Privacy Policy

The following Privacy Policy defines the rules for storing and accessing data on Users’ Devices using the Service for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing Users’ personal data, which have been voluntarily provided by them through tools available in the Service.

The following Privacy Policy is an integral part of the Terms of Service, which defines the principles, rights, and obligations of Users using the Service.

§1 Definitions

• Service – the “Makoto” website operating at https://makoto.com.pl
• External Service – partner, provider, or contractor websites cooperating with the Administrator
• Service / Data Administrator – natural person “Patryk Dąbrowski”
• User – a natural person for whom the Administrator provides electronic services through the Service
• Device – an electronic device with software through which the User accesses the Service
• Cookies – text data stored as files placed on the User’s Device
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data
• Personal Data – any information relating to an identified or identifiable natural person
• Processing – any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, or erasure
• Restriction of Processing – marking stored personal data to limit their future processing
• Profiling – automated processing of personal data to evaluate certain personal factors of an individual
• Consent – a freely given, specific, informed, and unambiguous indication of a person’s wishes
• Personal Data Breach – a security breach leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data
• Pseudonymization – processing of personal data in a way that prevents identification without additional information stored separately
• Anonymization – an irreversible process that destroys or overwrites personal data, preventing identification of a person

§2 Data Protection Officer

In accordance with Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.
For matters related to data processing, please contact the Administrator directly.

§3 Types of Cookies

• Internal cookies – stored and read by the Service’s IT system
• External cookies – stored and read by IT systems of external partners
• Session cookies – stored and read during one session of a Device
• Persistent cookies – stored until manually deleted

§4 Data Storage Security

• Mechanisms for storing and reading cookies – these are handled by web browsers and do not allow access to other data from the User’s Device.
• Internal cookies – safe and do not contain malicious scripts.
• External cookies – verified partners are used, but the Administrator is not responsible for third-party content.
• Cookie control – Users can manage cookies through their browser settings. Guides are available, e.g.:
  • Chrome
  • Opera
  • Firefox
  • Edge
  • Safari
  • Internet Explorer 11
• User-side risks – Users are responsible for securing their devices and maintaining good cybersecurity practices.

§5 Purposes of Using Cookies

• Improving and simplifying access to the Service
• Personalizing the Service
• Affiliate services
• Statistical purposes
• Delivering multimedia content

§6 Purposes of Personal Data Processing

Voluntarily provided data may be processed for:

• Newsletter services (including promotional content)
• Commenting or liking posts
• Communication between Administrator and Users

Anonymized, automatically collected data may be processed for:

• Statistics
• Affiliate programs

§7 External Service Cookies

The Administrator uses partner scripts and components that may place their own cookies.
Partners include:

• Newsletter Services: MailChimp
• Advertising and affiliate networks: Google Adsense
• Statistics: Google Analytics

§8 Types of Data Collected

The Service collects both anonymous and voluntarily provided personal data.

Automatically collected anonymous data:
IP address, browser type, screen resolution, location, visited pages, time on page, OS type, referrer, ISP, etc.

Data provided during registration:
Name/nickname, login, email, IP

Data for Newsletter subscription:
Name/nickname, email, IP

Data for comments:
Name/nickname, email, website, IP

Some data (non-identifying) may be stored in cookies or sent to analytics providers.

§9 Access to Personal Data by Third Parties

By default, the only recipient of personal data is the Administrator.
However, third-party access may include:

• Hosting providers
• Newsletter service providers
• IT maintenance companies
• Online payment processors (e.g. Stripe)

Newsletter provider: MailChimp
Payment provider: Stripe

§10 Method of Data Processing

Personal data:

• Not transferred outside the EU unless published by the User
• Not used for automated decision-making
• Not resold to third parties

Anonymous data:

• Not transferred outside the EU
• Not used for profiling
• Not resold

§11 Legal Basis for Data Processing

• GDPR (EU) 2016/679
  • Art. 6(1)(a): consent
  • Art. 6(1)(b): contract performance
  • Art. 6(1)(f): legitimate interest
• Polish Data Protection Act (2018)
• Telecommunications Law (2004)
• Copyright and Related Rights Act (1994)

§12 Data Retention Period

Personal data:
Stored only for the duration of the provided service, then deleted or anonymized within 30 days.
If necessary to protect legal interests, stored up to 3 years.

Anonymous data:
Stored indefinitely for statistical purposes.

§13 User Rights

Users have the right to:

• Access their data
• Rectify data
• Delete data (“right to be forgotten”)
• Restrict processing
• Transfer data
• Object to processing
• Lodge a complaint with the data protection authority

§14 Contact

Email: [email protected]

§15 Service Requirements

The Administrator is not responsible for malfunctioning features if the User disables cookies.

§16 External Links

The Service may contain links to third-party websites.
The Administrator is not responsible for their content or data safety.

§17 Changes to the Privacy Policy

• The Administrator reserves the right to change this Privacy Policy at any time.
• Changes regarding personal data processing will be communicated to registered users and newsletter subscribers within 7 days via email.
• Continued use of the Service constitutes acceptance of the changes.
• Changes take effect upon publication.