Privacy Policy

Last Updated: 27 June 2026 | Nipapu Coluri | nipapu-coluri.info

This Privacy Policy describes how Nipapu Coluri ("we", "us", "our"), operating at Doktora Karola Marcinkowskiego 1, Bydgoszcz, Poland, collects, uses, stores, and protects personal data in connection with the website nipapu-coluri.info and related services. This policy applies to all visitors and users of the website.

We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation, "GDPR"), as well as the Polish Act of 10 May 2018 on the Protection of Personal Data (Ustawa o ochronie danych osobowych, Dz.U. 2018 poz. 1000, as amended), and the Polish Telecommunications Law (Prawo telekomunikacyjne) regarding the use of cookies and electronic communications.

1. Data Controller

The controller of your personal data is:

Nipapu Coluri
Doktora Karola Marcinkowskiego 1
Bydgoszcz, Poland
Email: [email protected]
Phone: +48 52 320 4230

2. Categories of Personal Data Collected

We collect the following categories of personal data, depending on how you interact with our website:

Data Category Specific Data Points Legal Basis (GDPR Article 6) Purpose
Contact data Name, email address Art. 6(1)(b) — performance of pre-contractual steps Responding to enquiries submitted via the contact form
Communication content Message text submitted via contact form Art. 6(1)(b) — performance of pre-contractual steps Understanding and responding to the nature of the enquiry
Technical data IP address, browser type, operating system, referring URL, pages visited, time and date of visit Art. 6(1)(f) — legitimate interests (website security and performance) Website security monitoring, debugging, and aggregate traffic analysis
Cookie data Cookie identifiers, consent status, session information Art. 6(1)(a) — consent (for non-essential cookies); Art. 6(1)(f) — legitimate interests (essential cookies) Site functionality, user preferences, and optional analytics

3. How We Collect Personal Data

We collect personal data through the following means:

  • Contact form submissions: When you use the contact form on this website, you voluntarily provide your name, email address, and message content. This data is transmitted directly to our email inbox and is not stored in a database by the website itself.
  • Automatic collection: Our web server automatically records technical data (such as IP addresses and browser information) when you access the website. This is standard practice for any web server and is necessary for the technical delivery of the website.
  • Cookies: We set cookies in your browser as described in our Cookie Policy. Essential cookies are set automatically. Analytics cookies are set only with your prior consent.

4. Purposes and Legal Bases for Processing

We process personal data only for specific, legitimate purposes. The table in Section 2 sets out the legal basis for each category of processing. In summary:

  • Contact data is processed to respond to your enquiry. The legal basis is Article 6(1)(b) GDPR — processing necessary for the performance of steps at your request prior to entering into a contract or service arrangement.
  • Technical server data is processed on the basis of our legitimate interests under Article 6(1)(f) GDPR — specifically, the interest in maintaining a secure and functional website. This interest is not overridden by your rights and freedoms, given the limited nature of the data and the absence of any user profiling.
  • Non-essential analytics cookies are processed only with your explicit, freely given consent under Article 6(1)(a) GDPR. You may withdraw consent at any time via the cookie settings accessible on this website.

5. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by applicable law:

  • Contact form enquiries (name, email, message): retained in our email system for up to 24 months from receipt, then deleted unless an ongoing relationship requires longer retention.
  • Technical server log data: retained for up to 90 days, then automatically deleted or anonymised.
  • Cookie consent records: retained for 12 months from the date of consent, then refreshed or deleted.

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share data in the following limited circumstances:

  • Hosting and technical infrastructure: Our website is hosted on a server provided by a hosting company. This provider processes technical data as a data processor on our behalf, under a data processing agreement consistent with GDPR requirements.
  • Email service providers: Contact form submissions are delivered to our inbox via standard email infrastructure. Our email provider acts as a data processor.
  • Legal requirements: We may disclose personal data if required to do so by Polish law, court order, or a competent supervisory authority, including the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, UODO).

We do not transfer personal data to countries outside the European Economic Area (EEA) except where adequate safeguards are in place under Chapter V of the GDPR.

7. Your Rights Under GDPR

As a data subject, you have the following rights in relation to your personal data, exercisable at any time by contacting us at [email protected]:

  • Right of access (Art. 15 GDPR): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16 GDPR): You may ask us to correct inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): You may request deletion of your personal data where it is no longer necessary, consent is withdrawn, or processing is unlawful.
  • Right to restriction of processing (Art. 18 GDPR): You may ask us to restrict processing in certain circumstances.
  • Right to data portability (Art. 20 GDPR): Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
  • Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

You also have the right to lodge a complaint with the Polish supervisory authority: Prezes Urzędu Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warsaw, Poland. Website: uodo.gov.pl.

8. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These measures include encrypted data transmission (HTTPS), restricted access to data systems, and regular review of our data handling practices. No method of electronic transmission or storage is completely secure, but we take our obligations under GDPR seriously and work to maintain appropriate protection.

9. Cookies

For detailed information about the cookies we use, the purposes they serve, and how to manage your preferences, please refer to our Cookie Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the website after any changes constitutes acceptance of the updated policy.

11. Contact for Privacy Matters

For any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact us:

Email: [email protected]
Phone: +48 52 320 4230
Address: Doktora Karola Marcinkowskiego 1, Bydgoszcz, Poland