HOME

PORTFOLIO

CONTACT

PRIVACY POLICY

For krzysztoflipiec.com

1. Introduction

I operate krzysztoflipiec.com as a personal portfolio. I take your privacy seriously and comply with the EU General Data Protection Regulation (GDPR) and Polish data protection laws.

Data Controller: Krzysztof Lipiec
Email:contact@krzysztoflipiec.com
Location: Poland

2. What Data is Collected

2.1 Automatically Collected Technical Data

When you visit my website, the following technical information is automatically collected by my hosting provider and WordPress platform:

  • IP addresses (stored in server logs for security and spam protection)
  • Browser type and version (user agent string)
  • Operating system
  • Referring website
  • Date and time of access
  • Pages viewed

Note: IP addresses are NOT stored with comments (commenting is disabled). IP data is automatically deleted after 7 days by my hosting provider.

2.2 Contact Form Data

If you contact me via email at contact@krzysztoflipiec.com, I will receive:

  • Your email address
  • Any information you include in your message
  • Timestamp of your email
2.3 No Cookies or Tracking

I do not use cookies, analytics tools (like Google Analytics), or advertising trackers on this website.

3. Why Data is Collected

Technical Data:
  • Security: To protect against spam, brute force attacks, and unauthorized access
  • Website functionality: To ensure proper loading and display of content
  • Error resolution: To diagnose technical issues
Contact Data:
  • Communication: To respond to your inquiries
  • Portfolio requests: To discuss potential collaborations or answer questions about my work

4. Legal Basis for Processing

  • Technical data: Legitimate interest in website security and functionality (Art. 6(1)(f) GDPR)
  • Contact data: Necessary for pre-contractual or contractual communication (Art. 6(1)(b) GDPR)

5. Data Sharing & Third Parties

5.1 Data Processors

Your data is processed by the following trusted services:

IONOS SE (Hosting Provider)

  • Role: Infrastructure and server provision
  • Location: Germany/EU
  • Data processing agreement: Available upon request
  • Security measures: Physical data center security, firewalls, SSL certificates
  • IONOS Privacy Policy

WordPress.org (CMS Platform)

  • Role: Website software and technical framework
  • Location: Global (with EU data protection compliance)
  • Data collected: Technical data for core functionality
  • WordPress Privacy Policy
5.2 No Data Selling

I do not sell, rent, or trade your personal data to third parties.

5.3 Legal Disclosure

I may share data if required by law or to protect legal rights.

6. Data Security Measures

IONOS Infrastructure Security:
  • Free SSL certificate (encrypted data transmission)
  • Physically secure data centers with restricted access
  • Firewall protection
  • Regular security updates
My Measures:
  • WordPress core and plugins kept updated
  • Strong administrative passwords
  • No user accounts or registration system (reduced attack surface)

Important: While I implement security measures, no internet transmission is 100% secure. You contact me at your own risk.

7. Data Retention Periods

  • Server logs (IP addresses): Deleted after 7 days by IONOS
  • Contact emails: Retained for up to 2 years to maintain communication history, then deleted
  • No long-term storage: No user profiles or databases are maintained

8. Your Rights Under GDPR & Polish Law

As a data subject, you have the right to:

Access

Request a copy of any personal data I hold about you.

Rectification

Request correction of inaccurate information.

Erasure (“Right to be Forgotten”)

Request deletion of your data (except where legal obligations require retention).

Restriction

Request limitation of data processing under certain circumstances.

Data Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing based on legitimate interests.

Withdraw Consent

If processing is based on consent, you can withdraw it anytime.

To exercise these rights: Email contact@krzysztoflipiec.com with “GDPR Request” in the subject line. I will respond within 30 days.

9. International Data Transfers

Data is processed primarily within the EU (IONOS German data centers). WordPress.org may process some technical data globally but complies with GDPR standards.

10. Data Breach Notification

In the unlikely event of a data breach, I will notify affected users and relevant authorities within 72 hours as required by GDPR.

11. Links to Third Parties

My site links to Instagram and potentially other external sites. This Privacy Policy applies only to krzysztoflipiec.com. I am not responsible for the privacy practices of linked websites.

12. Changes to This Policy

I review this policy annually. Changes will be posted here with an updated effective date. For significant changes, I will provide notice via email if I have your contact information.

13. Contact & Complaints

For privacy questions: contact@krzysztoflipiec.com

To lodge a complaint with the supervisory authority:

Polish Data Protection Authority (Urząd Ochrony Danych Osobowych – UODO)
ul. Stawki 2, 00-193 Warsaw, Poland
Phone: +48 22 531 03 00
Website: https://uodo.gov.pl

Effective Date: December 2025