Royalada pays great attention to protecting personal data and complying with the law when it collects, processes and uses such data. We want you to feel safe when you visit our site and use our services – and that is why we are providing you with this Privacy Policy. Here you can find out about our data collection and use of data policy.

The integral part of this Privacy Policy is our Cookies Policy, where you can learn more about our use of cookies technology. If something is not clear or you have any aditional questions after reading our policy – or already have some – do not hesitate to contact us.

I. Glossary

Below you will find an explanation of the basic terms used in this Privacy Policy. We gathered them here in order to make it easier for you to navigate through the policy and understand our role and purpose in the collection and the use of Information (as defined below).

"Applicable laws” means all the laws and regulations relevant to the collection, processing and storage of data, especially all the data protection laws and the General Data Protection Regulation (EU) 2016/679 ("GDPR”).

"Royalada” or "we” or "us” or „our” means Royal Advertising Agency with a registered office at

"Cookies” means small text files stored in a web browser by a website (here specifically: Site) or by an ad server. By storing certain information in a cookie, those web browsers, ad servers, and explicitly our Site are able to remember your preferences and recognize websites visited and/or web browsers used from one visit to another.

"Data Protection Officer” means a Data Protection Officer as defined in article 37 – 39 of GDPR appointed by Royalada to watch the security of your Data (as defined below).

"Legal Grounds” means the legal basis for the collection, processing and storage of your Personal Information.

"Log Data” means information that is automatically reported each time you access our App and which is sent by your web browser or mobile application that our servers automatically record. Log Data may include information such as your IP address, browser type, web requests, domain names or pages viewed.

"Personal Information” or "Information” or "Data” means any Information relating to an identified or identifiable person as defined in article 4.1 of GDPR.

"App” means the DB website or mobile app

"You” means an individual that uses the App.

II. Personal Information we collect about you

We collect Information about you through:

  • your use of our contact forms
  • your use of our newsletter form
  • your use of App

The categories of your Data that we collect may include:

your contact details (your name, surname and e-mail address)

III. Log Data, Cookies and similar technologies

When you interact with our App, we may also automatically collect information from your App activities through the usage of Cookies, Log Data and similar technologies.

By using those technologies we aim to personalize our App to better meet your needs, as well as to provide you with customized App content and to act within our advertising purposes. We may also use this information for the purposes of analytics and monitoring of the effectiveness of our performance, including the collection of the aggregate App usage data (such as the overall number of App visitors or pages viewed).

The information mentioned above may include:

  • information about your interactions with the App;
  • technical information about your computer hardware and software that may include URL information, cookie data, your IP address, the types of devices you are using to access our App and/or use the services, device ID, device attributes, network connection type, browser type, language, internet service provider, clickstream data, access times, the files viewed on our App;
  • demographic information such as your ZIP code, age, gender and preferences by using Log Files; such information is not associated with your name or other Personal Information.

Please see our Cookies Policy for more details about our collecting and using of this Data.

IV. Purposes and Legal Grounds for Data processing

Your local law may require to set out the Legal Grounds on which we rely in order to process your Data. Below you will find an outline of the purposes for which we may process your Data accompanied by an indication of a relevant Legal Grounds for such processing pursuant to GDPR:

PurposesLegal Grounds
  • responding to your inquiries
  • pursuing claims or defending against claims
The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to: respond your inquiries, pursue claims or defend against claims.
  • performing marketing of our products and services (our direct marketing, customer satisfaction survey)
The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to promote our products and services.
Sometimes we also ask you for your voluntary consent to specific form of marketing, i.e. sending commercial information via e-mail (newsletter) or contacting with you by phone or skype for our commercial purposes in accordance with applicable law (telecommunication law, act on providing services by electronic means).

V. Your rights

Royalada will respect your legal rights to your Data. You can manage and control your privacy by contacting our Data Protection Officer: [[email protected]].

Below you will find the description of your rights that you have under the law, and what Royalada does to protect those rights:

Legal rightWhat Royalada does to protect your rights
The right to be informedRoyalada is publishing this Privacy Policy and Cookies Policy to keep you informed of what we do with your Personal Information. We strive to be transparent about how we use your Data.
The right of accessYou have the right to access your Information. You have the right to request a copy of your Data that we hold about you by contacting us.
The right to rectificationWe aim to keep your Personal Data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your Personal Data is not accurate or not complete, so that we can keep your Personal Data up-to-date.
The right to erasureThis is sometimes called ‘the right to be forgotten’. In some circumstances you have the right to the erasure of your Data without undue delay. Those circumstances include situations when: the Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the Data has been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.
The right to restriction processingIn some circumstances you have the right to restrict the processing of your Data. Those circumstances are the following: you contest the accuracy of the Data; processing is unlawful but you oppose erasure; we no longer need the Data for the purposes of our processing, but you require Data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your Data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
The right to objectIn certain circumstances, you have the right to object to the processing of your Personal Data where, for example, your Personal Data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your Personal Data, or if your Data is being processed for direct marketing purposes.
The right to Data portabilityRoyalada must allow you to obtain and reuse your Personal Data for your own purposes across services in a safe and secure way without it affecting the usability of your Data. This right only applies to Personal Data that you have provided to us as the Data Controller. The Data must be held by us by consent or for the performance of a contract and the processing is carried out by automated means.
The right to withdraw consentIf you have given us your consent to process your Data but changed your mind later, you have the right to withdraw your consent at any time, and Royalada has to stop processing your Data unless Royalada has other Legal Ground for processing of your Data. The withdrawal of consent does not affect the compliance of the processing which was made on its basis before the withdrawal of consent.
The right to complain to the Supervisory AuthorityYou have the right to lodge a complaint with the Supervisory Authority in particular if you feel that Royalada has not responded to your requests to solve a problem.

