wordpress logo light
Developer

Privacy Policy

The Privacy Policy defines the rules for storing and accessing data on Users' Devices using the Service for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing Users' personal data provided by them personally and voluntarily through the tools available in the Service.

The following Privacy Policy is an integral part of the Service Terms and Conditions, which specify the rules, rights, and obligations of Users using the Service.

§1 Definitions

  • Service – the website "WordPress & WooCommerce Developer - Freelancer" operating at https://wordpresskwiatkowski.pl

  • External Service – websites of partners, service providers, or clients cooperating with the Administrator

  • Service/Data Administrator – the Service and Data Administrator (hereinafter the "Administrator") is the individual "Paweł Kwiatkowski" residing in Bydgoszcz, providing electronic services through the Service

  • User – an individual for whom the Administrator provides electronic services via the Service

  • Device – an electronic device along with software through which the User accesses the Service

  • Cookies – text data stored in files placed on the User's Device

  • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

  • Personal Data – information about an identified or identifiable natural person (“data subject”); an identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more specific factors regarding their physical, physiological, genetic, mental, economic, cultural, or social identity

  • Processing – any operation or set of operations performed on personal data or sets of personal data, whether automated or not, such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning or combining, restricting, erasing, or destroying

  • Restriction of Processing – marking stored personal data to limit its future processing

  • Profiling – any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects of a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movement of that person

  • Consent – a freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by which they, by statement or clear affirmative action, agree to the processing of their personal data

  • Data Breach – a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data transmitted, stored, or otherwise processed

  • Pseudonymization – processing personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to prevent re-identification

  • Anonymization – an irreversible process of modifying data that destroys/overwrites personal data, preventing identification or linking of a record with a specific user or natural person

§2 Data Protection Officer

According to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

  • Internal Cookies – files placed and read from the User's Device by the Service’s IT system

  • External Cookies – files placed and read from the User's Device by IT systems of external Services. Scripts of external Services that may place Cookies on the User’s Device have been consciously included in the Service via embedded scripts and services

  • Session Cookies – files placed and read from the User's Device by the Service during one session of the Device. Files are deleted after the session ends.

  • Persistent Cookies – files placed and read from the User's Device by the Service until manually deleted. Files are not automatically deleted after the session ends unless the User's Device is configured to remove cookies at session end.

§4 Data Storage Security

  • Cookie storage and retrieval mechanisms – the mechanisms for storing, reading, and exchanging data between Cookies stored on the User's Device and the Service are implemented via web browser features and do not allow retrieval of other data from the User’s Device or data from other visited websites, including personal or confidential information. Transmission of viruses, trojans, or other malware to the User’s Device is virtually impossible.

  • Internal Cookies – Cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that could compromise personal data or Device security.

  • External Cookies – The Administrator takes all possible measures to verify and select service partners regarding User safety. Known, large, globally trusted partners are chosen. However, the Administrator does not have full control over the content of Cookies from external partners. The Administrator is not responsible for the content, safety, or proper use of Cookies from external services to the extent permitted by law. A list of partners is provided later in the Privacy Policy.

  • Cookie control

  • User-side threats – the Administrator applies all possible technical measures to ensure Cookie data safety. However, data security also depends on User behavior. The Administrator is not responsible for intercepted data, session hijacking, or deletion due to deliberate or accidental User actions, viruses, trojans, or spyware. Users should follow cybersecurity best practices.

  • Personal data storage – The Administrator ensures all voluntarily provided personal data is processed securely, with limited access, and according to the intended purposes.

  • Password storage – Passwords are stored in encrypted form using modern standards, making decryption practically impossible.

§5 Purposes of Using Cookies

  • Improving and facilitating access to the Service
  • Personalization of the Service for Users
  • Enabling login to the Service
  • Marketing and remarketing on external platforms
  • Conducting statistics (users, visits, device types, connections, etc.)
  • Providing multimedia services

§6 Purposes of Processing Personal Data

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:
    • Registration and maintenance of the User's account on the Service and related functionalities
    • Newsletter services (including sending advertising content with consent)
    • Providing information about content published on the Service on social networks or other websites
  • Administrator communication with Users regarding the Service and data protection
  • Ensuring the legally justified interest of the Administrator

Data collected anonymously and automatically about Users is processed for one of the following purposes:

  • Conducting statistics
  • Remarketing
  • Ensuring the legally justified interest of the Administrator

§7 Cookies from External Services

The Administrator uses JavaScript scripts and web components from partners who may place their own cookies on the User’s Device. Remember that in your browser settings you can control which cookies are allowed for each website. Below is a list of partners or their services implemented in the Service that may place cookies:

Services provided by third parties are beyond the Administrator’s control. These entities may change their terms of service, privacy policies, data processing purposes, or cookie usage at any time.

§8 Types of Collected Data

The Service collects data about Users. Some data is collected automatically and anonymously, while some personal data is voluntarily provided by Users during registration or subscription to services offered by the Service.

