Cookie Policy

Cookie Policy

Last updated: 27/04/2026

This Cookie Policy (hereinafter: the "Cookie Policy" or the "Policy") supplements the InPost Privacy Policy and should be read in conjunction with it.

For the InPost mobile application and services provided under an InPost Account, we have developed a separate document — the InPost Account Privacy Policy — which is the principal document governing the processing of your personal data in connection with the use of those services. In that document, in the section on marketing, we also describe the principles applicable to the processing of your data for marketing purposes using cookies and similar technologies. These principles apply to all of our services and privacy policies.

How is this document structured?

We have divided this Policy into two parts to help you find the information that is relevant to you:

1. Part I — Common Principles: sets out the rules governing the use of cookies and similar technologies that are common to all companies within the Integer.pl Capital Group acting as data controllers. These provisions apply regardless of the country in which you use our services.

2. Part II — Regional Annexes: contains information specific to individual controllers and jurisdictions, including a detailed list of tracking tools and technologies used locally. This information may differ depending on the region and applies solely to the relevant controller and its website or mobile application.

List of Annexes:

Annex A1 — Tools and technologies used in Poland

Annex A2 — Tools and technologies used in France

Annex A3 — Tools and technologies used in Italy

Annex A4 — Tools and technologies used in Spain

Annex A5 — Tools and technologies used in Portugal

Annex A6 — Tools and technologies used in the United Kingdom

Annex A7 — Tools and technologies used in Belgium

Annex A8 — Tools and technologies used in Luxembourg

Annex A9 — Tools and technologies used in the Netherlands

PART I: COMMON PRINCIPLES

The provisions below apply to all Controllers.

PROCESSING INFORMATION

Controller

Depending on the type and nature of the service provided, the controller of your personal data is the relevant company within the Integer.pl Capital Group (hereinafter: the "Controller"), which may be established in different countries depending on the service you use.

Full details of the Controller's identity, contact details, and the contact details of the Data Protection Officer (where one has been appointed) are set out below:

Poland

InPost sp. z o.o. ("InPost") Registered office: ul. Pana Tadeusza 4, 30-727 Kraków, Poland

You may contact the Controller via the following channels:

• by telephone: +48 722 444 000 or +48 746 600 000
• by post: ul. Pana Tadeusza 4, 30-727 Kraków, Poland
• via the contact form: inpost.pl/formularz-kontaktowy
• via live chat, available at: inpost.pl/kontakt

InPost has appointed a Data Protection Officer (DPO), who may be contacted via the channels listed above. You may use those channels to exercise your rights — see section '6. HOW CAN YOU EXERCISE YOUR RIGHTS? '. 

France, Belgium, the Netherlands and Luxembourg

Mondial Relay SASU Registered office: 1, avenue de l'Horizon, 59650 Villeneuve d'Ascq, France

You may contact the Data Protection Officer (DPO) as follows:

• by post: DPO Mondial Relay, Direction juridique et conformité, 1, avenue de l'Horizon, 59650 Villeneuve d'Ascq, France
• by e-mail, using the address applicable to your country:

– France: [email protected]

– Belgium: [email protected]

- Luxembourg: [email protected]

– Netherlands: [email protected]

Italy

Locker InPost Italia s.r.l. Registered office: Viale Cassala 30, 20143 Milan, Italy

Locker InPost Italia S.r.l. has appointed a Data Protection Officer (DPO) in accordance with Articles 37, 38 and 39 of the GDPR. The DPO may be contacted by e-mail at: [email protected].

Spain

The following entities act as joint controllers in Spain and are collectively referred to as the "InPost Spain Group":

• INPOST SPAIN, S.L.U. Address: Gran Via De Les Corts Catalanes, 129-131, P.6, 08028 Barcelona
• MONDIAL RELAY S.A.S.U. SUCURSAL EN ESPAÑA Address: Camí De Les Oliveres Núm. 1, 08800 – Vilanova i la Geltrú, Barcelona
• SENDING TRANSPORTE Y COMUNICACION SA Address: Avda de Suiza 26, 28000 – Madrid

The InPost Spain Group has appointed a Data Protection Officer (DPO) in accordance with Article 37 of the GDPR and Article 34 of the LOPDGDD. The DPO may be contacted:

