Privacy Policy

Effective as of March 1, 2025

Dear User and Service Recipient,

We make every effort to ensure the security and confidentiality of your personal data. We care about your privacy whether you visit our OptimFeed website, register an account, and use our services, or contact us by phone, email, or online chat, sign up for our newsletter, or visit our social media profiles. We operate in accordance with applicable regulations, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).

In this document, we present the most important information regarding the processing of your personal data in a question and answer format. Our aim is to inform you of the purposes, legal basis, and duration of the processing of your data, who may have access to it, and what rights you have.

How Do We Collect Your Personal Data?

By using the OptimFeed service, you may be asked to provide your personal data. Providing this data is voluntary, but in some cases it is necessary – for example, without an email address you will not be able to receive our newsletter, register an account, or receive answers to questions submitted via the contact form.

Some data is collected automatically using cookies during your visit to the service (e.g., IP address, browser type, operating system). This data is used for managing the website, ensuring hosting support, and creating marketing content. However, you can limit or block cookies using your browser settings or other available tools.

Who is the Administrator of Your Personal Data?

The administrator of your personal data is BPA Polska Dawid Karamon, located at ul. Marszałkowska 15/168, 35-215 Rzeszów, with NIP: 5170276471 and REGON: 180666481.
If you have any questions or concerns, you can contact us by email at: contact@optimfeed.com.

For What Purposes, on What Legal Basis, and for How Long Do We Process Your Data?

We process your personal data for the following purposes:

  1. Conclusion and Performance of a Service Agreement

    • Purpose: Registration and maintenance of a user account, placing orders for services (both free and paid), and the execution of the agreement.
    • Legal Basis: Article 6(1)(b) GDPR – necessity of processing for the performance of a contract or for taking steps at your request before entering into a contract.
    • Duration: Until the service is terminated (e.g., account deletion or contract termination).

  2. Compliance with Tax Obligations

    • Purpose: Issuing invoices and storing accounting documentation.
    • Legal Basis: Article 6(1)(c) GDPR – legal obligation.
    • Duration: Until the expiration of the tax liability limitation periods.

  3. Compliance with Data Protection Obligations

    • Purpose: Fulfilling obligations arising from data protection regulations.
    • Legal Basis: Article 6(1)(c) GDPR.
    • Duration: Until the expiration of the limitation periods for claims related to data protection breaches.

  4. Establishment, Pursuit, and Defense of Claims

    • Purpose: Taking actions to protect our rights in judicial or administrative proceedings.
    • Legal Basis: Article 6(1)(f) GDPR – legitimate interest.
    • Duration: Until the expiration of the limitation periods for claims under applicable regulations.

  5. Ensuring the Proper Functioning of the Service and Analyzing User Activity

    • Purpose: Managing the service, generating statistics, and performing marketing analyses (e.g., using analytical tools).
    • Legal Basis: Article 6(1)(f) GDPR – legitimate interest.
    • Duration: Until an effective objection is raised or the processing purpose is achieved.

  6. Managing Social Media Profiles and Interactions

    • Purpose: Managing the OptimFeed fan page and groups, and interacting with users.
    • Legal Basis: Article 6(1)(f) GDPR – legitimate interest.
    • Duration: Until the expiration of the limitation periods for claims under applicable regulations.

  7. Responding to Inquiries

    • Purpose: Answering your questions submitted by phone or electronically (including via the contact form and online chat).
    • Legal Basis: Article 6(1)(f) GDPR – legitimate interest.
    • Duration: Until the expiration of the limitation periods for claims under applicable regulations.

  8. Marketing Purposes

    • Purpose: Promoting our services, maintaining business relationships, measuring customer satisfaction, and informing about new offers and special promotions.
    • Legal Basis: Article 6(1)(f) GDPR – legitimate interest or based on your voluntarily given consent (Article 6(1)(a) GDPR).
    • Duration: Until you withdraw your consent or effectively object, or until the processing purpose is achieved.

Remember!
We process personal data for as long as necessary to achieve the specified purposes, unless you submit a valid request for the deletion of your data. The processing period may also be determined by applicable legal requirements (e.g., storage of financial documents or limitation periods for pursuing claims).

Who May Have Access to Your Personal Data?

In some cases, if it is necessary for the fulfillment of the processing purposes, we use external entities to whom we transfer personal data, provided they ensure an appropriate level of data protection and maintain confidentiality.