Anonymous data collected automatically:

  • IP address
  • Browser type
  • Screen resolution
  • Approximate location
  • Visited pages within the Service
  • Time spent on each page
  • Operating system
  • Referring page address
  • Referrer website
  • Browser language
  • Internet connection speed
  • Internet service provider
  • Demographic data (age, gender)

Data collected during registration:

  • Username
  • Email address
  • IP address (collected automatically)

Data collected for Newsletter subscription:

  • First/last name or nickname
  • Email address
  • IP address (collected automatically)

Some non-identifying data may be stored in cookies and/or sent to statistical service providers.

§9 Access to Personal Data by Third Parties

In principle, the only recipient of Users’ personal data is the Administrator. Data collected in the course of services is not sold or shared with third parties.

Access to data may be granted to entities responsible for maintaining infrastructure and services necessary for the Service, usually under a Data Processing Agreement, including:

  • Hosting companies providing hosting or related services for the Administrator
  • Companies providing Newsletter services
  • Payment intermediaries for online transactions offered via the Service

Data processing for Hosting, VPS, or Dedicated Server services

The Administrator uses an external hosting, VPS, or Dedicated Server provider – Proserwer.pl. All data collected and processed on the Service is stored in the provider’s infrastructure located in Poland. Access to data may occur during maintenance by the provider’s personnel. Access is regulated by an agreement between the Administrator and the provider.

Data processing for online payments

For online payments, payment data is submitted directly by the User to the payment provider – Stripe. Necessary transaction data is then shared with the Administrator. Data transfer is governed by an agreement between the Administrator and the provider.

§10 Method of Processing Personal Data

Personal data voluntarily provided by Users:

  • Personal data will not be transferred outside the European Union, unless published as a result of the User’s individual action (e.g., posting a comment or entry), making the data accessible to anyone visiting the Service.
  • Personal data will not be used for automated decision-making (profiling).
  • Personal data will not be sold to third parties.

Anonymous data (without personal data) collected automatically:

  • Anonymous data may be transferred outside the European Union.
  • Anonymous data will not be used for automated decision-making (profiling).
  • Anonymous data will not be sold to third parties.

§11 Legal Basis for Processing Personal Data

The Service collects and processes User data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – GDPR)
    • Art. 6(1)(a) – the data subject has given consent to the processing of their personal data for one or more specific purposes
    • Art. 6(1)(b) – processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract
    • Art. 6(1)(f) – processing is necessary for the purposes of the legitimate interests pursued by the administrator or a third party
  • Act of 10 May 2018 on the protection of personal data (Dz.U. 2018, item 1000)
  • Act of 16 July 2004 – Telecommunications Law (Dz.U. 2004, No. 171, item 1800)
  • Act of 4 February 1994 on copyright and related rights (Dz.U. 1994, No. 24, item 83)

§12 Period of Processing Personal Data

Personal data voluntarily provided by Users:

Generally, such personal data is stored only for the duration of the Service provided by the Administrator. It is deleted or anonymized within 30 days after the end of service provision (e.g., account deletion, unsubscribing from the Newsletter).

An exception applies if the data must be retained to secure the Administrator’s legitimate interests. In such cases, the Administrator may store the data, after the User’s deletion request, for no longer than 3 years in case of violation or suspected violation of the Service Terms by the User.

Anonymous data (without personal data) collected automatically:

Anonymous statistical data not constituting personal data is stored indefinitely by the Administrator for statistical purposes.

§13 Users’ Rights Regarding Personal Data

Users have the following rights regarding their personal data:

  • Right of access – Users may request access to their personal data from the Administrator.
  • Right to rectification – Users may request the immediate correction of inaccurate personal data or completion of incomplete data.
  • Right to erasure – Users may request the immediate deletion of their personal data. For user accounts, deletion involves anonymization of identifying data. The Administrator reserves the right to withhold deletion to protect legitimate interests (e.g., User violating Terms, correspondence-related data). Newsletter users can unsubscribe themselves via the link in each email.
  • Right to restriction of processing – Users may request restriction of processing in cases specified in Art. 18 GDPR (e.g., contesting accuracy).
  • Right to data portability – Users may request their data in a structured, commonly used machine-readable format.
  • Right to object – Users may object to processing of their personal data as per Art. 21 GDPR.
  • Right to lodge a complaint – Users may file a complaint with the supervisory authority for data protection.

§14 Contact with the Administrator

Users may contact the Administrator in the following way:

  • Email address: kontakt@wordpresskwiatkowski.pl

§15 Service Requirements

  • Limiting cookie storage or access on the User’s Device may cause some Service functions to malfunction.
  • The Administrator is not responsible for malfunctioning Service features if the User restricts cookie storage or access in any way.

§16 External Links

Articles, posts, entries, or User comments may contain links to external websites not affiliated with the Service. These links or files may be unsafe for your Device or pose a risk to your data. The Administrator is not responsible for content outside the Service.

§17 Changes to the Privacy Policy

  • The Administrator reserves the right to change this Privacy Policy at any time regarding the use of anonymous data or cookies without notifying Users.
  • The Administrator reserves the right to change the Privacy Policy regarding personal data processing and will notify registered users or newsletter subscribers via email within 7 days. Continued use of the Service constitutes acceptance. Users disagreeing with the changes must delete their account or unsubscribe from the Newsletter.
  • Changes to the Privacy Policy will be published on this page of the Service.
  • Changes take effect immediately upon publication.