Telewizja Polska Spółka Akcyjna w likwidacji (TVP S.A.) respects and observes the right of users to privacy. Below you will find information on how we collect, process and use information about users of the TVP Sales Service and how we protect the personal data of users by using appropriate technological solutions.

General Provisions

1. The following terms shall be understood as:

Personal data controller – Telewizja Polska S.A. w likwidacji with its registered office in Warsaw, 00-999 Warsaw, at 17 Woronicza Street, entered into the register of entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 13th Commercial Division of the National Court Register, under the KRS number 0000100679, with the Tax Identification Number (NIP): 521-04-12-987.

Personal data – information about a natural person identified or identifiable through one or more specific factors determining their physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, online identifier and information collected through cookies and other similar technology.

Policy – this Privacy Policy

GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Website – the TVP Sales website run by the Administrator at www.sales.tvp.pl

User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.

2. In connection with the User's use of the Service, the Administrator collects data to the extent necessary to provide the individual services offered. Detailed principles and purposes of processing Personal Data collected during the User's use of the Service are described below.

3.The Website collects only the personal data necessary to provide the services offered therein, specified in point III below.

II. Purposes of personal data processing

1. Personal data of all persons using the Service are processed by the Administrator for the purpose of:

• providing services electronically in the scope of making content collected on the Service available to Users;

• registering an account and verifying the User's identity,

• enabling logging into the Service,

• ensuring proper service for Service Users,

• sending ordered commercial information;

• for analytical and statistical purposes.

2. Providing personal data by the User is voluntary, but necessary for the provision of services via the Service, including communication with Users. Failure to provide your data may result in the inability of Users to use the Service.

III. Type of personal data processed

1. For the purposes of providing services on the Website, personal data of users of the Website are processed.

2. The Administrator may process the User's personal data: name and surname, company address, e-mail address, telephone number, Tax Identification Number.

3. Additionally, the Website collects information contained in system logs, i.e. the User's IP address and logs of User activity in the system for technical purposes related to server administration.

IV. Legal basis for processing personal data

1. Personal data are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the Act of 10 May 2018 on the protection of personal data (Journal of Laws of 2019, item 1781).

2. The Administrator processes personal data only after obtaining the User's consent.

3. Consent to the processing of personal data is completely voluntary.

V. Personal data processing period

1. The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service, until the withdrawal of the expressed consent or effective objection to data processing in cases where the legal basis for data processing is the legitimate interest of the Administrator.

2. The data processing period may be extended if processing is necessary to establish and pursue possible claims or defend against claims, and after that time only in the case and to the extent required by law. After the processing period has elapsed, the data is irreversibly deleted or anonymized.

VI. Sharing personal data

1. Users' personal data may be transferred to: entities associated with the Administrator, its subcontractors, entities cooperating with the Administrator, e.g. companies handling e-payments, companies providing courier/postal services, law firms, solely for the purpose of operating the Service.

2. The recipients of personal data may also be authorized entities, if the obligation to share data results from applicable legal regulations, including public administration bodies.

3. Users' personal data will not be transferred outside the European Economic Area (EEA), nor to an international organization.

VII. User Rights

1. The Service User has the right to: access the content of their personal data, rectify it, delete it, limit its processing, transfer data, object to processing. The exercise of these rights is possible by contacting the Data Protection Inspector appointed at TVP S.A., in the manner indicated in Chapter VIII.

2. The notification of the User's exercise of the right resulting from the above rights should be sent to rodo@tvp.pl.

3. The Administrator shall comply or refuse to comply with the request immediately - no later than within one month of its receipt.

4. The User has the right to file a complaint with the President of the Personal Data Protection Office if they consider that the processing of their personal data violates the provisions of the GDPR.

VIII. Data Protection Inspector

The Data Protection Inspector appointed at TVP S.A. can be contacted by e-mail at rodo@tvp.pl, as well as by traditional mail at Telewizja Polska S.A. w likwidacji, ul. J.P. Woronicza 17, 00-999 Warsaw, with the note "to the Data Protection Inspector".

IX. Cookies

1. The Service does not automatically collect any information, except for information contained in cookies. These files are computer data, in particular text files, which are stored on the Service user's end device and are intended for using the Service's websites, allowing only Telewizja Polska S.A. w likwidacji with its registered office in Warsaw, at 17 Woronicza Street, 00-999 Warsaw to read the information contained therein.

2. The Service collects information using cookies:

• Session cookies - temporary files stored on the user's end device until logging out, leaving the website or turning off the web browser,

• Persistent cookies - files stored on the user's end device for a specified period of time in the cookie file parameters or until they are deleted by the user.

3. Due to the purpose of using cookies, we collect only the necessary cookies - enabling the use of services available within the TVP Sales service, at the same time informing that failure to accept them may prevent you from using the service.

4. Collecting cookies supports the correct provision of services on the Service and serves such purposes as:

• Adjusting the content of the Service's web pages to the user's preferences and optimizing the use of the website,

• Maintaining the Service user's session (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage of the Service.

X. Automated decision-making and profiling

1. User data is not processed in an automated manner so that any decisions could be made about it.

2. All data is sent via an SSL encrypted protocol.

3. Data is not subject to profiling.

XI. Final provisions

1. The Administrator has the right to introduce changes to the Privacy Policy, but the rights of Users will not be limited.

2. Information about the changes introduced will appear in the form of a message available on the Website.

3. A User who does not accept the terms of service provision within the Website after the entry into force of a newer version of the Policy may cease using the Website.

4. In the footer of the Website, the Administrator undertakes to maintain the current content of the privacy policy.

5. In matters not regulated in this Privacy Policy, the provisions of the GDPR and the provisions of Polish law shall apply.

6. The current version of the Policy has been adopted and is effective from 01.03.2025.