WEBSITE PRIVACY POLICY - DefinedBytes: Smart Solutions for Modern Business

DEFINEDBYTES.COM – PRIVACY POLICY
Effective date: 2026-01-11

1. Who we are (Data Controller)
This Privacy Policy applies to the website https://definedbytes.com (the “Website”).

Trade name: DefinedBytes
Legal entity (Data Controller): DefinedBytes Jacek Sosnal (sole proprietorship registered in Poland)
NIP: 8951760884
REGON: 540945171
Contact (privacy): privacy@definedbytes.com

2. What data we process
Depending on how you use the Website, we may process:
– Contact data you provide (e.g., name, email address, message content) when you contact us.
– Technical data such as IP address, timestamps, and server logs (security and troubleshooting).
– Cookie consent preferences (stored by our consent management tool).
– Analytics data (only if you consent), such as pages viewed, approximate location, device/browser information.

3. Purposes and legal bases (EEA/UK)
We process personal data for:
A) Responding to inquiries and customer support
Legal basis: legitimate interest (GDPR Art. 6(1)(f)) and/or steps prior to a contract (Art. 6(1)(b)), depending on context.

B) Website security and abuse prevention
Legal basis: legitimate interest (GDPR Art. 6(1)(f)).

C) Website analytics (Google Analytics 4) to improve the Website
Legal basis: consent (GDPR Art. 6(1)(a)).
Google Analytics is enabled only after you consent via the cookie banner.

4. Cookies and consent management (CookieYes)
We use CookieYes to display a cookie banner, store your preferences, and prevent non-essential cookies/tags from running before consent.
You can change or withdraw consent at any time using the cookie settings option available on the Website.

5. Recipients / processors
We may share data with service providers acting as processors, such as:
– Website hosting provider(s)
– CookieYes (consent management)
– Google (Google Analytics 4), if you consent to analytics

6. International transfers
If you consent to Google Analytics, data may be processed by Google and may involve transfers outside the EEA.
Where required, such transfers are protected using appropriate safeguards under data protection law.

7. Retention
– Contact messages: kept as long as needed to respond and follow up, typically up to 12 months unless longer retention is required by law.
– Server logs: retained for a limited period necessary for security and troubleshooting.
– Analytics data: retained according to our GA4 configuration.

8. Your rights (EEA/UK)
If GDPR applies to you, you may have the right to access, rectify, erase, restrict processing, object, and data portability.
Where processing is based on consent, you can withdraw consent at any time.
You also have the right to lodge a complaint with a supervisory authority. In Poland, the authority is PUODO.

9. Changes
We may update this policy. The latest version will be published on this page with a new effective date.