FotoSmolik
|

Privacy Policy

Last updated: April 17, 2026

Introduction

This Privacy Policy describes how personal data is processed and protected when using the fotosmolik.pl website and photography services offered by Karol Smoliński (FotoSmolik).

Data Controller

The data controller is Karol Smoliński operating as FotoSmolik, based in Poznań, Poland. Contact: kontakt@fotosmolik.pl Phone: +48 511 023 508

Data We Collect

We collect the following personal data: • Full name — for client identification • Email address — for communication and contract delivery • Phone number — for session-related contact • Event venue address — for session planning • Session photographs — as part of service delivery • IP address — for security and analytics purposes

Purpose of Data Processing

We process personal data for the following purposes: • Providing photography services and managing bookings • Preparing and executing contracts • Communicating with clients about sessions • Sending newsletters (with consent) • Website traffic analysis (Google Analytics) • Pursuing potential claims

Legal Basis

Data processing is based on: • Art. 6(1)(a) GDPR — consent (contact form, newsletter) • Art. 6(1)(b) GDPR — contract performance (booking, photography agreement) • Art. 6(1)(f) GDPR — legitimate interest (analytics, security)

Data Retention Period

Personal data is stored for: • Contract data — 5 years after contract completion (tax requirements) • Contact form data — 12 months from last contact • Newsletter data — until consent is withdrawn • Analytics data — 26 months

Your Rights

You have the right to: • Access your personal data • Rectify (correct) your data • Erase your data ("right to be forgotten") • Restrict processing • Data portability • Object to processing • Withdraw consent at any time To exercise these rights, contact: kontakt@fotosmolik.pl

Cookies

The fotosmolik.pl website uses cookies: • Essential — for proper website functionality (login session) • Analytics — Google Analytics with IP anonymization (with consent) You can manage cookie settings in your browser.

Third Parties

Data may be shared with: • Supabase (data hosting) — EU servers • Resend (email delivery) — GDPR compliant • Google Analytics (analytics) — with IP anonymization • Vercel (website hosting) — GDPR compliant

Changes to This Policy

We reserve the right to update this Privacy Policy. Any changes will be communicated by publishing the updated version on our website.