Privacy policy

The following Privacy Policy aims to define the rules and method of processing personal data of Website users (hereinafter referred to as the User) and other persons providing their personal data, taking into account the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – hereinafter referred to as the GDPR. The administrator of personal data is the Syrena Theatre with its registered office in Warsaw (00-589), ul. Litewska 3, NIP number 525-000-96-83, hereinafter referred to as the Administrator.

In all matters related to the processing of your personal data by the Administrator, please contact our Data Protection Officer at the e-mail address

Scope of personal data processing

When Users browse the content of the Website, information on the use of the Website by Users and their IP addresses are automatically collected based on the analysis of access logs, e.g. browser type, operating system type, date and time of visit, number of connections, number of opened subpages, viewed content. Just browsing the content of the website does not require the User to provide his personal data. The use of some functionalities of the Website may be preceded by a registration process, which may involve providing the User’s personal data. In this case, the User’s failure to provide personal data may limit the use of some functionalities of the Website – including the purchase of the offered service.

Information collected automatically is used to manage the Website, identify possible security threats, study Users’ traffic within the Website and for statistical purposes, including using the Google Analytics tool, e.g. about the region from which the connection was made, IP number, date and time of connection, the source and number of connections, the number of opened subpages of the Service, or to personalize the content of subpages of the Service. This information is in no way combined with the personal data of the Website User and is not used to determine the User’s identity. The scope of information collected automatically depends on the settings of the User’s web browser. The user should check the settings of his browser to find out what information is provided by the browser automatically or to change these settings.

Legal basis for the personal data processing

  • Conclusion of a ticket purchase agreement pursuant to art. 6 sec. 1 lit. b GDPR.
  • Issuing a document confirming payment for the order, keeping accounting books, fulfilling other tax obligations pursuant to art. 6 sec. 1 lit. c GDPR in connection with the Accounting Act.
  • Store the User’s personal data in order to conduct a possible complaint procedure pursuant to art. 6 sec. 1 lit. b, c and f GDPR, as the so-called legitimate interest of the Administrator, which is the pursuit of our claims and defense of our rights for the period provided for by law.
  • Determining, investigating and defending claims in respect of our business activity pursuant to art. 6 sec. 1 lit. f of the GDPR, i.e. the legitimate interest of the Administrator, which is to establish, pursue and defend claims.
  • Providing answers about our activities, including the possibility of purchasing tickets, booking a seat, the cast of a performance pursuant to art. 6 sec. 1 lit. f of the GDPR, i.e. the legitimate interest of the Administrator in the form of conducting sales activities.
  • Providing direct marketing via the newsletter service pursuant to Art. 6 section 1 letter f GDPR, i.e. the legitimate interest of the Administrator, which is sending the newsletter. The user may unsubscribe from receiving such information at any time via the link provided in the marketing message sent in the newsletter.

All data provided by the User when placing an order will not be disclosed to third parties, with the proviso that they will be disclosed if it is necessary due to applicable law.

The administrator does not intend to transfer personal data to recipients, unless otherwise provided by law or there is a need to use the services of subcontractors, such as e.g. entities providing services and IT systems for handling orders, entities providing postal or courier services (if parcels are sent); entities providing hosting and e-mail services (including its sending); payment service providers; entities providing advisory and legal services. The processing of data by these entities is limited by the applicable law or the purpose for which the personal data was provided.

Personal data will be processed for the period necessary to achieve the purposes referred to above, e.g. maintaining an account set up by the User. Personal data processed in order to fulfill the obligations arising from legal provisions will be processed for the period resulting from these provisions. The period of personal data processing may be extended by the period of limitation of claims, if the processing of personal data is necessary to pursue any claims or defend against such claims. The processing of data in the form of an e-mail address for the purpose of sending the newsletter will last until the objection is raised.

