wordpress-white-e1766921980825.png
woo-white-margin2-e1766921940132.png
Pawel Kwiatkowski
Quote
EN

Privacy Policy

This Privacy Policy defines the rules for storing and accessing data on the devices of Users who use the Service for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing Users’ personal data that they have provided personally and voluntarily through the tools available within the Service.

This Privacy Policy forms an integral part of the Service Terms and Conditions, which define the rules, rights, and obligations of Users using the Service.

§1 Definitions

  • Service - the website "WordPress & WooCommerce Developer - Freelancer" operating at https://wordpresskwiatkowski.pl

  • External Service - websites of partners, service providers, or clients cooperating with the Administrator

  • Service / Data Administrator - the Service Administrator and Data Administrator (hereinafter referred to as the Administrator) is a natural person, "Paweł Kwiatkowski", residing in Bydgoszcz, providing electronic services via the Service

  • User - a natural person for whom the Administrator provides electronic services via the Service.

  • Device - an electronic device with software through which the User accesses the Service

  • Cookies - text data collected in the form of files stored on the User’s Device

  • GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

  • Personal Data - information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

  • Processing - an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction;

  • Restriction of Processing - the marking of stored personal data with the aim of limiting their future processing

  • Profiling - any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

  • Consent - consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them

  • Personal Data Breach - a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed

  • Pseudonymization - the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures to ensure non-attribution

  • Anonymization - the anonymization of data is an irreversible process of operations on data that destroys or overwrites personal data, making it impossible to identify or associate a given record with a specific user or natural person.

§2 Data Protection Officer

Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.

In matters related to data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

  • Internal Cookies - files placed and read from the User’s Device by the Service’s IT system

  • External Cookies - files placed and read from the User’s Device by IT systems of external services. Scripts of external services that may place cookies on the User’s Device have been intentionally embedded in the Service via scripts and services provided and installed in the Service

  • Session Cookies - files placed and read from the User’s Device by the Service during a single session of a given Device. After the session ends, the files are deleted from the User’s Device.

  • Persistent Cookies - files placed and read from the User’s Device by the Service until they are manually deleted. Files are not automatically deleted after the session ends unless the User’s Device is configured to delete cookies after the session ends.

§4 Data Storage Security

  • Cookie storage and access mechanisms - mechanisms for storing, reading, and exchanging data between cookies stored on the User’s Device and the Service are implemented through built-in web browser mechanisms and do not allow access to other data from the User’s Device or data from other websites visited by the User, including personal or confidential information. Transferring viruses, trojans, or other malware to the User’s Device is also practically impossible.

  • Internal Cookies - cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that could threaten the security of personal data or the security of the Device used by the User.

  • External Cookies - the Administrator undertakes all reasonable efforts to verify and select service partners in terms of User security. The Administrator cooperates with well-known, large partners with global public trust. However, the Administrator does not have full control over the content of cookies originating from external partners. To the extent permitted by law, the Administrator is not responsible for the security of cookies, their content, or their licensed use by scripts installed in the Service originating from External Services. A list of partners is included in the further part of the Privacy Policy.

  • Cookie Control

  • User-side risks - the Administrator applies all possible technical measures to ensure the security of data stored in cookies. However, ensuring the security of this data depends on both parties, including the User’s actions. The Administrator is not responsible for interception of such data, impersonation of a User session, or their deletion as a result of conscious or unconscious User actions, viruses, trojans, or other spyware that may have infected the User’s Device. Users should follow principles that enhance their cybersecurity to protect against such threats.

  • Storage of personal data - the Administrator ensures that all reasonable efforts are made to keep personal data voluntarily provided by Users secure, with access limited and used in accordance with its intended purpose and processing goals. The Administrator also makes every effort to protect held data against loss through appropriate physical and organizational safeguards.

  • Password storage - the Administrator declares that passwords are stored in encrypted form using the latest standards and guidelines. Decrypting account passwords provided in the Service is practically impossible.

