Privacy Policy

This Privacy Policy describes how Samake Jutumi, operating at Dworcowa 11, Koszalin, Poland and reachable at [email protected] and +48 94 348 9093, collects, uses, stores, and protects personal data in connection with the website samake-jutumi.info and the household budgeting workshop services offered through it. This policy is issued in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the General Data Protection Regulation, hereafter "GDPR"), as well as the Polish Act on Personal Data Protection of 10 May 2018 (Ustawa z dnia 10 maja 2018 r. o ochronie danych osobowych, Dz.U. 2018 poz. 1000) and the Polish Telecommunications Law (Prawo telekomunikacyjne) as applicable to electronic communications and cookies. Reading this policy in full is encouraged before submitting any personal information through this website.

Who We Are

The data controller for all personal data collected through this website is Samake Jutumi, located at Dworcowa 11, Koszalin, Poland. As the data controller, Samake Jutumi determines the purposes and means of processing personal data obtained through the contact form, email communications, and standard website interactions. For any questions relating to data processing or to exercise your rights under GDPR, you may contact us at [email protected] or by post at the address above. We do not currently have a designated Data Protection Officer, as the scale of our processing does not require one under Article 37 of GDPR, but the contact email above handles all data-related enquiries.

What Data We Collect and How

When you use the contact form on this website, you provide us with your name, email address, and the content of your message. This information is transmitted via your email client to our email inbox. We do not operate a server-side form processing system, and the data submitted through the contact form is not stored in a database on our servers; it is received as a standard email message. Additionally, like most websites, samake-jutumi.info may collect certain technical data automatically when you visit, including your IP address, browser type and version, operating system, referring URL, and the pages you visit on this site. This technical data may be collected through server logs or through cookies, as described in our Cookie Policy.

We do not collect special categories of personal data as defined in Article 9 of GDPR, such as health data, racial or ethnic origin, political opinions, religious beliefs, or biometric data. We do not collect payment card information. The workshop materials described on this website are informational in nature, and no financial transaction processing occurs on this website.

Purposes and Legal Basis for Processing

Personal data submitted through the contact form is processed for the sole purpose of responding to your enquiry. The legal basis for this processing is Article 6(1)(b) of GDPR, which permits processing necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract, and Article 6(1)(f), which permits processing based on our legitimate interest in communicating with individuals who have voluntarily contacted us. Technical data collected through server logs or analytics cookies is processed on the basis of our legitimate interest in understanding how the website is used, subject to your consent where required by applicable law for non-essential cookies. We do not use personal data for automated decision-making or profiling.

How Long We Keep Your Data

Email enquiries and the personal data contained within them are retained for a period of up to twelve months from the date of receipt, after which they are deleted from our email systems. If an ongoing relationship develops from an initial enquiry, data may be retained for the duration of that relationship and for a reasonable period thereafter, not exceeding three years, for administrative and legal purposes. Technical data held in server logs is typically retained for a period of no more than ninety days. Cookie data retention periods are described in our Cookie Policy.

Sharing Your Data

We do not sell, rent, or share personal data with third parties for marketing purposes. Personal data may be shared with service providers who support the operation of this website, such as web hosting companies, solely for the purpose of providing those services. Any such providers are required to process data in accordance with GDPR and are bound by appropriate data processing agreements. We may disclose personal data if required to do so by law, by a court order, or by a regulatory authority with jurisdiction over our activities in Poland, including the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, PUODO).

Your Rights Under GDPR

Under the GDPR, you have the right to request access to the personal data we hold about you (Article 15), the right to request correction of inaccurate data (Article 16), the right to request erasure of your data where no legitimate grounds for retention exist (Article 17), the right to restrict processing in certain circumstances (Article 18), the right to data portability where technically feasible (Article 20), and the right to object to processing based on legitimate interests (Article 21). To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within thirty days as required by GDPR. You also have the right to lodge a complaint with the supervisory authority in Poland, which is the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, Poland.

Data Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or destruction. These measures include the use of encrypted connections (HTTPS) for data transmitted to and from this website, and restricted access to email systems containing personal data. While we take these precautions, no method of electronic transmission or storage is entirely without risk, and we cannot guarantee absolute security. If you have reason to believe that your personal data held by us has been compromised, please contact us immediately at [email protected].

International Data Transfers

Our primary operations are based in Poland, within the European Economic Area. Where our web hosting or service providers involve data transfers outside the EEA, we ensure that appropriate safeguards are in place as required by Chapter V of GDPR, including reliance on adequacy decisions, standard contractual clauses, or other approved transfer mechanisms. You may request information about specific transfer safeguards by contacting us at the email address above.

Changes to This Policy

This Privacy Policy may be updated from time to time to reflect changes in our practices, applicable law, or the services offered through this website. The date at the top of this page indicates when the policy was last revised. Material changes will be noted on the website. Continued use of the website after any revision constitutes acceptance of the updated policy. We encourage you to review this page periodically. If you have questions about any version of this policy, please contact us directly.