This Privacy Policy outlines the principles of processing information about you, including personal data and cookies, i.e., so-called cookies.
1. General Information
This policy applies to the website operating at: aleksandramichael.com
The operator of the website and the Data Controller is:
Aleksandra Michael, Smolna 34/27, 00-375 Warsaw, Poland
Contact email address of the operator: aleksandramichael@o2.pl
The Operator is the Administrator of your personal data provided voluntarily through the website.
The website uses personal data for the following purposes:
Fulfillment of services ordered
Presentation of offers or information
The website collects information about users and their behavior in the following ways:
Through data voluntarily entered in forms, which are then entered into the Operator’s systems.
By saving cookies on the user’s end devices.
2. Selected Methods of Data Protection Used by the Operator
Login and data entry areas are protected at the transmission level (SSL certificate). This ensures that personal and login data entered on the site are encrypted on the user’s computer and can only be read on the target server.
Personal data stored in the database is encrypted in a way that only the Operator with a key can read it. This ensures protection in case of database theft.
User passwords are stored in a hashed form. The hashing function is one-way – it cannot be reversed, which is the current standard for password storage.
Two-factor authentication is used on the site, providing additional login protection.
The Operator periodically changes administrative passwords.
To minimize the risk of unauthorized access, the Operator uses complex passwords (containing uppercase and lowercase letters, digits, and special characters), no shorter than 8 characters.
3. Hosting
The website is hosted (technically maintained) on the servers of an external company.
The hosting company maintains server-level logs to ensure technical reliability. These logs may include:
Resources specified by URL identifiers (addresses of requested pages/files),
Time of request,
Time of response,
Client station name – identification through HTTP protocol,
Error information from HTTP transactions,
URL of the page previously visited by the user (referrer), if accessed via a link,
Browser user information,
IP address information,
Diagnostic information related to self-service ordering processes on the website,
Email communication information directed to and sent from the Operator.
4. Your Rights and Additional Information on Data Use
In certain situations, the Administrator has the right to transfer your personal data to other recipients if necessary to fulfill an agreement or legal obligations. This applies to:
Companies providing marketing services for the Administrator
Your personal data is processed only for as long as necessary to perform the tasks defined by specific regulations (e.g., accounting laws). Marketing data will not be processed for more than 3 years.
You have the right to request from the Administrator:
Access to your personal data,
Rectification,
Deletion,
Restriction of processing,
Data portability.
You have the right to object, under Article 3.2, to the processing of personal data for legitimate interests of the Administrator, including profiling, except where legally justified grounds override your interests, rights, and freedoms (e.g., for establishing, pursuing, or defending claims).
You have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, Poland.
Providing personal data is voluntary but necessary to use the Website.
Automated decision-making may occur, including profiling for the purpose of providing services under the agreement and for the Administrator’s direct marketing.
Personal data is not transferred to third countries outside the European Union.
5. Information in Forms
The website collects data voluntarily provided by the user, including personal data, if given.
It may record connection parameters (time, IP address).
In some cases, the site may save information that helps associate form data with the email address of the user filling it out. In such cases, the user’s email address may appear in the URL of the page containing the form.
Data entered in the form is processed for the purpose related to the function of the specific form, such as handling service requests, commercial contact, or service registration. Each form clearly describes its purpose.
6. Administrator Logs
User behavior information may be logged. These data are used for site administration.
7. Key Marketing Techniques
The Operator uses statistical traffic analysis via Google Analytics (Google Inc., USA). No personal data is shared—only anonymized information. The service uses cookies stored on the user’s device.
Users can view and manage preferences collected by Google’s advertising network via: https://www.google.com/ads/preferences/Remarketing techniques are used to tailor advertising messages based on user behavior. Although this may appear to involve personal data tracking, no personal data is transferred to advertising operators. This requires cookies to be enabled.
The Operator uses tools that analyze user behavior by creating heatmaps and recording sessions. These are anonymized before being sent to the service provider and do not include passwords or personal data.
Automated features may be used, such as sending emails after a user visits specific subpages, provided the user has agreed to receive commercial communication.
The Operator may use profiling as defined in data protection laws.
8. Information About Cookies
The website uses cookies.
Cookies are IT data, typically text files, stored on the user’s device to support website functionality. Cookies usually contain:
Website name of origin,
Storage duration,
Unique ID.
The entity placing and accessing cookies is the website operator.
Cookies are used for:
Maintaining user sessions after login, so the user doesn’t have to re-enter login details on each page;
Implementing goals specified in the “Key Marketing Techniques” section above.
There are two main types of cookies:
Session cookies, which are temporary and deleted after the browser is closed or the user logs out.
Persistent cookies, which are stored for a defined time or until deleted by the user.
Most web browsers allow cookies by default. Users can change browser settings to block or delete cookies.
Browser documentation provides details on managing cookie settings.
Restricting cookies may affect some website functions.
Cookies may also be used by third parties cooperating with the Operator, particularly:
Google (Google Inc., USA)
Facebook (Facebook Inc., USA)
Twitter (Twitter Inc., USA)
9. Cookie Management – How to Express or Withdraw Consent?
If you do not wish to receive cookies, you can change your browser settings.
Disabling cookies essential for authentication, security, or user preferences may make some website functions unavailable.
To manage cookie settings, select your browser and follow the instructions:
Edge
Internet Explorer
Chrome
Safari
Firefox
Opera
Mobile devices:
Android
Safari (iOS)
Windows Phone
This privacy policy template was generated free of charge for informational purposes based on our knowledge, industry practices, and the laws effective as of August 14, 2018.
We recommend reviewing and adapting the template to your specific case or consulting legal advice. We take no responsibility for the use of this document, as only you can verify the accuracy of the information it contains.
Remember, a Privacy Policy—however well-crafted—is only one part of safeguarding personal data and user privacy on your website.