Privacy Policy

1. General Information

This Privacy Policy sets out the rules for processing personal data of users of the website operated by ETB Management Ltd, registered at 15 Ferme Park Road, London, N4 4DS, operating under the Samaya Estates brand (hereinafter: "the Controller").

The Controller takes special care to protect users' privacy and the security of processed personal data in accordance with applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

2. Data Controller

The Data Controller is ETB Management Ltd, 15 Ferme Park Road, London, N4 4DS, operating under the Samaya Estates brand.

Contact regarding personal data protection: hello@samayaestates.pl

3. Scope of Processed Data

The Controller may process the following personal data in particular:

  • first and last name,
  • email address,
  • phone number,
  • information provided in contact forms, the quiz, or enquiries,
  • other data voluntarily provided by the user.

Providing data is voluntary, but in some cases necessary to use the website's features or receive a response to an enquiry.

4. Quiz and Lead Forms

The website features a quiz and forms designed to collect information necessary to:

  • conduct a preliminary analysis of the user's needs,
  • match property offers or advisory services,
  • follow up and present cooperation proposals.

Data provided in the quiz and forms is processed solely for the purposes indicated above and is not used in a manner inconsistent with its intended purpose.

5. Purposes and Legal Basis for Data Processing

Users' personal data is processed for the following purposes:

  1. responding to enquiries and contacting the user — Art. 6(1)(b) GDPR;
  2. preparing and presenting an offer and performing a contract — Art. 6(1)(b) GDPR;
  3. analysing user needs based on quiz data — Art. 6(1)(b) and Art. 6(1)(f) GDPR;
  4. conducting marketing activities, including sending commercial information (if the user has given consent) — Art. 6(1)(a) GDPR;
  5. fulfilling accounting and tax obligations — Art. 6(1)(c) GDPR;
  6. pursuing or securing claims — Art. 6(1)(f) GDPR.

6. Data Recipients

Recipients of personal data may include:

  • entities providing accounting, legal, and advisory services,
  • IT service providers, CRM systems, and marketing tools,
  • partners cooperating with the Controller in the provision of services — solely to the extent necessary to fulfil the processing purpose.

Data is not sold or shared with third parties for purposes unrelated to the Controller's activities.

7. Data Transfers Outside the EU

Personal data may be processed using tools provided by entities based outside the European Union (e.g. Google, Meta).

Data transfers are carried out in accordance with the GDPR, in particular on the basis of appropriate legal safeguards, such as standard contractual clauses.

8. Marketing and Analytical Activities

The Controller uses analytical and marketing tools for the purpose of:

  • analysing website traffic,
  • optimising content and offers,
  • running advertising campaigns.

In particular, the following tools are used:

  • Google Analytics 4 (GA4),
  • Google Ads,
  • Meta Platforms (Facebook, Instagram).

These tools may use cookies or similar technologies.

9. Remarketing and Profiling

The Controller may carry out remarketing activities consisting of displaying tailored advertising content to the user based on their previous interactions with the website.

Profiling does not lead to automated decisions producing legal effects on the user.

10. Cookies

The website uses cookies for the following purposes:

  • technical (proper functioning of the website),
  • analytical,
  • marketing and remarketing.

The user may change their cookie settings at any time using browser settings or the cookie banner available on the website.

Cookies and similar technologies may, in certain cases, constitute personal data within the meaning of the GDPR.

Detailed information can be found in the Cookie Policy.

11. Data Retention Period

Personal data is retained for the period:

  • necessary to fulfil the purpose,
  • of the duration of the contract and after its termination — until the statute of limitations for claims expires,
  • required by law,
  • until consent is withdrawn — in the case of processing based on consent.

12. Rights of Data Subjects

Data subjects have the right to:

  • access their data and receive a copy,
  • rectification of data,
  • erasure of data,
  • restriction of processing,
  • objection to processing,
  • data portability,
  • withdrawal of consent at any time.

13. Complaint to a Supervisory Authority

If you believe that the processing of personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority: the President of the Office for Personal Data Protection (UODO).

14. Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy. The current version of the document is always available on the website.

WhatsApp