PRIVACY POLICY AND COOKIE POLICY

This Privacy Policy and Cookie Policy contains information regarding the processing of personal data you may provide to the Controller while using the Website, as well as the use of cookies. The Controller reserves the right to make changes to this Privacy Policy. Such changes may result from amendments to applicable laws, developments in internet technology, the use of new tools by the Controller, or other objective reasons. The publication date of the current version of the Privacy Policy and Cookie Policy is displayed at the top of the page.

DEFINITIONS

Controller – The data controller is the entity that determines the purposes and means of processing personal data. Detailed information regarding data processing is always provided when data is collected, e.g. in contracts concluded with you or in announcements. The Personal Data Controller implementing this Personal Data Security Policy is Mateusz Skibinski.

Personal Data – Information relating to an identified or identifiable natural person through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP address, location data, online identifiers, and information collected via cookies or similar technologies.

Policy – This Privacy Policy containing information on the processing of Personal Data and the use of cookies and similar tracking technologies within the Website.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, repealing Directive 95/46/EC. Personal Data Protection Act – the Act of 10 May 2018 on Personal Data Protection (Journal of Laws 2018, item 1000 as amended).

Website – The website operated by the Controller at https://www.mateuszskibinski.com, accessible through internet browsers, including all its subpages and any services provided within the domain, such as the contact form.

User – A natural person visiting the Website or using one or more services or functionalities described in this Policy.

Device – An electronic device through which the User accesses the Website.

WHO IS THE PERSONAL DATA CONTROLLER?

The personal data controller is Mateusz Skibinski.

The Controller may be contacted via e-mail at: contact@mateuszskibinski.com. By contacting the Controller via e-mail, contact form, or social media, you provide your personal data, such as your name and e-mail address.

The Controller attaches great importance to security and compliance with legal regulations concerning the processing of Users’ personal data. Users’ personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and other currently applicable personal data protection regulations.

WHAT PERSONAL DATA IS PROCESSED BY THE CONTROLLER IN CONNECTION WITH THE USE OF THE WEBSITE?

The Website enables the User to contact the Controller and provide identification and contact data, as well as information related to the content of the message.

The Controller collects data related to User activity, such as time spent on the Website, search phrases, number of viewed subpages, date, and source of visits.

If the User contacts the Controller, the data is provided directly by the User.

If the User’s data has been provided by another person in connection with a matter referred to the Controller, the source of the data is that person. In such a case, the Controller receives identification and address data, as well as information related to the matter.

In connection with the User’s use of the Website, the Controller collects data necessary for providing specific services, such as first name, last name, residential address, and e-mail address.

Detailed rules and purposes of processing personal data collected during the use of the Website are described below.

PURPOSES AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

Purposes and legal bases for processing Personal Data within the Website

Personal data of all persons using the Website is processed by the Controller for the following purposes:

  • Analysis of website traffic, ensuring security within the Website, and adapting content (Article 6(1)(f) GDPR);
  • Responding to correspondence, providing requested offers, and conducting correspondence (Article 6(1)(a) and (f) GDPR);
  • Delivering and displaying content within the Website – for this purpose, the Controller collects personal data such as IP address and cookies; the data is processed based on Article 6(1)(f) GDPR;
  • Establishing, defending, and pursuing claims – the legal basis is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting of protecting its rights;
  • Publishing User opinions regarding services provided by the Controller and conducting surveys (Article 6(1)(a) GDPR);
  • Using cookies on the Website and its subpages (Article 6(1)(a) GDPR);
  • Analytical and statistical purposes – conducting analyses of User activity on the Website to improve functionalities (Article 6(1)(f) GDPR);
  • Operating the newsletter (Article 6(1)(a) GDPR and Article 6(1)(f) GDPR).

To contact the Controller, the Website provides an electronic contact form. Use of the form requires providing personal data necessary to establish contact. The User may also provide additional data to facilitate communication or handling of the inquiry. Providing data marked as mandatory is required to receive and process the inquiry; failure to provide such data will result in the inability to process the inquiry. Providing other data is voluntary. Personal data is processed to identify the sender and handle the inquiry submitted through the form – the legal basis for processing is the necessity of processing for the performance of a service contract (Article 6(1)(b) GDPR); for optional data, the legal basis is consent (Article 6(1)(a) GDPR).