§5 Purposes for Which Cookies Are Used

  • Improving and facilitating access to the Service
  • Personalizing the Service for Users
  • Enabling login to the Service
  • Marketing and remarketing on external services
  • Collecting statistics (users, number of visits, device types, connection, etc.)
  • Providing multimedia services

§6 Purposes of Personal Data Processing

Personal data voluntarily provided by Users are processed for one of the following purposes:

  • Provision of electronic services:
    • User account registration and maintenance services and related functionalities
    • Newsletter services (including sending promotional content with consent)
    • Services enabling sharing information published in the Service on social media or other websites
  • Communication between the Administrator and Users regarding the Service and data protection
  • Ensuring the Administrator’s legitimate interests

Data about Users collected anonymously and automatically are processed for one of the following purposes:

  • Statistical analysis
  • Remarketing
  • Ensuring the Administrator’s legitimate interests

§7 Cookies of External Services

The Administrator uses JavaScript scripts and web components of partners within the Service who may place their own cookies on the User’s Device. Remember that you can decide which cookies are allowed for individual websites in your browser settings. Below is a list of partners or their services implemented in the Service that may place cookies:

Services provided by third parties are beyond the Administrator’s control. These entities may change their terms of service, privacy policies, purposes of data processing, and methods of using cookies at any time.

§8 Types of Data Collected

The Service collects data about Users. Some data is collected automatically and anonymously, while other data consists of personal data voluntarily provided by Users when subscribing to specific services offered by the Service.

Anonymous data collected automatically:

  • IP address
  • Browser type
  • Screen resolution
  • Approximate location
  • Visited subpages of the Service
  • Time spent on a specific subpage
  • Operating system type
  • Previous page address
  • Referring website address
  • Browser language
  • Internet connection speed
  • Internet service provider
  • Demographic data (age, gender)

Data collected during registration:

  • Username
  • E-mail address
  • IP address (collected automatically)

Data collected when subscribing to the Newsletter service

  • First name / last name / nickname
  • E-mail address
  • IP address (collected automatically)

Some data (excluding identifying data) may be stored in cookies. Some data (excluding identifying data) may be transferred to statistical service providers.

§9 Access to Personal Data by Third Parties

As a rule, the sole recipient of personal data provided by Users is the Administrator. Data collected as part of provided services is not transferred or sold to third parties.

Access to data (most often based on a data processing agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for operating the Service, such as:

  • Hosting companies providing hosting or related services to the Administrator
  • Companies through which the Newsletter service is provided
  • Companies mediating online payments for goods or services offered within the Service (in the case of purchase transactions)

Entrustment of personal data processing – Hosting, VPS, or Dedicated Server services

For the purpose of operating the Service, the Administrator uses services of an external hosting, VPS, or Dedicated Server provider – Proserwer.pl. All data collected and processed within the Service is stored and processed in the service provider’s infrastructure located in Poland. Access to data may occur as a result of maintenance work performed by the service provider’s staff. Access to such data is governed by an agreement concluded between the Administrator and the Service Provider.


Processing of data in the case of online payments

In the case of online payments, all payment-related data is transferred directly by the User to the payment processor – Stripe. Selected data necessary to complete the transaction is then transferred by that entity to the Administrator. Data transfer is governed by an agreement concluded between the Administrator and the Service Provider.


§10 Method of Processing Personal Data

Personal data voluntarily provided by Users:

  • Personal data will not be transferred outside the European Union unless published as a result of individual User actions (e.g., posting a comment or entry), which will make such data available to any visitor of the Service.
  • Personal data will not be used for automated decision-making (profiling).
  • Personal data will not be sold to third parties.

Anonymous data (without personal data) collected automatically:

  • Anonymous data (without personal data) may be transferred outside the European Union.
  • Anonymous data (without personal data) will not be used for automated decision-making (profiling).
  • Anonymous data (without personal data) will not be sold to third parties.

