liability company with its registered office in Kraków, ul. K. Makuszyńskiego 10a, 31-752, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court for Kraków Śródmieście, 11th Commercial Division of the National Court Register, under KRS number: 824985, Tax Identification Number (NIP): 6783183556, National Business Registry Number (REGON): 385364324 (hereinafter referred to as the „Controller”), we hereby present the following privacy policy.

The purpose of this document is to fulfill the obligations incumbent on the Controller, arising from the content of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as „GDPR”), defining the principles on which your personal data are processed, the purpose of such processing and your rights.

I. General information

The Controller of your personal data is Mbpower.pl, a limited liability company with its registered office in Kraków, ul. K. Makuszyńskiego 10a, 31-752, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court for Kraków Śródmieście, 11th Commercial Division of the National Court Register, under KRS number: 824985, Tax Identification Number (NIP): 6783183556, National Business Registry Number (REGON): 385364324.

You can contact the Controller:
• by email, biuro@mbpower.pl

To protect your data, the Controller has appointed a Data Protection Officer (DPO), who can be contacted by email at iod@mbpower.pl.

The Controller obtained your personal data through voluntary submission, including at the company’s registered office, in electronic correspondence, via websites, during telephone call recordings, through video surveillance, and through other methods operated by the Controller.

II. Purpose and basis of data processing

Your personal data are processed by the Controller for the purpose of providing services and providing marketing information to MBPOWER.pl and its collaborators.

Your personal data are processed:
• based on the legal basis set out in Article 6(1)(a) of the GDPR – based on the contract concluded with you for the purpose of its performance and termination – for the duration of the contract;
• based on the legal basis set out in Article 6(1)(a) of the GDPR – based on the Controller’s legitimate interests in order to conclude the contract and pursue claims related to it – for a period of up to 6 years from the year in which the contract was performed or terminated, or until an effective objection is raised, but no shorter than until the claims related to the contract are satisfied and the limitation period has expired.
• based on the legal basis set out in Article 6(1)(b) of the GDPR a) GDPR – based on and within the scope of your consent to the processing of personal data (if you have expressed such consent);
• based on the legal basis expressed in Article 6(1)(f) GDPR – based on the legitimate interest pursued by the Controller or a third party (an entity cooperating with the Controller), which consists in the use of personal data voluntarily provided by you for direct marketing purposes of the Controller or its partners.
• based on the legal basis expressed in Article 6(1)(f) GDPR – the legitimate interest of the Controller in ensuring security.
• based on the legal basis expressed in Article 6(1)(f) GDPR – the legitimate interest of the Controller in improving the quality of the services provided.

As well as pursuant to the Controller’s legal obligation to retain data under the Tax Ordinance and the Accounting Act – for the periods specified in these acts, but no less than 5 years from the beginning of the year following the fiscal year in which the data was obtained.

Personal data is not used by the Controller for any purpose other than that indicated above.

III. Categories of personal data

Your personal data subject to processing includes:
first name and last name, business name, addresses, Tax Identification Number (NIP), Personal Identification Number (PESEL), National Business Registry Number (REGON), telephone number, email address, data regarding services provided to you and information about your payments, in the case of monitoring – the image and behavior of the person within the camera’s range; in the case of conversations – the voice and content of the conversation.

IV. Recipients of personal data

The Controller may disclose personal data to entities with whom it cooperates and which process such data on its behalf (so-called data recipients) for the purpose of providing services to the Controller in the following areas: vehicle maintenance (external subcontractors), hosting, business management (ERP software, etc.), customer database management (CRM software), online payments, other IT services, accounting and invoicing, legal and other advisory services, and postal and courier services.

If the Controller shares data of third parties, for example, as authorized contacts or vehicle pickup agents, the Controller requests that these individuals be informed of the sharing of their data and the principles governing the Controller’s processing of this data.

V. Transfers to third countries

The Administrator has no intention of transferring your personal data to recipients located in a third country (outside the EEA) or to international organisations.

VI. Processing period

Personal data will be processed by the Controller until you exercise your rights set out in this Policy, which will require the Controller to delete your personal data from its files or cease processing, unless the law permits longer processing of personal data, e.g., for archiving purposes or for defending against or pursuing legal claims. Recordings (both video and audio) are stored for a maximum of 14 days, after which they are permanently deleted and cannot be replayed.

VII. Rights related to the processing of personal data

In connection with the processing of your personal data by the Controller, you have the following rights:

• the right to access your data and receive a copy thereof;
You have the right to know what personal data the Controller is processing about you and to receive a copy of this data.

• the right to rectify (amend) your data;
You have the right to request that the Controller rectify your personal data if it is inaccurate or to request that it be supplemented.

• the right to erase your data;
You have the right to request that the Controller erase your personal data. Despite a specific request, the Controller may continue to process your data if the obligation to continue processing results from specific legal provisions or if processing by the Controller is necessary to establish, pursue, or defend legal claims.

• the right to request restriction of data processing;
You have the right to request that the processing of your personal data be restricted solely to storage or performance of actions agreed upon with you if:
– in your opinion, the Controller holds inaccurate data about you;
– the Controller is processing your data without justification, but you request restriction of processing instead of erasure;
– The Controller no longer needs your personal data for processing purposes, but you need them to establish, pursue, or defend legal claims.

• the right to object to data processing;
You have the right to object to data processing for direct marketing purposes.

• the right to data portability;
You have the right to receive your personal data from the Controller in a file saved in a reproducible format, in a structured, commonly used, machine-readable format (e.g., „csv” format).

• the right to lodge a complaint with a supervisory authority;
You have the right to lodge a complaint with the national supervisory authority appointed for the protection of personal data – the President of the Personal Data Protection Office.

VIII. Automated decision-making and profiling

The Administrator does not undertake any automated decision-making using your data. You are also not subject to profiling based on the processed personal data. The processing of personal data does not produce any binding legal or factual consequences for you.

Effective date and last update:

Effective Date (Date of Preparation): June 17, 2023

Last Updated: June 17, 2023

Car service

Electrical, Mechanical, Diagnostics Mercedes-Benz Specialization Professional Mercedes computer diagnostics and service.

We service all classes and models. We use a professional diagnostic system designed specifically for Mercedes-Benz vehicles.

Menu

Information

Contact

  • Makuszyńskiego Street 10A
    31-752 Kraków
  • Opening hours:
    Mon-Fri | 8:00 - 17:00

© 2026 mbpower.pl | All rights reserved.

Facebook Instagram Youtube