By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
We care deeply about your privacy

Privacy policy

Open rate spółka z o.o. is a company providing lead generation and marketing campaigns (“Service”) doing business as "Open Rate".

We care about your personal data you entrust with us. Demonstrating Open rate’s engagement in personal data protection we are bringing you the key facts about how we handle personal data processing.

We are GDPR compliant

GDPR is the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Controller/Processor and contact

Open rate spółka z ograniczoną odpowiedzialnością based in Poznań  (61-625) at ul.Hawelańska 6e/22, registered in the Register of Entrepreneurs of the National Court Register under entry number KRS: 0000855164, whose documentation is kept by the District Court for Poznań -Nowe Miasto I Wilda in Poznań, VIII Business Division of the National Court Register, with business registry no. REGON: 386775839, NIP: 9721310149 is a data controller and a processor of personal data provided in Service

You can reach out to us in any question regarding privacy at

Open rate is a data processor of personal data processed in Service.

What do we do:

We provide tailored data bases and/or conduct direct marketing campaigns (email/call) for our Clients in order to help them grow. The main activity of Open rate is gathering personal data from various channels (like Linkedin, companies’ websites, email or tools which enable find your data) in order to create the best suited database for your needs. Your data is either publicly available and we don't use tools which scrape data from websites or not publicly available but we use a technique of creating your data by information you disclose (i.e. your name on Linkedin and the name of the company you work for). We only process b2b personal data.

In order to perform our Service, we process:

  • (as a data controller) internet protocol (IP) of everyone who visits our service or if sending us a message name, email address and your location (“Visitor”)

  • (as a data controller) personal data of our Clients, referred to as (“You”))

  • (as a processor on Your behalf) personal data of Your potential customers.

How do we collect personal data

Your personal data

Open rate collects personal data (name, email, address, identity number) during a process of entering into the contract.

Open rates reach out for new cooperation possibilities by email or by LinkedIn account in order to enable future clients to get in touch with Open rate. We always ask for your prior consent to provide You with our offer.

You can always object to processing or withdraw Your consent by simply sending us an email.

Your customer data

As a processor we do not collect any personal data without Your consent/demand – we process Your customers’ personal data on Your behalf. All this data belongs to You, we gather and store Your data only for the time being of rendering Service.

Visitor’s data

Where the website is used for informational purposes, so that You do not transmit other information to us, we do not collect any personal data, with the exception of the data which Your browser transmits to us in order to allow You to access the website.
If you send us a message via contact form you disclose to us your name, email address and apart of that we can track your movement on our website, see the general location of your device.

What kind of data do we process

Your personal data

  • Name;

  • Email addresses;

  • telephone number;

  • identity number (PESEL) or Tax (NIP);

  • passport or national ID number;

Your customer data

This category is all the data You want us to find for you. However due to our current experience we can limit the scope of data to: name, email address, occupation, company’s name, position, country, city, seize of a firm.

Visitor’s data

This data is:

●  IP address

●  Date and time of the query

●  Time zone difference to Greenwich Mean Time (GMT)

●  Content of the request (specific site)

●  Access status/HTTP status code

●  Volume of data transferred each time

●  Website from which the request comes

●  Browser

●  Operating system and its interface

●  Language and version of the browser software.

What are the legal grounds for processing data

We process Your/Vistor’s data either on contractual ground (processing is necessary for the fulfilment of a contract or in order to take steps at Your request prior to entering into a contract) or when You have given us Your consent or under Open rate’s legitimate interest which is a right to reach out for your consent for further processing, replying for your requests or rendering our services (art. 6 a) b) and f) GDPR).

We process Your customer data as processor pursuant to Data Processing Agreement.

Who do we disclose Your data to

We don’t disclose any of Your/Vistor’s data nor Your Customer’s data.

Where and to whom do we transfer Your data

In order to provide our Service, Open rate engages other entities. You gave us general written authorisation in the Data Processing Agreement.

Your rights

  • Access:

You have a right to be informed about Your personal data processing, including the source of Your data collection, purpose of its processing and how long it will be stored .

  • Rectification:

You have a right to access and change Your personal data.

  • Erasure (“right to be forgotten”):

You have a right to demand to erase your data however we reserve the right to refuse permanent deletion for a legitimate reason, in particular but not limited to if current business affairs are not yet finished.

  • Restriction on processing:

You have a right to demand ceasing processing your data or restricting its processing with respect to exceptions set forth in art. 18 GDPR.

  • Portability:

If You need to export/import data we will help you.

  • Right to withdraw consent:

You always can withdraw Your consent for processing Your data for marketing by sendimg us an email.

  • Right to object

In case You don’t want us to reach out for Your consent for further processing please object by sending us an email.

  • Lodge a complaint

You have a right to lodge a complaint with the appropriate data protection authority if You have concerns about how Open rate processes Your personal data.

Storage and cross-border transfer

Open rate uses EU data storage hosted by Google.


We keep all Your data as Controller for the duration of our business relationship and for the time needed to fulfil legal obligations. In accordance with data we process solely under your consent or legitimate interest the retention period is one year.

As your processor we remove data:

1) at Your explicit request;
2) after 3 weeks of rendering Service.

Changes and updates to the Privacy Policy

As Open rate changes from time to time, this Privacy Policy is expected to change as well.

We reserve the right to amend the Privacy Policy at any time, for any reason. We will inform You about that change by sending to You an email. Remember to check our Privacy Policy website.

Legal Note

Please note that usage of our product means processing personal data under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and under Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (“e-privacy directive”).

The application and impact of laws can vary widely based on the specific facts involved.

Marketing and direct marketing are lawful under GDPR and e-privacy directive if the data subject gives its consent (opt-in) or has a right to opt out (depending on jurisdiction) and a controller can prove its legitimate interest in processing data. The application of data protection rules in the context of marketing, in particular direct marketing is complex therefore we advise you to seek legal help.

Please also note that regulatory requirements may vary from country to country and need to be verified.Please do not hesitate to seek our further help, we can help you to customize our offer with your needs.

Open rate team