• by e-mail: [email protected]
• by post: Gran Via De Les Corts Catalanes, 129-131, P.6, 08028 Barcelona, Spain

Portugal

MONDIAL RELAY SUCURSAL EM PORTUGAL Registered office: Rua Coronel Edgar Pereira Da Costa Cardoso Nr. 3, Frac. E, 2615-360 Alverca do Ribatejo, Portugal

MONDIAL RELAY SUCURSAL EM PORTUGAL has appointed a Data Protection Officer (DPO) in accordance with Article 37 of the GDPR. The DPO may be contacted:

• by e-mail: [email protected]
• by post: Rua Cor. Edgar Pereira Da Costa Cardoso, 3 E, 2615-360, Alverca do Ribatejo, Portugal

United Kingdom

InPost UK Limited Registered office: Moray House, 23-35 Great Titchfield Street, London, United Kingdom, W1W 7PA

InPost UK Limited has appointed a Data Protection Officer (DPO). The DPO's office may be contacted:

• by e-mail: [email protected]
• by post: FAO Data Protection Officer, Moray House, 23-35 Great Titchfield Street, London, W1W 7PA, United Kingdom

Purposes and Legal Bases for Processing

We process your personal data collected through cookies and similar tracking technologies (including pixel tags and similar mechanisms; hereinafter collectively referred to as “cookies”) for the following purposes:

This includes data such as: your IP address; device and browser identifiers (e.g. cookie IDs, advertising IDs); technical information about your device and browser (e.g. browser type and version, operating system, screen resolution, selected language, country and time zone); behavioural and usage data (e.g. pages visited, links clicked, time spent on page, session duration); and approximate location data derived from your IP address:

1. Necessary for the display and correct functioning of services — including enabling log-in and log-out, data sorting, information transmission (Article 6(1)(b)); as well as fulfilment of our information obligations under applicable law, and the recording of consents given (Article 6(1)(c)). Legal basis:

• necessity for the performance of a contract or to take steps at the request of the user (Article 6(1)(b) GDPR / UK GDPR), and
• legal obligation (Article 6(1)(c) GDPR / UK GDPR) — in respect of the fulfilment of information obligations and the recording of consents given; and
• (where we do not have a contract with you or where neither of the above applies) the legitimate interests of the controller in ensuring correct service operation and demonstrating compliance with applicable data protection law (Article 6(1)(f) GDPR / UK GDPR).

With respect to cookies and tracking technologies themselves, we additionally apply national laws implementing Directive 2002/58/EC (ePrivacy), which permit their use to the extent of "strict necessity" without separate consent.

2. Analytical and statistical — involving analysis of user activity and preferences in order to improve the functionality and quality of our services. Legal basis: the user's consent to processing for analytical purposes (Article 6(1)(a) GDPR / UK GDPR) and consent to the use of cookies and other tracking technologies, to the extent and in the manner required by the applicable national laws implementing Directive 2002/58/EC (ePrivacy).

3. Marketing — our own and/or our partners' — in particular, relating to the presentation of behavioural advertising and remarketing. Legal basis: the user's consent only (Article 6(1)(a) GDPR / UK GDPR) and consent to the use of cookies and other tracking technologies as required by the national laws implementing Directive 2002/58/EC (ePrivacy).

You grant us your consent to the storing of cookies on your device and the reading of information stored in those cookies via the cookie banner displayed when you open the website or mobile application. You may object to the use of non-essential cookies, or if you have previously consented, to withdraw your consent at any time.

If you accept marketing cookies via the banner, we may process the data collected for marketing purposes — including the personalisation of content and profiling. Below, we explain what each of these terms means in practice:

• Personalisation consists of adapting the way our services are presented or function to match your preferences and usage patterns — it does not serve as a means of assessing you as an individual and does not produce legal effects.
• Profiling means the automated processing of your data for the purpose of analysing or predicting your preferences, interests, or behaviour — carried out primarily for analytical, statistical, and service improvement purposes, user segmentation, and — on the basis of your consent where required — for marketing purposes; it does not result in decisions producing legal effects or similarly significant effects for you.

As a general rule, we do not subject you to solely automated decision-making within the meaning of Article 22 of the GDPR.