The Controller may make automated decisions, including profiling Users’ personal data, in order to tailor advertisements to their interests (based on Article 6(1)(f) GDPR).

HOW DOES THE CONTROLLER OBTAIN YOUR PERSONAL DATA?

Personal data means any information that can be used to directly or indirectly identify a specific individual. This definition includes personal data collected online through my Website and business pages on external platforms.

When contacting me, you may be asked to provide your personal data. Data controllers may share your personal data with one another and with entities affiliated by capital or personal relationships with the Controller, and use it in a manner consistent with this Privacy Notice. I may also combine such data with other information in order to improve my content.

I collect personal data from various sources, including:

Personal data provided directly

I collect data on how you use my Website, such as information about the types of content you view or engage with, as well as the frequency and duration of your activity.

Personal data collected automatically

I also receive and store certain types of personal data whenever you interact with me online. For example, I use cookies and tracking technologies to obtain personal data when your web browser accesses my Website or other content provided on other websites. Personal data is also collected during searches and when posting content.

Examples of collected personal data include IP address, device identifier, location data, and information about your computer and internet connection, such as browser type and version, time zone settings, browser plug-in types and versions, and operating system.

USER RIGHTS RELATED TO PERSONAL DATA PROCESSING

Under the GDPR, Users are entitled to the following rights related to the processing of personal data:

  • The right to access personal data and obtain a copy thereof;
  • The right to rectify or correct personal data;
  • The right to erase personal data (“right to be forgotten”);
  • The right to restrict processing of personal data;
  • The right to object to the processing of personal data;
  • The right to withdraw consent;
  • The right to data portability;
  • The right to lodge a complaint with the President of the Personal Data Protection Office.

Not all of these rights will apply to the User in every situation. This results from the nature of applicable legal regulations.

RETENTION PERIOD OF PERSONAL DATA

The period for which the Controller processes the User’s personal data depends on the type of service provided and the purpose of processing.

The User’s personal data will be stored until consent is withdrawn or until the matter has been resolved.

Data related to website traffic analysis collected through cookies and similar technologies may be stored until the cookie expires. Some cookies never expire; therefore, the retention period will correspond to the time necessary for the Controller to achieve purposes related to data collection, such as ensuring security and analyzing historical traffic data.

The data processing period may be extended if processing is necessary for establishing and pursuing claims or defending against claims, and thereafter only if and to the extent required by law. After the processing period expires, data is irreversibly deleted or anonymized.

DATA SECURITY

Users’ personal data is stored and protected with due diligence, in accordance with the Controller’s implemented internal procedures.

The Controller processes User information using appropriate technical and organizational measures that comply with applicable legal requirements, particularly personal data protection regulations. These measures are intended primarily to protect Users’ personal data against access by unauthorized persons. In particular, only authorized persons who are obliged to maintain confidentiality have access to Users’ personal data.

Users should also exercise due care in protecting their personal data transmitted via the Internet, in particular by not disclosing login credentials to third parties, using antivirus protection, and keeping software updated.

TRANSFER OF DATA TO THIRD PARTIES

Users’ personal data may be transferred to third parties whose services are used by the Controller in connection with operating the Website.

In connection with the use of services provided by external suppliers such as Google LLC, Meta Platforms Inc. (owner of Facebook and Instagram), or other analytical and marketing tools, Users’ personal data may be transferred to third countries, in particular the United States of America (USA), Canada, and other countries outside the European Economic Area (EEA). Such transfers are carried out in accordance with GDPR provisions and only to entities ensuring an adequate level of protection of personal data.

In particular, transfers to the USA may be based on:

  • the European Commission’s adequacy decision under the EU-U.S. Data Privacy Framework (for certified entities), or
  • Standard Contractual Clauses (SCCs) approved by the European Commission, obliging data recipients to ensure an adequate level of security and GDPR compliance.

