1. Identity of the Data Controller
The data controller for personal data processed through nafika.info is the operator of this website, reachable at: Grunwaldzka 7, Rzeszów, Poland, email: [email protected], telephone: +48 17 853 92 01. This privacy policy is issued in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), known in Poland as RODO (Rozporządzenie o Ochronie Danych Osobowych), and the Polish Ustawa z dnia 10 maja 2018 r. o ochronie danych osobowych.
The supervisory authority responsible for data protection matters in Poland is the Urząd Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warsaw. You have the right to lodge a complaint with UODO if you believe your personal data is being processed in a manner that violates applicable law.
2. What Personal Data We Collect and Why
This website collects personal data only in the following limited circumstances. When you use the contact form, we collect the email address you provide and the content of your message. This data is used solely to respond to your inquiry and is not used for any other purpose. The legal basis for this processing is Article 6(1)(f) of GDPR — our legitimate interest in responding to communications directed to us.
When you visit the website, standard server logs may record your IP address, the pages you visit, the time and date of your visit, and your browser type. This technical data is retained for a maximum of 30 days for security and diagnostic purposes only. It is not used to identify individual users and is not linked to any other personal data.
3. Cookies and Tracking Technologies
This website uses cookies. A cookie is a small text file stored on your device by your browser. We use strictly necessary cookies to remember your cookie consent preference. This is essential for the website to function in compliance with applicable law and does not require your consent. We may also use analytical cookies (subject to your consent) to understand how visitors use the website, using anonymized data only. No advertising or profiling cookies are used.
You can control and delete cookies through your browser settings at any time. Deleting the consent cookie will cause the cookie consent notice to reappear on your next visit. For full details of the cookies used on this site, see our Cookie Policy.
4. How Long We Retain Your Data
Email correspondence received through the contact form is retained for no longer than 12 months from the date of receipt, unless there is a specific reason to retain it for longer (for example, if the correspondence relates to an ongoing matter). After this period, correspondence is deleted. Server log data is deleted after 30 days. Cookie consent records are stored in your browser and expire after 12 months, at which point you will be asked for your preferences again.
We do not retain personal data beyond the periods stated above unless required to do so by applicable law.
5. Sharing of Personal Data
We do not sell, rent, or share personal data with third parties for commercial purposes. Your data is not shared with advertisers, data brokers, or marketing companies. Personal data may be shared with our hosting provider solely for the purpose of operating this website — this provider acts as a data processor under a data processing agreement and is bound by GDPR obligations.
We may disclose personal data if required to do so by applicable law, court order, or a request from a competent public authority. In such cases, we will disclose only the minimum data necessary to comply with the legal obligation.
6. International Data Transfers
This website is operated from Poland, within the European Economic Area (EEA). Personal data is stored and processed within the EEA. If any processing involves transfers outside the EEA — for example, through third-party services such as font providers or analytics tools — such transfers are conducted only where appropriate safeguards exist under Article 46 of GDPR, including Standard Contractual Clauses approved by the European Commission.
Where possible, we use EEA-based alternatives for third-party services to minimize the need for international data transfers.
7. Your Rights Under GDPR / RODO
Under GDPR and the Polish data protection law, you have the following rights regarding your personal data: the right of access (Article 15 GDPR) — to obtain a copy of the personal data we hold about you; the right to rectification (Article 16) — to correct inaccurate data; the right to erasure (Article 17) — to request deletion of your data in certain circumstances; the right to restriction of processing (Article 18); the right to data portability (Article 20); and the right to object to processing based on legitimate interests (Article 21).
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with UODO at www.uodo.gov.pl.
8. Security Measures
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These measures include the use of HTTPS encryption for all data transmitted to and from this website, restricted access to any stored correspondence, and regular review of our data handling practices.
No method of electronic transmission or storage is completely secure. While we take reasonable precautions, we cannot guarantee absolute security of data transmitted over the internet.
9. Changes to This Policy
This privacy policy may be updated from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last Updated" date at the top of this page. We recommend checking this page periodically. Continued use of the website after changes are posted constitutes acceptance of the updated policy.
This policy was last updated on 16 July 2026.
10. Contact for Data Protection Matters
For any questions, requests, or concerns relating to this privacy policy or the handling of your personal data, please contact us at: [email protected] or by post at Grunwaldzka 7, Rzeszów, Poland. We aim to respond to all data protection inquiries within 30 days of receipt.
This website does not have a formal Data Protection Officer (DPO) appointment, as one is not required under GDPR for the scale and nature of processing carried out by this portal.