Privacy Policy

Last updated: 22 June 2026

1. Data Controller

The data controller for personal data processed through this website is Xecika Gudixu, operating at Stefana Żeromskiego 24, 82-300 Elbląg, Poland. Contact email: [email protected]. Contact phone: +48 55 233 6779.

This policy applies to all personal data processing activities carried out in connection with the website xecika-gudixu.info and any communication you initiate with us. Processing takes place in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation, "GDPR"), as supplemented by the Polish Act on Personal Data Protection of 10 May 2018 (Ustawa z dnia 10 maja 2018 r. o ochronie danych osobowych, Dz.U. 2018 poz. 1000).

2. Data We Collect

We collect only data that you actively provide or that is generated automatically when you visit the website.

Data you provide: When you use the contact form, we collect your name, email address, and the content of your message. If you subscribe to our mailing list, we collect your email address. You are never required to provide more than these fields.

Automatically collected data: When you visit the site, our web server logs may record your IP address, browser type, operating system, referring URL, pages visited, and the date and time of your visit. This data is collected for technical and security purposes.

Cookie data: Depending on your cookie preferences, we may set cookies that store a unique identifier and your consent choices. See Section 8 for details.

3. Legal Basis for Processing

We process your data on the following legal bases under Article 6 of the GDPR:

Consent (Article 6(1)(a)): When you tick the privacy checkbox on the contact form or subscribe to our mailing list, you give consent for us to process your contact data for the purpose of responding to your enquiry or sending updates.
Legitimate interests (Article 6(1)(f)): We have a legitimate interest in maintaining the security and performance of this website, which requires processing server log data including IP addresses.
Compliance with legal obligations (Article 6(1)(c)): Where applicable Polish or EU law requires us to retain certain data, we do so on this basis.

Where consent is the legal basis, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. How We Use Your Data

We use data you provide through the contact form solely to respond to your enquiry. We do not use it for any other purpose without your separate consent.

If you subscribe to the mailing list, we use your email address to send occasional informational updates about the Xecika Gudixu program. These emails are not promotional in the commercial sense. You may unsubscribe at any time by contacting us at [email protected].

Server log data is used only for technical maintenance, security monitoring, and diagnosing errors. It is not used to profile individual users or for advertising purposes.

5. Data Sharing and Transfers

We do not sell, rent, or trade your personal data. We do not share your personal data with third parties for marketing purposes.

We may use third-party service providers who act as data processors on our behalf, such as web hosting providers. These providers are contractually bound to process data only on our instructions and in compliance with GDPR. We ensure that any such providers are located within the European Economic Area or offer adequate data transfer protections under Chapter V of the GDPR.

We may disclose personal data if required to do so by applicable Polish or EU law, or in response to a lawful request from a competent public authority.

6. Retention Periods

Contact form data is retained for no longer than 24 months from the date of the last interaction, after which it is deleted. If you request deletion earlier, we will comply within 30 days.

Mailing list data is retained until you withdraw your subscription consent. Following withdrawal, your email address is deleted within 30 days.

Server log data is retained for a maximum of 12 months for security and technical purposes, after which it is deleted or anonymised.

Cookie consent records are retained for up to 12 months to avoid asking for consent repeatedly.

7. Your Rights

Under the GDPR and the Polish Act on Personal Data Protection, you have the following rights in relation to your personal data:

Right of access (Article 15 GDPR): You may request a copy of the personal data we hold about you.
Right to rectification (Article 16 GDPR): You may request correction of inaccurate or incomplete data.
Right to erasure (Article 17 GDPR): You may request deletion of your data in certain circumstances.
Right to restriction (Article 18 GDPR): You may request that we limit processing in certain circumstances.
Right to data portability (Article 20 GDPR): Where processing is based on consent and carried out by automated means, you may receive your data in a machine-readable format.
Right to object (Article 21 GDPR): You may object to processing based on legitimate interests.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Polish supervisory authority, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, UODO), ul. Stawki 2, 00-193 Warsaw, www.uodo.gov.pl.

8. Cookies

This website uses cookies. A cookie is a small text file placed on your device. We use strictly necessary cookies to make the site work and to store your cookie preferences. Depending on your choices, we may also use analytics and functional cookies.

Strictly necessary cookies do not require your consent under the Polish Act on Providing Services by Electronic Means of 18 July 2002 (Ustawa o świadczeniu usług drogą elektroniczną). All other cookies are placed only with your prior consent.

Full details of the cookies we use, their purpose, and how to manage them are in our Cookie Policy.

9. Security

We take reasonable technical and organisational measures to protect personal data against accidental loss, destruction, or damage, and against unauthorised access, disclosure, or alteration. These measures include encryption of data in transit (HTTPS), access controls, and regular security reviews.

No method of transmission over the internet is completely secure. While we do our best to protect your data, we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will change the "Last updated" date at the top of this page. Material changes will be communicated through a notice on the website. Your continued use of the site after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

By email: [email protected]
By phone: +48 55 233 6779
By post: Stefana Żeromskiego 24, 82-300 Elbląg, Poland