Privacy Policy (GDPR)
Last updated: 6.03.2026
1. Data Controller
The controller of personal data is:
2. Scope of Personal Data Processing
Personal data is processed only when the user initiates contact.
This includes data provided:
- via the contact form, or
- through direct email correspondence or other forms of contact.
In the case of the contact form, the data may include:
- first name
- last name
- email address
- company name (optional)
- selected service
- message content
No personal data is collected automatically. The website does not use analytics, profiling, marketing, or tracking tools.
3. Purposes of Processing
Personal data is processed solely for the following purposes:
- responding to the user's inquiry,
- conducting correspondence initiated by the user,
- securing potential claims or fulfilling legal obligations.
No automated decision-making or profiling is carried out.
4. Legal Basis for Processing
Personal data is processed in accordance with Article 6 of the GDPR, in particular:
- Article 6(1)(a) – the user's consent expressed by voluntarily submitting the contact form,
- Article 6(1)(f) – the controller's legitimate interest in conducting and archiving correspondence as private or business communication,
- Article 6(1)(c) – where processing is required by applicable law.
Where contact is initiated by means other than the contact form, data is processed solely as part of ongoing correspondence.
5. Data Retention
Data is stored as part of email correspondence.
No separate contact databases are maintained.
Data is retained only for as long as necessary to conduct correspondence or protect the controller's legal interests.
6. Data Recipients and Processors
Data may be processed by trusted technical service providers, solely to the extent necessary for website operation and communication:
- Netlify – website hosting
- Microsoft Azure (EU region) – backend infrastructure
- Google (Gmail) – email communication
These providers operate in compliance with the GDPR or based on appropriate safeguards, including standard contractual clauses.
7. Cookies and Local Storage
The website does not use cookies or tools for analytics, marketing, or tracking purposes.
Only strictly necessary browser local storage may be used to:
- remember selected language or visual preferences.
These mechanisms do not identify users and do not require consent under applicable law.
8. Anti-Spam Measures
The website uses a proof-of-work (PoW) mechanism to protect against spam.
This solution:
- does not track users,
- does not collect personal data,
- does not rely on third-party profiling services.
9. Data Subject Rights
Data subjects have the right to:
- access their data,
- rectify inaccurate data,
- request erasure,
- restrict processing,
- object to processing,
- data portability,
- withdraw consent at any time (without affecting the lawfulness of processing prior to withdrawal),
- lodge a complaint with the President of the Personal Data Protection Office (UODO) in Poland.
Requests may be submitted to: marcin@bestprogrammers.net.
10. Data Security
Appropriate technical and organizational measures are applied to protect personal data against unauthorized access, loss, or misuse.
11. Changes to This Privacy Policy
This Privacy Policy may be updated when necessary.
The current version is always available on the website.