Privacy & Cookie Policy
www.by-kiki.com
Last update: 15 December 2025
⸻
1. General information
This Privacy Policy sets out the rules for the processing of personal data and the use of cookies in connection with the use of the website www.by-kiki.com.
This Policy has been prepared in accordance with:
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR),
– Directive 2002/58/EC (ePrivacy).
⸻
2. Data Controller
The controller of personal data is:
Klaudia Pokora
conducting business activity under the name
by-kiki Klaudia Pokora
VAT ID (NIP): 7393574953
REGON: 543454930
The Controller does not have a permanent place of business.
Contact details for matters related to personal data protection:
email address: hello@by-kiki.com
phone number: +48 571 666 428
⸻
3. Scope of processed personal data
The Controller processes personal data to a limited extent, in particular:
– IP address,
– technical data concerning the device and web browser,
– statistical and marketing data collected via cookies (after consent is given),
– data provided via the Calendly tool:
– first name,
– email address,
– phone number.
There are no contact forms or newsletters on the website.
⸻
4. Purposes and legal bases of data processing
Personal data are processed for the following purposes:
– ensuring the proper functioning of the website
legal basis: Article 6(1)(f) GDPR
– statistical analysis of website traffic (Google Analytics)
legal basis: Article 6(1)(a) GDPR – consent
– marketing and remarketing activities (Meta)
legal basis: Article 6(1)(a) GDPR – consent
– scheduling meetings via the Calendly tool
legal basis: Article 6(1)(b) GDPR
– profiling users for marketing purposes
legal basis: Article 6(1)(a) GDPR – consent
⸻
5. External tools
5.1 Google Analytics
The website uses Google Analytics (GA4), a web analytics service provided by Google LLC, to analyse how users interact with the website.
Google Analytics uses cookies. Data are collected only after the user has given consent via the cookie banner.
The Controller does not have information as to whether IP anonymisation is enabled.
⸻
5.2 Meta (Facebook / Instagram)
The website may use marketing tools provided by Meta Platforms for the purpose of analysing advertising effectiveness, creating audience groups and conducting remarketing activities.
Data are processed only after the user has given consent.
⸻
5.3 Calendly
The website uses the Calendly tool, embedded directly on the website, to allow users to schedule meetings.
During the booking process, the user provides the following personal data:
– first name,
– email address,
– phone number.
Providing data is voluntary but necessary to schedule a meeting.
⸻
6. Profiling
The Controller may use profiling consisting of analysing user behaviour on the website in order to tailor marketing content.
Profiling is carried out only on the basis of the user’s consent.
⸻
7. Transfer of data outside the European Union
In connection with the use of Google Analytics, Meta and Calendly, personal data may be transferred outside the European Economic Area, in particular to the United States.
Such transfers are carried out in accordance with the GDPR, in particular on the basis of standard contractual clauses or other mechanisms provided for under European Union law.
⸻
8. Cookies
8.1 Types of cookies
The website uses the following types of cookies:
– necessary cookies,
– analytical cookies,
– marketing cookies,
– functional cookies.
⸻
8.2 Consent to cookies
Cookies other than those strictly necessary are stored only after the user has given explicit consent.
The user may withdraw consent at any time.
⸻
9. Data retention period
Personal data are stored:
– for the period necessary to achieve the purposes for which they were collected,
– until consent is withdrawn,
– for the period required by applicable law.
⸻
10. User rights
The user has the right to:
– access their personal data,
– rectify their personal data,
– erase their personal data,
– restrict processing,
– data portability,
– withdraw consent at any time,
– lodge a complaint with the supervisory authority.
⸻
11. Supervisory authority
President of the Personal Data Protection Office
ul. Stawki 2
00-193 Warsaw
Poland
www.uodo.gov.pl
⸻
12. Changes to the Privacy Policy
The Controller reserves the right to amend this Privacy Policy. The current version of the Policy is always available on the website.