In any matter regarding above mention, please contact our Data Protection Officer: [email protected]. Please include information that will enable us to verify your identity within your request.

VI. How your Data is protected

Royalada uses various security technologies and procedures that help protecting your Personal Information from unauthorized access, use, disclosure, alteration or destruction.

For example:

Personnel. Only qualified and authorized employees are permitted to access Personal Information, and they may do so only for permitted business functions;

Data Protection Officer. We appointed a Data Protection Officer who in particular watches over the security of your Data, monitors our compliance with GDPR, and is a point of contact for you in all matters regarding Data protection; here you have contact to our Data Protection Officer: [email protected];

Security Measures. We use encryption in the transmission of your Personal Information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your Personal Information;

Additional Safeguards. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your Information. Our security procedures mean that we may request proof of your identity before we disclose Personal Information to you;

Trusted vendors. We rely only on vendors who ensure an appropriate level of security of your Data. In this context, we use only secure cloud servers, including AWS cloud – a secure, private cloud platform. AWS participates in the EU-US Privacy Shield framework. Amazon Web Services is our processor. AWS Amazon cloud platform uses various security technologies and procedures to protect personal data and is compliant with third-party assurance frameworks such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, PCI DSS Level 1, and SOC 1, SOC 2, and SOC 3. For more details please see AWS Amazon security and privacy policy at

VII. International transfer of Data

Royalada may transfer Data to a country outside of the European Economic Area (EEA), i.e. to the territory of United States of America for which the Commission has adopted an adequacy decision (Privacy Shield), in order to protect storage and processing of data, using IT services, as well as operating the App and providing our services.

The EU-U.S. Privacy Shield framework is a "partial” adequacy decision, as, in the absence of a general data protection law in the U.S., only the companies committing to abiding by the binding Privacy Shield principles benefit from easier data transfers.

For the above reasons, in such cases your personal data will be transferred to the territory of USA in accordance with applicable laws, with appropriate safeguards in place, only to Privacy Shield certified vendors (according to the EU Commission Decision 2016/1250) or by using standard contractual clauses adopted by the European Commission (EU Commission Decision on standard contractual clauses for the transfer of Personal Data to processors established in third countries under Directive 95/46/EC (the "Model Contract Clauses"), or based on other applicable transborder data transfer mechanisms.

If you are located in the EEA, you may contact us if you require a copy of the safeguards which we have put in place to protect your Data transferred outside of the EEA and your privacy rights in these circumstances.

You may also learn more about:

VIII. Retention of your Information

Royalada stores your Information for a period of time required for the purposes for which it was collected using generally accepted security standards and in compliance with applicable laws. Royalada will not retain your Personal Information for longer than required.

In particular, we store Information about you when you send your enquiry by contact form as well as when you send documents and information through job application form or when you sign up for a newsletter. Such processing will last only for the period of time necessary to achieve the intended purposes.

Please note, that:

  • for our marketing purposes your Data will be processed until such time you object to it;
  • where you have consented to marketing communications via e-mail (e.g. you agree to receive our newsletter), you may withdraw your consent at any time by contacting as well as you may unsubscribe from newsletter at any time by clicking the unsubscribe link in an email from us; in these circumstances, your personal data will be processed until your withdrawn of the consent;
  • for purposes of performance current recruitment process – your Data will be processed as long as necessary to complete the recruitment processor or until such time that your consent is withdrawn (depending on what event has happened earlier);
    • for the needs of the current recruitment process – for the period of recruitment,
    • in order to conclude an employment contract in connection with current recruitment (applies only to job applicants with whom Royalada decides to conclude such a contract) – until the conclusion of the employment contract,
    • in order to pursue claims or defend against claims resulting from the above-mentioned recruitment process (applies only to job applicants with whom a recruitment interview took place) – for a period of 3 (three) years from the moment of completing recruitment,
  • for purposes of performance future recruitment process – your Data will be processed for a period of 3 (three) years from the date of granting consent or until you withdraw your consent to process your Data for these purposes (depending on which event occurred earlier).

After the expiration of those periods, the data is deleted without unnecessary delay.

If you need more detailed Information about the retention of your Information, please contact our Data Protection Officer.

IX. Disclosures

We may disclosure your Personal Data only to the following trusted third parties:

  • Authorized Third Parties. We may share the Data with parties directly authorized by you to receive that Data, such as when you authorize a third party (e.g. payment services providers) to access to your Data. The use of the Data by an authorized third party is subject to the third party’s privacy policy;
  • Safety, Legal Purposes and Law Enforcement. We may use and disclose the Data when we believe it is necessary: (i) under applicable law, and (ii) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.
  • Service providers. We may also engage third parties that support the operation of our Services (acting on our behalf), such as analytics providers, IT services providers (e.g. cloud or host services providers), recruitment or advertising agencies.

X. Children’s privacy

Protecting children’s privacy is very important to Royalada. Our App is not intended for, designed to be used by, or targeted at children. We do not knowingly collect the Data from any person who is an individual under the age of 13.

We are in compliance with the requirements of EU General Data Protection Regulation 2016/679 as well as COPPA (Children’s Online Privacy Protection Act) and we do not collect any Information from anyone under 13 years of age.

XI. Notice to parents

If you are a parent or a guardian who knows or has otherwise discovered that your child under the age of 13 has submitted his or her Personal Information, or other Information, to us without your consent, permission or authorization, do not hesitate to contact our Data Protection Officer using the following email address: [email protected]

We will promptly remove your child’s Personal Information or other Information from our system, cease the use of such Information and direct any third party with access to it to do the same.

XII. Contacting us

If there are any questions regarding this Privacy Policy, you may contact us using the information below:

General contact form:

Royalada Data Protection Officer contact: [email protected]