Detailed information on the principles governing profiling and marketing can be found in the InPost Account Privacy Policy.

COOKIES AND SIMILAR TECHNOLOGIES

Cookies are small text files stored on your device (computer, smartphone, or tablet) that enable us to tailor services and content to your individual needs and preferences, and which are used to generate general statistics on the use of our websites and services.

1. When you use our website, mobile application, or our partners' online platforms, cookies are stored on your device. They enable those services to operate correctly and efficiently, providing faster and easier access to information. If you disable cookies, certain features may be unavailable or may not function correctly.

2. Using cookies and similar technologies (e.g. pixel tags), we collect information about how our services are used. This data may include, amongst other things: your IP address, device identifier and type, browser type, selected language, operating system, country and time zone, as well as information about your interactions with the website or mobile application (e.g. clicks, purchases, saved preferences). The data collected allows us to better understand how you use our services and is used for their improvement and for analytical purposes.

3. We use two types of cookies:

• first-party cookies — set directly by our website or application
• third-party cookies, originating from the domains of external entities operating via our platforms. We use third-party cookies primarily for analytical and advertising purposes. External companies that collaborate with us for marketing purposes may collect data in the form of cookies, software plug-ins, and widgets — directly from your browser or device. The processing of that data is governed by their own privacy policies. A detailed list of tools can be found in Part II — Regional Annexes.

4. We use session cookies — deleted at the end of the browser session — and persistent cookies — stored on your device and which may be used on subsequent visits.

5. Cookies are safe for your device and the software installed on it — they do not modify its settings, do not affect system performance, and do not interfere with its operation.

6. In addition to cookies, we also use other tracking technologies, such as pixel tags and similar mechanisms. We work with external analytics service providers who supply us with aggregated reports. We also engage advertising companies which — exclusively on the basis of your consent — may track your activity across multiple websites and applications , including your interaction with the communications we send you.mm

7. We use the following categories of cookies: necessary, analytical (performance), and advertising (behavioural advertising and remarketing).

Detailed information on each category is set out below:

Necessary Cookies

The use of necessary cookies is essential for the correct functioning of our websites and mobile application. We install them in order to remember login sessions, populate forms, and store privacy option settings (e.g. whether you have accepted or declined non-essential cookies). These cookies do not require your consent under the applicable national laws implementing Directive 2002/58/EC (ePrivacy).

Note: while necessary cookies may process certain technical identifiers (such as session IDs), the formal record of your consent for GDPR (UK GDPR) purposes is stored in our backend systems, not in the cookies themselves."

Analytical Cookies

Analytical cookies enable us to analyse how our websites, mobile applications and communications are used — in particular, the number of visits and the sources of traffic. Data collected via these cookies is aggregated in nature and is not used to identify you directly. We use them solely on the basis of your consent.

Advertising Cookies

Advertising cookies enable us to display advertising content tailored to your interests — both on our website or mobile application and on external websites and social media. They do not directly store your personal data but identify your browser and device, which allows an interest profile to be built on the basis of your activity across different services. We use them solely on the basis of your consent.

Behavioural Advertising and Remarketing

We and our trusted advertising partners — solely on the basis of your consent — may direct behavioural advertisements to you, i.e. advertisements tailored to your interests and online behaviour. Remarketing involves re-targeting users who have previously visited our websites or mobile application with advertising messages — by displaying advertisements on other websites and social media.

MANAGING YOUR COOKIE SETTINGS AND YOUR RIGHTS

The use of cookies for data collection purposes, including accessing information stored on your device, requires your consent. When consent is required, we obtain it via the cookie banner displayed when you open the website or mobile application. You may withdraw your consent at any time.

Certain cookies are installed automatically, without requiring your consent — this applies solely to cookies that are strictly necessary for the technical functioning of the website, without which displaying content would be impossible.

Once the banner is displayed, you may manage your preferences by clicking the "Customise" button, then selecting the relevant categories and confirming your choice.

