This Privacy Policy explains the principles of processing personal data of users of the 4disclosure.com website and how I ensure information security in accordance with the GDPR.
Personal Data Controller
Controller: Katarzyna Matyjanko, a natural person, owner of the website 4disclosure.com
Contact: kontakt@4disclosure.com
What data do I process and for what purpose?
On 4disclosure.com, I process only the data that you voluntarily provide to me — primarily when contacting me by e-mail or via the contact form. Below you will find the categories of data, purposes of processing, legal bases, and information on whether providing the data is mandatory.
| Data category | Processing purpose | Legal basis | Is providing the data mandatory? |
|---|
| Email address | Responding to your message or taking actions related to your request (e.g. a question, request for clarification, substantive contact). | Article 6(1)(b) GDPR | Necessary. Without an email address, contact is not possible. |
| Name | Facilitating communication and enabling a more personalised form of response. | Article 6(1)(a) GDPR (consent) | Voluntary. It does not affect the possibility of receiving a response. |
| Additional information provided in the message content | Referring to the context presented by you and providing a complete response. | Article 6(1)(a) GDPR (consent) | Voluntary. It does not affect the possibility of receiving a response. |
Special categories of data (Article 9 GDPR)
The contact form is not intended for the providing special categories of personal data within the meaning of Article 9 GDPR (e.g. data concerning health, religious or political beliefs).
However, if you choose to include such data in your message, it will be used only to the minimum extent necessary to become familiar with the content of the message and assess the legitimacy of further processing, or it will be immediately deleted if such processing is not necessary or permitted under GDPR.
Further processing of special categories of personal data may take place only after obtaining your explicit consent, in accordance with Article 6(1)(a) and Article 9(2)(a) GDPR, under the principles set out in this Privacy Policy.
How long do I retain your data?
I retain your personal data only for the time necessary to handle the contact. All data is deleted immediately after the correspondence is completed, no later than 30 days after providing a response or closing the matter.
If you withdraw your consent or request deletion of your data earlier, the data is deleted immediately.
After deletion, I may retain only an anonymised description of the case, which does not allow your identity to be determined.
Who may have access to your data?
Access to your data may be granted only to entities that support the operation of the website and the handling of correspondence, in particular:
- hosting and email service providers: LH.pl and Google LLC (Gmail),
- IT service providers — only if their support is necessary (e.g. in the event of a failure or to ensure website security).
I do not share your personal data with other entities unless required by law.
Is your data transferred outside the EEA?
As a rule, personal data is processed within the European Economic Area (EEA).
If you send me a message, its copy may also be processed via the Gmail service, which involves the transfer of data to Google LLC, based in the United States. Google applies Standard Contractual Clauses (SCCs) and additional safeguards required by GDPR.
I do not transfer data to other third countries outside the EEA or to international organisations.
What rights do you have?
In connection with the processing of your personal data, you have the following rights:
- the right of access to your data — you can obtain information about the data I process and receive a copy,
- the right to rectification — if your data is inaccurate or outdated, you can request corrections
- the right to erasure — you can request deletion of your data in cases provided for by GDPR,
- the right to restriction of processing — you can request limitation of data processing in certain situations.
If processing is based on your consent, you may withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.
To exercise your rights, please contact me at: kontakt@4disclosure.com.
You also have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for the Controller is the President of the Personal Data Protection Office (UODO) in Poland.
Automated decision-making and profiling
I do not make any automated decisions based on your personal data and I do not carry out profiling within the meaning of GDPR.
Data security
I take care of the security of your personal data. I use technical and organisational measures designed to protect data against unauthorised access, accidental loss, destruction or unauthorised modification.
Technical data and server logs
When using the 4disclosure.com website, server logs may be generated, which may include, among others:
- IP address,
- date and time of connection,
- information about the web browser and operating system,
- address of the visited page.
These logs may contain personal data within the meaning of GDPR. Data is recorded in server logs by the hosting provider (LH.pl) as part of providing hosting services and ensuring infrastructure security.
Server logs are not used by me for my own purposes.
External links
The 4disclosure.com website may contain links to other websites. I am not responsible for the principles of personal data processing or privacy policies applied by the entities operating those websites.
I encourage you to review their privacy policies and information on cookies before using such websites.
Changes to the Privacy Policy
The Privacy Policy may be updated in the event of changes in the functioning of the website, data processing methods or legal requirements.
The current version of the Privacy Policy is always available on 4disclosure.com in the “Privacy Policy” section.