Privacy Policy & GDPR

Data Controller

The controller of your personal data is Michał Kocik, operating under the business name KocikDev, Tax ID (NIP): 8172220677, e-mail: mkocik.dev@gmail.com.

The controller has not appointed a Data Protection Officer (DPO). GDPR contact: mkocik.dev@gmail.com.

Scope of Processed Data

Via the contact form we process: name and surname, e-mail address, message content and, optionally, a phone number.

Data Source and Server Logs

We receive the data directly from you — through the contact form.

For server security, technical data may be processed (e.g., IP address, timestamp, HTTP headers) — Art. 6(1)(f) GDPR (legitimate interest).

Purpose and Legal Basis

• Responding to your inquiry — Art. 6(1)(b) GDPR (pre-contractual steps).

• Establishing, exercising or defending legal claims — Art. 6(1)(f) GDPR (legitimate interest of the controller).

Data Retention

Contact form data are stored for up to 12 months from the last correspondence, or until claims become time-barred — whichever occurs later.

Marketing data — until consent is withdrawn or an objection is raised, and thereafter for the period necessary to demonstrate accountability of consent.

Data Recipients

Data may be shared with the hosting provider, e-mail provider, mailing system provider and IT service providers supporting the controller (under data processing agreements).

Transfers Outside the EEA

As a rule, data are not transferred outside the EEA.

If communication or analytics involves providers outside the EEA, transfers are carried out in compliance with GDPR — in particular based on Standard Contractual Clauses (SCCs) and with additional safeguards.

Your Rights

• Access to your data.

• Rectification of your data.

• Erasure of your data.

• Restriction of processing.

• Data portability.

• Objection to processing.

• Withdrawal of consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal).

• Lodging a complaint with the supervisory authority (in Poland: UODO, uodo.gov.pl).

Automated Decisions and Profiling

Your data are not subject to automated decision-making, including profiling that produces legal effects concerning you.

Children’s Data

The services are not directed to persons under 16 years of age.

Cookies and Similar Technologies

The website may use cookies or similar technologies (e.g., localStorage) to ensure correct operation.

For performance monitoring and analytics we use Vercel Analytics. The tool does not use cookies and does not allow identifying individual users.

Analytics (Vercel Analytics)

We use Vercel Analytics to monitor website performance and traffic.

The data are collected in an aggregated and anonymous way — without cookies and without identifying specific users.

The legal basis: Art. 6(1)(f) GDPR (legitimate interest — ensuring the proper functioning and development of the service).

Recipient/Processor: Vercel (processing may occur outside the EEA, based on Standard Contractual Clauses).

Spam Protection (Google reCAPTCHA) — optional

If enabled, the form may be protected by Google reCAPTCHA, which involves processing of user technical data by Google.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest — protecting the service against abuse) or Art. 6(1)(a) GDPR (consent) — depending on configuration.

Newsletter and Marketing Communication (e-mail)

If you subscribe to offers or the newsletter, we will process your e-mail address (and optionally your name) to send commercial information and marketing content regarding KocikDev services.

Legal basis: consent — Art. 6(1)(a) GDPR (and e-communications consent where required).

Retention: until consent is withdrawn/objection is raised, and thereafter for the period necessary for accountability.

Recipients: mailing system provider and IT providers under data processing agreements.

Contact

For data protection matters please write to: mkocik.dev@gmail.com.