Privacy Policy
This Privacy Policy explains how Finstrava ("we", "our", or "us"), operating the website finstrava.com, collects, uses, stores, and protects personal data about users ("you") in accordance with the General Data Protection Regulation (GDPR) and applicable Polish data protection law.
1. Data Controller
The data controller responsible for your personal data is Finstrava, reachable at info@finstrava.com.
2. What Data We Collect
We may collect the following categories of personal data:
- Contact information: name, email address, and any other information you voluntarily provide via our contact form.
- Usage data: IP address, browser type, pages visited, time and date of visit, and other diagnostic data collected automatically via cookies and analytics tools.
- Communication records: the content of messages or inquiries you send to us.
3. How We Use Your Data
We use your personal data for the following purposes:
- To respond to your inquiries and provide informational guidance.
- To improve our website and user experience.
- To comply with legal obligations.
- To analyse traffic patterns and website performance (in aggregate and anonymised form where possible).
4. Legal Basis for Processing
We process your personal data on the following legal bases:
- Consent (Article 6(1)(a) GDPR) — when you submit a contact form and explicitly consent to processing.
- Legitimate interests (Article 6(1)(f) GDPR) — for analytics, security, and website improvement purposes.
- Legal obligation (Article 6(1)(c) GDPR) — where required by applicable law.
5. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. Contact form submissions are typically retained for up to 2 years. You may request deletion at any time.
6. Sharing of Data
We do not sell, rent, or trade your personal data to third parties. We may share data with trusted service providers (e.g. email hosting, analytics) strictly for operational purposes, under data processing agreements that ensure equivalent protection.
7. Cookies
We use cookies as described in our Cookie Policy. You may control cookie preferences through your browser settings or the consent banner on our website.
8. Your Rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access — to obtain a copy of your data.
- Right to rectification — to correct inaccurate data.
- Right to erasure — to request deletion of your data.
- Right to restrict processing.
- Right to data portability.
- Right to object to processing.
- Right to withdraw consent at any time (without affecting the lawfulness of prior processing).
To exercise any of these rights, contact us at info@finstrava.com. We will respond within 30 days.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted connections (HTTPS), access controls, and regular security reviews.
10. International Transfers
Your data is primarily processed within the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements.
11. Complaints
If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Polish supervisory authority: Urząd Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warsaw, Poland, uodo.gov.pl.
12. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via a notice on our website. The "Last updated" date at the top reflects the most recent revision.
13. Contact
For any privacy-related questions or requests, please contact us at: info@finstrava.com