Privacy Policy

Effective date: 17 May 2026

This Privacy Policy (hereinafter: "Policy") contains information on the processing of your personal data in connection with the use of the website operating at the Internet address codeenable.com (hereinafter: "Website").

1. Data Controller

The controller of your personal data is:

Codeenable Piotr Klimaszewski
Orląt Lwowskich 7/9
71-340 Szczecin, Poland
NIP: 8471402340

(hereinafter: "Controller").

2. Contact with the Controller

In all matters related to the processing of personal data you may contact the Controller by:

• e-mail: office@codeenable.com;
• traditional mail: at the address indicated in section 1 above.

3. Personal data protection measures

The Controller applies modern organisational and technical safeguards to ensure the protection of your personal data and processes them in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, hereinafter: "GDPR"), the Polish Act of 10 May 2018 on the Protection of Personal Data, and other applicable data protection regulations.

4. Purposes and legal basis of processing

The use of the Website may involve the processing of your personal data for the following purposes:

4.1. Handling enquiries sent to the Controller

Scope of data: name, e-mail address and any other data contained in your message.
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the Controller, namely responding to the enquiry received).
Providing the above data is voluntary, but necessary in order to receive a response. The Controller will process the above data until an effective objection is raised or until the purpose of processing is achieved (whichever occurs first).

4.2. Website administration and security (server logs)

Scope of data: IP address, server date and time, web browser information, operating system information. The above data are saved automatically in server logs each time the Website is used.
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the Controller, namely ensuring the proper and secure operation of the Website).

4.3. Analysis of your activity on the Website

Scope of data: date and time of the visit, IP number of the device, type of operating system, approximate location, type of web browser, time spent on the Website, visited subpages and other actions taken within the Website.
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the Controller, namely obtaining information about your activity on the Website in order to improve it). Where required by applicable law, the above processing is carried out on the basis of your consent expressed via the cookie banner (Article 6(1)(a) GDPR).

4.4. Compliance with obligations related to the protection of personal data

Scope of data: name and surname, contact details provided by you (e-mail address, correspondence address, telephone number).
Legal basis: Article 6(1)(c) GDPR (compliance with the Controller's legal obligations under the data protection regulations).
The Controller will process the above data until the limitation periods for claims for violation of the personal data protection regulations expire.

4.5. Establishment, exercise or defence of legal claims

Scope of data: name and surname/business name, e-mail address, correspondence address, NIP.
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the Controller, namely establishing, exercising or defending against claims that may arise in connection with the use of the Website).
The Controller will process the above data until the limitation periods for the relevant claims expire.

5. Recipients of personal data

The recipients of personal data may be the following categories of entities cooperating with the Controller:

• hosting and cloud infrastructure providers (including Microsoft Azure);
• providers of website analytics tools (e.g. Google Analytics);
• providers of e-mail communication services;
• entities providing accounting or legal services to the Controller.

In addition, personal data may be transferred to public or private entities if such an obligation results from generally applicable law, a final court judgment or a final administrative decision.

6. Transfer of personal data to a third country

In connection with the Controller's use of the services of Google LLC and Microsoft Corporation, your personal data may be transferred to third countries outside the European Economic Area, in particular to the United States. The basis for the transfer of data to those third countries are:

• adequacy decisions of the European Commission, where issued in relation to a given country or certification framework (e.g. the EU-U.S. Data Privacy Framework);
• standard contractual clauses approved by the European Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021, where applicable.

You may obtain a copy of the data transferred to a third country from the Controller.

7. Your rights under the GDPR

In connection with the processing of your personal data, you have the following rights:

• the right to be informed which personal data concerning you are processed by the Controller and to receive a copy of such data;
• the right to request rectification of data that has become inaccurate or incomplete;
• the right to request erasure of personal data ("right to be forgotten") in the cases provided for by the GDPR;
• the right to request restriction of processing;
• the right to data portability, where the processing is based on consent or on the performance of an agreement and is carried out by automated means;
• the right to object to the processing of personal data based on the legitimate interest of the Controller;
• the right to withdraw consent at any time, where the processing is based on consent (without affecting the lawfulness of processing carried out before the withdrawal);
• the right to lodge a complaint with the President of the Polish Personal Data Protection Office (Urząd Ochrony Danych Osobowych), if you believe that the processing of your personal data infringes the provisions of the GDPR.

8. Cookies

The Website uses cookies and similar technologies. Detailed information about the categories of cookies used, their purposes and duration, as well as the rules for managing your preferences, is available in the Cookie Policy.

9. Profiling and automated decision-making

The Controller does not take decisions producing legal effects concerning you or similarly significantly affecting you that are based solely on automated processing of personal data, including profiling.

10. Final provisions

To the extent not regulated by the Policy, the generally applicable provisions on the protection of personal data shall apply.

The Controller may update this Policy in particular in case of changes to applicable law or to the Website. The current version of the Policy is published on this subpage and is effective from the date indicated at the top of the document.