In connection with the processing of personal data, the User has the following rights: the right to access the data content, the right to rectify data, the right to delete data, the right to request restriction of data processing, the right to transfer data, the right to object, the right to lodge a complaint with the supervisory authority (the President of the Office for Personal Data Protection) if it is found that the processing of personal data violates the provisions of the GDPR. In order to exercise the above rights, please contact the Personal Data Inspector at the e-mail address:

Providing personal data when purchasing or booking a ticket as well as other purposes indicated above is voluntary. The consequence of not providing personal data will be the inability to achieve the aforementioned goals, e.g. buying a ticket.

The User’s personal data may be subject to automated decision making, including profiling.


On the website, the Administrator uses cookies, i.e. small text and numeric files that are saved by the ICT system in the User’s ICT system (on the User’s computer, telephone, or other device from which the connection to the website was made) when browsing the Website and which allow for subsequent identification of the User when reconnecting to the Website from the device (e.g. computer, telephone) on which they were saved. We use the following types of cookies:

  • Session cookies that collect information about the User’s activities and exist only for the duration of a given session, which begins when the Website is opened and ends when it is closed;
  • Persistent cookies that are stored on the User’s ICT device (on the User’s computer, telephone or other device from which the connection to the Website was made) and remain in it for a long time after closing the web browser;
  • Other cookies placed by the Website and cookies placed by third parties, approved by the Administrator, including Google Analytics cookies, used to analyze the activities of Users for statistical purposes.

Cookies do not store information constituting Users’ personal data. Cookies are not used to determine the User’s identity. Cookies are used with the User’s consent. The consent may be expressed by the User through the appropriate settings of the software (in particular the web browser) installed on the device used by the User to view the content of the Website. The user may at any time withdraw or change the scope of previously expressed consent to the use of cookies on the Website and remove them from his browser. The User may also limit or disable cookies in their browser at any time by setting it to block cookies or warn the User against saving a cookie file on the device used to view the content of the Website.

How to turn off or turn on cookies in most popular web browsers

Internet ExplorerIn Internet Explorer, select:
Internet options
Block all cookies
More informaction – Internet Explorer
Google ChromeIn Google Chrome, select:
Chrome menu in the upper right corner
Show Advanced settings
Content settings in the Privacy section
Block cookies and data from third-party sites

More informaction – Chrome
FirefoxIn Firefox, select:
From the list Firefox will use your settings
Select appropriate option
More informaction – Firefox
OperaIn Opera, Select:
Select appropriate option
More informaction – Opera
SafariIn Safari, select:
Settings in the upper right corner
Select appropriate option

More informaction – Safari

Principles of privacy protection on third party websites to which the Administrator provides data collected on the website

FacebookThe administrator places the “Like” and “Share” buttons associated with Facebook on the pages of this Website. For this purpose, a code referring to Facebook is placed in the relevant sections and pages. By using the “Like” button or by recommending an image or section of the Website, the User logs in to Facebook, where Meta’s privacy policy applies. The policy can be viewed at the provided links.Privacy policy Facebooka
YouTubeThe Administrator embeds videos shared from YouTube on this Website. For this purpose, a code referring to YouTube is placed in the relevant sections and pages. YouTube tracks video playback, and this tracking is done in accordance with YouTube’s privacy policy, which is available at the provided link.Privacy policy YouTube
GoogleThe administrator uses analytical tools offered by Google. You can read the privacy policy of this company at the provided link.Privacy policy Google

The collected data is carefully protected in accordance with applicable regulations. The administrator makes every effort to ensure the appropriate level of security for the stored data. The website is secured with security measures designed to protect personal data processed by the Administrator against their modification, destruction, unauthorized access and disclosure or acquisition and their loss, as well as processing in violation of the provisions specifying the rules of conduct for the processing of personal data.

Only a limited number of the Administrator’s employees who have personal authorizations have access to the processing of Users’ personal data.

The Administrator is not responsible for non-performance or improper performance of services by telecommunications operators with whom the User has signed contracts. The Administrator is not responsible for third parties who may gain access to the User’s computer and/or mobile device and access the data that the Administrator presents to the User. The Administrator is not responsible for operations performed using the User’s login and password by third parties.