Plecy

Version 1.3 – February 2026

1. Data Controller

The controller of your personal data is:

Piotr Siewiora – Języki obce
Swatowska 33a, 08-500 Ryki, Poland
Sole trader registered in Poland
NIP: PL 5060123631
Email: contact@piotrspeakspolish.com

Hereinafter referred to as the “Seller” or “Data Controller”.

This Privacy Policy explains how we collect, use, and protect your personal data when you use the website: https://piotrspeakspolish.com and purchase our Digital Content.

2. What Data We Collect

We collect only the personal data necessary to provide our services.

Contact Information

  • First name and last name
  • Email address

Transaction Data

  • Billing details (if required for invoicing)
  • Order history
  • Payment status

Technical Data

  • IP address
  • Browser type
  • Device information
  • Cookies and similar technologies

We do not collect or store full credit card numbers. Payments are processed securely via Stripe.

3. Purpose and Legal Basis of Processing

We process personal data under the following legal grounds pursuant to GDPR:

Contract Performance (Art. 6(1)(b))

To process your order, grant course access, store and deliver educational materials (including via Google Drive), provide customer support, and handle complaints.

Legal Obligation (Art. 6(1)(c))

To comply with tax, accounting, and financial reporting requirements under Polish law.

Legitimate Interest (Art. 6(1)(f))

To:

  • communicate regarding your purchase,
  • prevent fraud and unauthorized access,
  • defend against chargebacks or legal claims,
  • ensure platform security,
  • improve website functionality and ensure the security and stability of the website (without tracking-based profiling).

Consent (Art. 6(1)(a))

We rely on your consent for:

  • sending marketing communications,
  • using analytics cookies,
  • using marketing and advertising cookies (including Google Analytics, Meta Pixel, Google Ads),
  • measuring advertising performance and conducting remarketing.

You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Third Parties

We do not sell personal data.

To provide our services, we may share data with:

Payment Processor

Stripe – acting as an independent data controller for payment processing.

Hosting and IT Providers

Website hosting and course platform providers operating under Data Processing Agreements.

Cloud Storage Provider

Google (including Google Drive) – used to store and deliver educational materials.
Google may process data such as email address, IP address, and access metadata.

Analytics and Advertising Providers

We may use:

  • Google Analytics
  • Meta (Facebook / Instagram) Pixel
  • Google Ads Conversion Tracking and Remarketing

These providers may process certain data as independent controllers in accordance with their own privacy policies.

Accounting Providers

External accounting services where required by law.

All processors acting on our behalf are contractually bound to protect data.

5. International Data Transfers

Due to the use of international providers (Google, Meta, Stripe), data may be transferred outside the European Economic Area, including to the United States.

Where such transfers occur, appropriate safeguards are implemented, including:

  • Standard Contractual Clauses approved by the European Commission
  • EU–US Data Privacy Framework (where applicable)
  • other lawful mechanisms under GDPR

6. Data Retention

We retain personal data only as long as necessary:

  • Account and course access data – while the account remains active
  • Accounting and invoicing data – generally 5 years from the end of the tax year
  • Data related to legal claims – for the applicable limitation period
  • Marketing data – until consent is withdrawn

After this period, data is deleted or anonymized.

7. Your Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

To exercise your rights, please contact us at:
contact@piotrspeakspolish.com

You have the right to lodge a complaint with a competent supervisory authority in your country of residence or place of work.

8. Automated Decision-Making

We do not use automated decision-making or profiling producing legal or similarly significant effects.

9. Data Security

We implement appropriate technical and organizational measures, including:

  • SSL encryption
  • Secure payment processing
  • Restricted administrative access
  • Regular software updates
  • Consent-based activation of analytics and marketing tools

10. Cookies

Our website uses cookies for functionality, security, analytics, and marketing purposes.

Detailed information about cookies, their categories, and management options is available in our separate Cookie Policy.

11. Changes

The Seller reserves the right to update this Privacy Policy.
The version in force at the time of use applies.