You may also withdraw your consent by changing your browser settings. Further information is available at the following links:

• Internet Explorer: support.microsoft.com/en-gb/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
• Mozilla Firefox: support.mozilla.org/en-US/kb/cookies
• Microsoft Edge: support.microsoft.com/en-gb/windows/manage-cookies-in-microsoft-edge
• Chrome: support.google.com/chrome/bin/answer.py
• Opera: help.opera.com/en/latest/web-preferences
• Safari: support.apple.com/kb/PH5042

If you wish to restrict the display of personalised advertisements on Android or iOS, you may change the settings of your device:

• Android: support.google.com/googleplay/android-developer/answer/6048248
• iOS: support.apple.com/en-gb/HT202074

To exercise your rights — access to your data, rectification, erasure, restriction of processing, data portability, objection, or the lodging of a complaint — please contact us in the manner described in section I of this Policy.

HOW LONG DO WE RETAIN YOUR DATA?

The period for which your data is processed depends on the purpose of processing. As a general rule, we retain it until you withdraw the consent you have given. The processing period may be extended where this is necessary for the pursuit or defence of claims — and thereafter only to the extent required by law. After the processing period has elapsed, the data is irreversibly deleted or anonymised.

The retention period for data collected via cookies depends on their category:

• necessary cookies — retained for the duration of the session or for the period necessary to ensure the correct operation of the service, but for no longer than 12 months
• analytical cookies — retained for the period necessary to fulfil analytical and statistical purposes, but for no longer than 24 months from the date on which they were stored on your device;
• marketing cookies — retained for the period during which your consent remains valid, but for no longer than 12 months from the date on which consent was given; upon withdrawal of consent, any data processed solely on that basis is deleted without delay.

The Regional Annexes (Part II) may provide for shorter or more restrictive retention periods for individual categories of cookies or for specific tools and technologies used locally — in such cases, the retention periods set out in the Regional Annex applicable to the relevant country shall apply.

TO WHOM DO WE DISCLOSE YOUR DATA?

In connection with your use of our websites or mobile application, your personal data collected via cookies and similar technologies may be disclosed to the following categories of recipients:

• processors acting on our behalf — technical and IT service providers acting solely on the basis of a data processing agreement concluded with us and in accordance with our instructions. These include, amongst others, providers of solutions necessary for the correct operation of websites, the mobile application, or online platforms, and analytics service providers that supply us with aggregated reports;
• independent advertising partners and marketing technology providers — who install their own cookies and similar technologies via our websites or mobile application and then process the data collected in their own name and on their own account, in accordance with their own privacy policies. These entities act as independent controllers or — in the case of certain social plug-in providers — as joint controllers together with us;
• providers of social media plug-ins and tools (including Meta, TikTok, X, LinkedIn, YouTube) — to the extent that you use content-sharing features or interact with elements of those services on our platforms. In relation to selected providers, the Controller and the relevant social media platform act as joint controllers within the meaning of Article 26 of the GDPR. Further details on the scope of joint controllership can be found in Part II — Regional Annexes.

A list of the entities to which we permit the setting of cookies and similar technologies on your device, together with a description of their role, the purposes of processing, and a link to their privacy policy, can be found in Part II — Regional Annexes.

HOW CAN YOU EXERCISE YOUR RIGHTS?

To exercise your rights — access to your data, rectification, erasure, restriction of processing, data portability, objection to processing, or the lodging of a complaint in connection with tracking technologies — please contact the Controller in the manner described in section I of this Policy. You also have the right to lodge a complaint with a supervisory authority. Further details can be found in the Privacy Policy.

TRANSFERS OF DATA OUTSIDE THE EEA

As a general rule, we do not use service providers established outside the European Economic Area (EEA) or United Kingdom. It may, however, occur that certain entities whose services we use, directly or indirectly — such as providers of social media or analytics services — are established in countries outside the EEA or use sub-processors located there.

In such circumstances, we transfer your personal data outside the EEA only where this is necessary and only where an adequate level of protection as required by the GDPR is ensured. To this end:

• we transfer data to countries in respect of which the European Commission has issued an adequacy decision, or
• we engage specific providers on the basis of standard contractual clauses approved by the European Commission (Standard Contractual Clauses), which — together with any required additional safeguards — ensure a level of data protection equivalent to that applicable within the European Union.

You may obtain information about the safeguards applied by contacting us in the manner described in section I of this Policy.

CHANGES TO THE COOKIE POLICY

We regularly review and — where necessary — update this Policy.