Entities processing shared data within the European Economic Area:

  • Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, D02X525, Ireland (formerly Facebook Ireland Limited);
  • MailerLite Limited, Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland – provider of the newsletter mailing system;
  • Facebook and Instagram, particularly regarding advertising tools;
  • Facebook Ireland Ltd. – regarding the use of Meta Platforms advertising tools (Facebook) and data sharing within custom audience groups;
  • Other contractors or subcontractors engaged for technical, administrative, or legal support services for the Controller and its clients, e.g. accounting, IT, graphic design, copywriting, debt collection companies, and lawyers;
  • Public authorities, such as tax offices, for the purpose of fulfilling legal and tax obligations related to settlements and accounting.

Entities processing shared data outside the European Economic Area:

  • Google Analytics by Google LLC – provider of website security and statistical analysis tools (Google Analytics);
  • Nakiedy.pl – a session booking platform operated by Nakiedy Sp. z o.o. based in Poland, ensuring an appropriate level of personal data protection in accordance with applicable regulations.

COOKIES AND TRACKING TECHNOLOGIES

The Website uses cookies.

During the first visit to the Website, the User is shown a clear notification (cookie banner) informing them about the use of cookies and similar technologies, with the option to manage consent for their use. User consent is required before storing any cookies, except those necessary for the proper functioning of the Website.

The User may independently choose categories of cookies to which they consent and may change these settings at any time. The legal basis for processing data within necessary cookies is Article 6(1)(f) GDPR (the Controller’s legitimate interest), while in other cases it is Article 6(1)(a) GDPR (the User’s voluntary consent).

Using the Website without consenting to non-essential cookies may limit certain Website functionalities.

The Website enables the collection of information about the User through cookies and similar technologies, which typically involve installing a tool on the User’s device.

This information is used to remember User decisions (e.g. font selection, contrast settings, acceptance of policies), maintain User sessions (e.g. after login), remember passwords (with consent), collect information about the User’s device and visit to ensure security, as well as analyze visits and customize content.

Information obtained through cookies and similar technologies is not combined with other User data and is not used by the Controller to identify Users.

Cookies are short text files stored on the device you use when browsing websites. They may be read by the Controller (“first-party cookies”), used to ensure proper functioning of the Website, as well as by systems belonging to third parties whose services the Controller uses (“third-party cookies”).

The User has the right to change cookie settings in their browser or delete cookies altogether.

The User may also browse the Website in incognito/private mode, which prevents the collection of visit-related data.

This Website uses the following tracking technologies:

  • Social media plugins such as Facebook, Instagram, TikTok, and YouTube;
  • Analytical and marketing tools such as Google Analytics and Facebook Pixel.

Types of cookies used within the Website:

  • Necessary cookies – to ensure access to https://www.mateuszskibinski.com and its basic functionalities;
  • Analytical and statistical cookies – to collect information on how Users use the Website;
  • Functional cookies – to remember User preferences regarding the Website and ensure Website security;
  • Marketing and tracking cookies – to present Users with tailored content based on their online behavior;
  • Other cookies.

SERVER LOGS

Using my Website involves sending requests to the server on which the Website is hosted.

Each request sent to the server is stored in server logs, which may include, for example: IP address, server date and time, information about the web browser and operating system used.

Data stored in server logs is not associated with specific persons using the Website and is used solely for administrative purposes.

The content of server logs is not disclosed to anyone except persons authorized to administer the server.

SOCIAL MEDIA

The Controller maintains profiles on Facebook and Instagram (“fanpages”). Content, offers, and product recommendations are regularly published and shared on these fanpages.

Social media platform administrators record User behavior using cookies and similar technologies during every interaction with our fanpages and other Facebook and Instagram websites.

Social media platform administrators have access to general statistics concerning the interests and demographic data (such as age, gender, and place of residence) of Users visiting fanpages. Within the use of social media services, the scope and purposes of data processing are determined by the administrators of those services.

CHANGES TO THE PRIVACY POLICY

This Policy is reviewed on an ongoing basis and updated when necessary.

I will update this Privacy Notice whenever necessary. When changes are published, the date of the latest update will also be changed. Previous versions of this Privacy Notice will also be archived.

I will not limit your rights under this Privacy Notice without your consent.

Scroll to Top