Privacy Policy

Last Updated: 2025-10-26

1. Introduction

This Privacy Policy explains how Kor.Gy Iryna Rybachok ('we', 'us', or 'our') collects, uses, and protects your personal data when you visit our website kor.gy.

We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with the General Data Protection Regulation (GDPR) and the Polish Act on Personal Data Protection (RODO).

By using our website, you consent to the data practices described in this policy.

2. Data Controller Information

The data controller responsible for your personal data is:

Kor.Gy Iryna Rybachok, Plac Konstytucji 3 Maja 3, 50-083 Wrocław, Poland

Tax ID (NIP): 8992990643

REGON: 529635506

Email: info@kor.gy

3. What Data We Collect

Our website currently collects minimal personal data. We use Cloudflare CDN for content delivery and security, which may process the following information:

  • IP address (automatically collected for security and performance purposes)
  • Browser type and version
  • Operating system
  • Access date and time
  • Pages visited on our website
  • Referring website URL

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6(1) of GDPR:

  • Legitimate interests (Art. 6(1)(f) GDPR) - for website security, performance optimization, and fraud prevention through Cloudflare CDN
  • Consent (Art. 6(1)(a) GDPR) - when you contact us voluntarily via email
  • Legal obligation (Art. 6(1)(c) GDPR) - when we are required to retain certain data for tax or legal purposes

5. Data Recipients

Your personal data may be shared with the following third parties:

  • Cloudflare, Inc. (USA) - Content Delivery Network and security services. Cloudflare is certified under the EU-US Data Privacy Framework.
  • Email service providers - when you contact us via email

6. International Data Transfers

Some of our service providers (such as Cloudflare) are located outside the European Economic Area (EEA). When we transfer your data to countries outside the EEA, we ensure appropriate safeguards are in place, such as:

  • EU-US Data Privacy Framework certification
  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • CDN logs (IP addresses): Retained by Cloudflare for up to 30 days for security purposes
  • Email correspondence: Retained for up to 3 years or until you request deletion
  • Tax and accounting records: Retained for 5 years as required by Polish law

8. Your Rights under GDPR/RODO

Under GDPR and Polish RODO law, you have the following rights regarding your personal data:

  • Right to access (Art. 15 GDPR) - You can request a copy of the personal data we hold about you
  • Right to rectification (Art. 16 GDPR) - You can request correction of inaccurate data
  • Right to erasure (Art. 17 GDPR) - You can request deletion of your data in certain circumstances
  • Right to restriction of processing (Art. 18 GDPR) - You can request that we limit how we use your data
  • Right to data portability (Art. 20 GDPR) - You can request your data in a machine-readable format
  • Right to object (Art. 21 GDPR) - You can object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3) GDPR) - You can withdraw consent at any time where processing is based on consent
  • Right to lodge a complaint - You can file a complaint with the Polish data protection authority (UODO) at uodo.gov.pl

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • SSL/TLS encryption for all website connections (HTTPS)
  • Cloudflare's enterprise-grade security infrastructure
  • Regular security updates and monitoring
  • Access controls and authentication for internal systems
  • Employee training on data protection principles

10. Children's Privacy

Our website is not directed to children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The 'Last Updated' date at the top of this page indicates when the policy was last revised.

We encourage you to review this policy periodically. Continued use of our website after changes indicates your acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Kor.Gy Iryna Rybachok

Email: info@kor.gy

Address: Plac Konstytucji 3 Maja 3, 50-083 Wrocław, Poland

For data protection inquiries specifically, please mark your email with the subject line 'GDPR Request' or 'RODO Request'.

Data Controller

Data Controller: Kor.Gy Iryna Rybachok

Address: Plac Konstytucji 3 Maja 3, 50-083 Wrocław, Poland

Tax ID (NIP): 8992990643

REGON: 529635506

Email: info@kor.gy