GDPR

​§1 Definitions Service – the website "tasteandtap.pl" available at www.tasteandtap.pl
External Service – websites of partners, service providers, or clients cooperating with the Administrator.
Service/Data Administrator – the Administrator of the Service and personal data (hereinafter referred to as the Administrator) is CONSULTING, TRADE & CONSTRUCTIONS MACIEJ KOZŁOWSKI, NIP: 5262162120, with registered office at 7 Galopu St., 02-822 Warsaw, Poland.
User – a natural person to whom the Administrator provides electronic services via the Service.
Device – an electronic device with software through which the User accesses the Service.
Cookies – text data stored in files placed on the User’s Device.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data.
Personal Data – any information relating to an identified or identifiable natural person ("data subject").
Processing – any operation performed on personal data, such as collection, recording, storage, adaptation, access, use, disclosure, erasure, etc.
Restriction of Processing – marking stored personal data to limit future processing.
Profiling – automated processing of personal data to evaluate certain personal aspects of a natural person.
Consent – a freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they agree to the processing of personal data.
Personal Data Breach – a breach of security leading to accidental or unlawful destruction, loss, or access to personal data.
Pseudonymisation – processing personal data in a way that it can no longer be attributed to a specific data subject without additional information.
Anonymisation – irreversible operations on data that prevent identifying or linking data to a specific person. 

§2 Data Protection Officer Under Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer. For matters regarding data processing, contact the Administrator directly. 

§3 Types of Cookies Internal Cookies – stored and accessed from the User’s Device by the Service's IT system.
External Cookies – stored and accessed from the User’s Device by external service providers.
Session Cookies – stored temporarily during a single session and deleted after the session ends.
Persistent Cookies – remain on the Device until manually deleted or the browser is set to remove them after each session. 

§4 Data Storage Security Cookies are managed through browser mechanisms and do not allow access to other data on the Device. Internal Cookies are safe and do not contain scripts or content that pose risks. The Administrator selects reputable external partners but cannot fully control their Cookie content. Users can manage Cookie settings via their browser. Guides are available for all major browsers. The Administrator ensures security measures to protect data but cannot be responsible for user-side vulnerabilities (e.g. malware). Users are advised to follow safe internet practices. 

§5 Purposes of Cookies
Improve and simplify access to the Service
Personalize the Service
Gather usage statistics

§6 Purposes of Personal Data Processing Voluntarily provided data may be processed to: Provide electronic services
Communicate with Users
Fulfill legitimate interests of the Administrator
Automatically and anonymously collected data may be used to: Generate statistics
Ensure legitimate interests of the Administrator

§7 External Services Cookies The Administrator uses scripts and components from partners who may place Cookies. Users can control this through their browser settings. Example partner: Google Analytics. 

§8 Types of Collected Data Automatically collected anonymous data:
IP address, browser type, screen resolution, approximate location, visited pages, session time, OS, referring page, browser language, internet speed, ISP Data provided during registration:
Name/nickname, email address, IP address Newsletter signup data:
Email address Some anonymous data may be stored in Cookies or shared with analytics providers. 

§9 Third-Party Access to Personal Data In general, personal data is not shared with third parties. Certain service providers may have access under data processing agreements (e.g. hosting providers). 

§10 Data Processing Methods User-provided data: Not transferred outside the EU unless published by the User (e.g. comments).
Not subject to automated decision-making.
Not sold to third parties.
Anonymous data: May be transferred outside the EU.
Not subject to profiling or resale.

§11 Legal Basis for Processing Data is processed based on: GDPR Art. 6(1)(a): consent
GDPR Art. 6(1)(b): contract performance
GDPR Art. 6(1)(f): legitimate interests
Polish Data Protection Act of May 10, 2018
Telecommunications Law of July 16, 2004
Copyright Law of February 4, 1994

§12 Data Retention Period User-provided data:
Stored as long as services are provided; deleted/anonimized within 30 days after ending services unless longer retention is required for legal reasons (max. 3 years). Anonymous data:
Stored indefinitely for statistical purposes. 

§13 User Rights Users have the right to: Access their personal data
Rectify inaccurate data
Erase personal data
Restrict processing
Data portability
Object to processing
File a complaint with a supervisory authority

§14 Contacting the Administrator Email: kontakt@tasteandtap.pl 

§15 Service Requirements Restricting Cookies may impact the Service's functionality. The Administrator is not responsible for impaired service if Cookie access is limited. 

§16 External Links Links to external sites may appear in the Service (posts, comments, etc.). These may pose risks. The Administrator is not responsible for external content. 

§17 Privacy Policy Changes The Administrator may update this Policy without notifying Users regarding anonymous data or Cookies. For changes involving personal data, Users will be informed via email (if subscribed). Continued use implies acceptance of changes. Changes take effect upon publication on this page.