Recipients of your personal data may include:

  1. Entities involved in the execution of agreements (e.g., accounting firms, IT service providers, hosting providers, payment system operators).
  2. Entities whose services we use in the course of our business activities under separate agreements (e.g., providers of tools for analyzing website activity, direct marketing systems, landing page creation tools, office software, project management systems, communication solutions).
  3. Government authorities authorized under applicable law.
  4. Other entities to which the transfer of data is required or justified by law.

Do We Transfer Personal Data to Third Countries?

In principle, we do not transfer personal data to countries outside the European Union and the European Economic Area (EEA). However, if the need arises to transfer data in the course of service provision, we will conduct an appropriate risk assessment and ensure a level of data protection in accordance with the law.

By using the OptimFeed service, we use services and technologies offered by entities such as Facebook, Microsoft, or Google, which may be headquartered in the United States and process data on servers located outside the EEA. In such cases, we apply appropriate safeguards, such as standard contractual clauses approved by the European Commission.

Do We Profile Your Personal Data?

Within the OptimFeed service, we may engage in profiling, which involves analyzing user data (such as gender, age, interests, approximate location, and behavior on the service) to assess activity and potential interest in services.
Profiling enables the personalization of offers and advertisements, but it does not affect the terms of service agreements. The processed data is anonymous and not directly linked to you, and automated decisions that could have legal effects are not made.

What Personal Data Do We Process as a Processor and How Do We Collect It?

In the context of providing the OptimFeed services, we also act as a data processor based on a data processing agreement. This data is collected directly by the data administrator, which is our company.
As a processor, we process data solely on the documented instructions of the administrator (client) and commit to adequately protecting it using technical and organizational measures in accordance with Article 32 of the GDPR. Authorized personnel are obligated to maintain confidentiality. Upon the termination of the services, we will return the data to the administrator and delete all copies, unless legal requirements mandate further retention.

Do We Use Cookies?

In the OptimFeed service, we use cookies, which are short text information stored on the user's device and can be read both by our system and by systems of third parties whose services we use (e.g., Facebook, Google).
Cookies allow us to collect anonymous data about user visits, which facilitates the improvement of service functionality, error identification, and the implementation of marketing activities.
Usually, web browsers accept cookies by default; however, you can block or limit them through your browser settings. On your first visit to the service, we will display information regarding our use of cookies. If you do not change the settings, you are deemed to have consented to their use.
Please note that disabling cookies may affect the functionality of the service (e.g., longer page load times, reduced functionality).

How Do We Protect Your Data?

To ensure a high level of protection, we apply appropriate technical and organizational safeguards, including but not limited to:

  1. Encrypting transmissions using the TLS protocol,
  2. Creating backup copies,
  3. Data center security,
  4. Regular security tests,
  5. Monitoring systems for security breaches,
  6. Minimizing the risk of abuse and rapid response in case of incidents,
  7. Implementing data protection policies,
  8. Ensuring the confidentiality, integrity, and availability of processing systems,
  9. Granting access to data exclusively to authorized persons,
  10. Regularly changing system access passwords.

What Rights Do You Have?

You have the right to:

  1. Access your personal data,
  2. Correct your data,
  3. Delete your data,
  4. Restrict processing,
  5. Object to processing,
  6. Transfer your data,
  7. Withdraw your consent for data processing (if consent is the basis for processing).

In certain cases, after analysis, we may refuse to fulfill the above rights in accordance with applicable law.
Withdrawing consent does not affect the legality of the data processing that took place before its withdrawal.
We will respond to requests regarding the exercise of your rights promptly, but no later than one month from receiving the request. In the case of complex requests, this period may be extended by up to two additional months, provided that you are informed of the extension in advance.

How Can You Challenge Irregularities in Data Processing?

If you believe that your personal data is being processed unlawfully, you may file a complaint with the President of the Office for Personal Data Protection.

Does Using the Service Involve Sending Logs to the Server?

Using the OptimFeed service involves sending requests to the server where the website is hosted. Each request is recorded in the server logs, which include, among other things, the IP address, date and time, and information about the browser and operating system.
Data from the logs is not linked to specific individuals and is used solely for administrative purposes. Access to the logs is limited to authorized personnel managing the server.

Can We Change Our Privacy Policy?

Yes. The OptimFeed Service Privacy Policy may be updated or modified as technology evolves and needs change. We will inform you of any significant changes by posting information on the service and, in the case of significant modifications, by sending a notification via email to registered users.

© OptimFeed. All rights reserved.