Skip to main content

Privacy Policy

Last updated: November 2025

Data Controller

The controller of your personal data is:

Digital Solutions Andrzej Guzik

Legal form: Sole proprietorship

Address: ul. Marszałka Józefa Piłsudskiego 74 lok. 320, 50-020 Wrocław, Poland

NIP: 8721907674 | REGON: 383550123

Email: andy@aguzik.io

Data We Collect

Purchase Information (via Gumroad)

When you purchase our digital book through Gumroad, they collect:

  • Email address
  • Name (optional)
  • Payment information (processed by Gumroad, not stored by us)
  • Purchase date and transaction details

Gumroad is the data processor for purchase transactions. See their privacy policy: gumroad.com/privacy

Analytics Data (Matomo - with consent)

If you consent to analytics cookies, we collect:

  • IP address (anonymized - 3 bytes masked)
  • Pages visited and time spent
  • Referrer URL (how you found our site)
  • Browser type and device information
  • Approximate location (city level only)

Analytics data is self-hosted using Matomo, privacy-focused, and GDPR-compliant. No data is shared with third parties.

Customer Support Communications

When you contact us for support:

  • Email address
  • Name (if provided)
  • Message content and correspondence history

Legal Basis for Processing

We process your data based on:

  • Contract performance (GDPR Art. 6(1)(b)) - Purchase processing and product delivery
  • Consent (GDPR Art. 6(1)(a)) - Analytics cookies and marketing (if opted in)
  • Legitimate interest (GDPR Art. 6(1)(f)) - Customer support, fraud prevention, website security

How We Use Your Data

We use your personal data to:

  • Process and deliver your digital book purchase
  • Provide customer support and respond to inquiries
  • Improve website performance and user experience (with consent)
  • Comply with legal obligations (tax, accounting)
  • Prevent fraud and ensure website security

Data Sharing

We share data only with trusted processors:

Gumroad (US-based)

Payment processing and digital product delivery. Receives purchase data (email, name, payment info). Transfers to USA protected by Standard Contractual Clauses approved by EU Commission. Transfer necessary for contract performance (GDPR Art. 49(1)(b)).

Vercel (EU/US)

Hosting infrastructure only. Collects server logs (IP addresses, timestamps, request metadata) for legitimate hosting operations: security, performance monitoring, and service availability. Processing based on legitimate interest (GDPR Art. 6(1)(f)) - no consent required. GDPR-compliant with EU data centers available.

Matomo Analytics (Self-hosted)

Privacy-focused analytics. Data stored on our server, no third-party access.

We never sell your data to third parties.

Cookies

We use cookies for:

Strictly Necessary (No consent required)

  • cookie-consent - Stores your consent preferences (13 months)

Analytics (Requires consent)

  • _pk_id - Unique visitor identifier (13 months)
  • _pk_ses - Session tracking (30 minutes)
  • _pk_ref - Referrer attribution (6 months)

You can change your cookie preferences anytime via the "Cookie Settings" link in the footer.

Data Retention

  • Purchase data: 6 years (Polish tax law requirement)
  • Analytics data: 6 months (raw logs), 2 years maximum (aggregated statistics)
  • Support emails: 2 years or until resolved
  • Consent records: 13 months

After retention periods, data is securely deleted or anonymized per GDPR data minimization principle.

Your Rights

Under GDPR/RODO, you have the right to:

  • Access - Request a copy of your personal data
  • Rectification - Correct inaccurate data
  • Erasure ("right to be forgotten") - Request data deletion
  • Restrict processing - Limit how we use your data
  • Data portability - Receive your data in machine-readable format
  • Object - Object to processing based on legitimate interest
  • Withdraw consent - Revoke consent for analytics/marketing anytime
  • Complaint - Lodge a complaint with supervisory authority

To exercise your rights:

Email: andy@aguzik.io

We will respond within 30 days as required by GDPR.

Data Security

We implement appropriate technical and organizational measures:

  • HTTPS encryption for all data transmission
  • Content Security Policy (CSP) headers
  • IP address anonymization (3 bytes)
  • Regular security updates and monitoring
  • Access controls and authentication
  • DRM-free products (no tracking in ebooks)

International Data Transfers

Some processors are based outside the EU:

  • Gumroad (USA): Protected by Standard Contractual Clauses (SCCs) approved by European Commission
  • Vercel: Offers EU data residency options; GDPR-compliant

All international transfers comply with GDPR Chapter V requirements.

Children's Privacy

Our website and products are intended for professional developers (18+). We do not knowingly collect data from children under 16 without parental consent. If you believe we have collected such data, contact us immediately.

Supervisory Authority

You have the right to lodge a complaint with the Polish Data Protection Authority:

UODO (Urząd Ochrony Danych Osobowych)

Address: ul. Stawki 2, 00-193 Warszawa, Poland

Phone: +48 22 531 03 00

Website: uodo.gov.pl

Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be notified via email or prominent notice on our website. Continued use after changes constitutes acceptance.

Last updated: November 2025

Contact Us

For privacy-related questions or to exercise your rights:

Email: andy@aguzik.io

Suggested subject line: "Claude and the Code - Privacy"

We respond within 30 days as required by GDPR Article 12.

Back to Home