§11 Legal Basis for Processing Personal Data

The Service collects and processes User data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
    • Art. 6(1)(a)
      the data subject has given consent to the processing of their personal data for one or more specific purposes
    • Art. 6(1)(b)
      processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
    • Art. 6(1)(f)
      processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
  • Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
  • Act of July 16, 2004 – Telecommunications Law (Journal of Laws 2004 No. 171, item 1800)
  • Act of February 4, 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)

§12 Personal Data Retention Period

Personal data voluntarily provided by Users:

As a rule, the indicated personal data is stored only for the duration of the Service provision by the Administrator. It is deleted or anonymized within 30 days of termination of the Service (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.).

An exception applies when it is necessary to secure the Administrator’s legitimate interests for further processing of such data. In such cases, the Administrator will retain the data from the moment the User requests deletion, for no longer than 3 years in the event of a violation or suspected violation of the Service Terms by the User.

Anonymous data (without personal data) collected automatically:

Anonymous statistical data that does not constitute personal data is stored by the Administrator for an indefinite period for statistical purposes.

§13 User Rights Related to the Processing of Personal Data

The Service collects and processes User data based on:

  • Right of access to personal data
    Users have the right to obtain access to their personal data upon request submitted to the Administrator

  • Right to rectification of personal data
    Users have the right to request immediate rectification of inaccurate personal data and/or completion of incomplete personal data upon request submitted to the Administrator

  • Right to erasure of personal data
    Users have the right to request immediate erasure of personal data upon request submitted to the Administrator. In the case of user accounts, data erasure consists of anonymizing data enabling User identification. The Administrator reserves the right to suspend fulfillment of a data erasure request to protect its legitimate interests (e.g., if the User has violated the Terms or if data was obtained through correspondence). In the case of the Newsletter service, Users may independently delete their personal data using the link included in each e-mail message.

  • Right to restriction of processing
    Users have the right to restrict processing of personal data in cases specified in Article 18 of the GDPR, including questioning the accuracy of personal data, upon request submitted to the Administrator

  • Right to data portability
    Users have the right to receive from the Administrator their personal data in a structured, commonly used, machine-readable format, upon request submitted to the Administrator

  • Right to object to the processing of personal data
    Users have the right to object to the processing of their personal data in cases specified in Article 21 of the GDPR, upon request submitted to the Administrator

  • Right to lodge a complaint
    Users have the right to lodge a complaint with a supervisory authority responsible for personal data protection.

§14 Contact with the Administrator

The Administrator may be contacted in one of the following ways:

  • E-mail address - kontakt@wordpresskwiatkowski.pl

§15 Service Requirements

  • Restricting the storage and access to cookies on the User’s Device may cause some Service functionalities to operate incorrectly.

  • The Administrator shall not be liable for improperly functioning Service features if the User limits the ability to store or read cookies in any way.

§16 External Links

The Service—articles, posts, entries, or User comments—may contain links to external websites with which the Service Owner does not cooperate. These links and the sites or files they refer to may be unsafe for your Device or pose a risk to the security of your data. The Administrator is not responsible for content located outside the Service.

§17 Changes to the Privacy Policy

  • The Administrator reserves the right to make changes to this Privacy Policy at any time without notifying Users regarding the use and processing of anonymous data or the use of cookies.

  • The Administrator reserves the right to make changes to this Privacy Policy regarding the processing of Personal Data and will inform Users with accounts or subscribed to the Newsletter service via e-mail within 7 days of the change. Continued use of the Service constitutes acceptance of the changes. If a User does not agree with the changes, they are obliged to delete their account or unsubscribe from the Newsletter service.

  • Changes introduced to the Privacy Policy will be published on this Service subpage.

  • Changes take effect upon publication.
Order a quote for services

Fill out the form

You will receive a response within 2 hours

(during my working hours: 11:00 AM – 7:00 PM) Polish time.

What does contact look like?

Division into steps – for clarity and a sense of security:

1

Consultation – we determine your needs

Fill out the form and contact me directly. Describe your idea, needs, and goals – based on that, I’ll prepare a preliminary quote.

2

Analysis and valuation

I review what needs action and provide a quote. If necessary, I contact you to ask for further details.

3

I'm taking action right away!

Once you approve, I’ll get to work. I process most requests the same day.

* – Field required to be completed

Site language
Polish
English