Privacy Policy
Effective Date: July 01, 2025
Last Updated: July 01, 2025
1. Introduction
This Privacy Policy describes how Pipetrics.com ("we", "us", "our", or "Pipetrics") collects, uses, and protects your personal information when you use our software‑as‑a‑service platform. Pipetrics is operated by Jakub Różycki, located at Łokietka 5, 30‑010 Cracow, Poland.
We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR ) and other applicable privacy laws. This policy explains your rights regarding your personal data and how we handle your information.
2. Data Controller Information
| Role | Details |
|---|---|
| Data Controller | Jakub Różycki |
| Business Address | Łokietka 5, 30‑010 Cracow, Poland |
| Contact Email | [email protected] |
| Service | Pipetrics.com |
3. Information We Collect
3.1 Personal Information
- Account Information – When you create an account, we collect your email address and GitHub account name for authentication and account‑management purposes.
- Communication Data – When you contact us or provide feedback, we collect the content of your communications.
- Technical Data – We automatically collect IP addresses through server logs on the legal basis of our legitimate interests in ensuring security and preventing fraud.
3.2 Cookies and Tracking Technologies
We use cookies and similar tracking technologies to provide and improve our services. These technologies are categorized into three groups based on their necessity and your consent preferences:
Required Cookies (Essential)
These cookies are essential for the platform to function properly and cannot be disabled without affecting core functionality:
| Type | Purpose |
|---|---|
| Session Cookies | Essential for platform functionality and user authentication. |
| Security Cookies | Protect against security threats and maintain secure sessions. |
Optional Cookies (Analytical)
These cookies require your consent and help us understand how our platform is used:
| Type | Purpose |
|---|---|
| Google Analytics | Measures site performance and user behaviour. |
| Microsoft Clarity | Provides session‑recordings and heat‑maps to improve user experience. |
Optional Cookies (Performance)
These cookies enhance platform performance and require your consent:
| Type | Purpose |
|---|---|
| Performance Cache | Browser-based performance optimization and caching. |
You can control optional cookies through our consent banner displayed on your first visit. Required cookies are necessary for basic platform functionality and cannot be disabled. You may also control cookies through your browser settings; however, disabling essential cookies may affect platform functionality.
4. Legal Basis for Processing
- Contract Performance – To provide our SaaS services and manage your account.
- Legitimate Interests – For security monitoring, fraud prevention, service improvement, and business operations, where those interests are not overridden by your rights.
- Consent – For activities such as receiving promotional communications and for optional cookies and analytics services.
- Legal Obligations – To meet statutory requirements, including tax and accounting rules.
5. How We Use Your Information
- Service Delivery – Operating and maintaining the platform.
- Customer Support – Responding to inquiries and technical issues.
- Communications – Sending system notifications, service updates, and (with your consent) promotional messages.
- Billing and Invoicing – Processing payments and generating VAT invoices.
- Feedback Utilisation – Using non‑confidential feedback to improve our services.
- Security & Fraud Prevention – Monitoring usage patterns and detecting suspicious activity.
- Analytics & Improvement – Analysing aggregated data to develop new features (with your consent for optional analytics).
6. Data Sharing and Third‑Party Services
We share personal information only with trusted providers essential to our operations:
| Provider | Purpose | Location of Processing | Data Types |
|---|---|---|---|
| Stripe | Payment processing | EU / USA | Email, Name, Payment Card Details |
| Neon.tech | Database hosting | EU | Email, Account Data, IP Address |
| OVH Cloud | Infrastructure hosting | EU | All Platform Data |
| Cloudflare | CDN & security | EU / USA | IP Address, Browser Information |
| Google Analytics | Website analytics | EU / USA | IP Address, Usage Data, Browser Info |
| Microsoft Clarity | UX analytics | EU / USA | IP Address, Session Data, Interaction Data |
Each provider is bound by a data‑processing agreement and required to protect your information in accordance with GDPR.
7. Data Retention
- Active Accounts – We retain your data while your account is active.
- Terminated Accounts – Personal data is retained for 30 days after cancellation to allow reactivation and fulfil outstanding obligations.
- Server‑Log IP Addresses – Retained for 30 days for security and system‑administration purposes.
- Legally Required Records – Certain information (e.g., invoices, tax data) is stored for the period mandated by applicable law.
- Cookie Consent Records – Retained for 12 months to demonstrate compliance with consent requirements.
Back‑ups are automatically purged after their respective retention period.
8. Your Rights Under GDPR
You have the right to:
- Access your personal data.
- Rectify inaccurate or incomplete data.
- Erase data in certain circumstances.
- Restrict processing in specific situations.
- Data Portability – obtain a copy in a structured, machine‑readable format.
- Object to processing based on our legitimate interests.
- Withdraw Consent at any time for processing based on consent, including cookie consent.
Contact us at [email protected] to exercise these rights. We will respond within 30 days and may require identity verification. You can also manage your cookie preferences through our consent management interface available in your account settings.
9. Data Security
We apply appropriate technical and organisational measures to protect your information:
- Encryption – TLS 1.3 in transit.
- Access Controls – Role‑based, least‑privilege principles.
- Third‑Party Security – Only vetted vendors with robust safeguards.
- Incident Response & Breach Notification – If a personal‑data breach occurs, we will notify affected users without undue delay and, where feasible, within 72 hours of becoming aware of the incident, as required by GDPR Articles 33‑34.
10. International Data Transfers
Some of our service providers (e.g., Stripe, Cloudflare, Google Analytics, Microsoft Clarity) may process data in the United States. Where such transfers occur, we rely on recognised safeguards (such as the EU‑US Data Privacy Framework or Standard Contractual Clauses with additional technical and organisational measures) to ensure your data remains protected.
11. Automated Decision‑Making and Profiling
We do not engage in automated decision‑making or profiling that produces legal or similarly significant effects on you within the meaning of GDPR Articles 22 and 4(4).
12. Age Restrictions
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from anyone under 18. If we learn that we have unintentionally collected such information, we will delete it promptly.
13. Consent Management
By using our platform, you acknowledge that you have read and understood this Privacy Policy. For users who do not provide consent for optional cookies and analytics, acceptance of this Privacy Policy is required as part of our Terms of Service to ensure the platform can function with essential features only.
Your consent for optional cookies and analytics services can be withdrawn at any time through your account settings or by contacting us directly. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via email or prominent notice on the platform. Continued use of our services after such notice constitutes acceptance of the updated policy.
15. Contact Information
If you have questions about this Privacy Policy or wish to exercise your rights, please contact:
Email: [email protected]
Address: Jakub Różycki, Łokietka 5, 30‑010 Cracow, Poland
You also have the right to lodge a complaint with the Polish supervisory authority (UODO – Urząd Ochrony Danych Osobowych, ul. Stawki 2, 00‑193 Warszawa, Poland, [email protected], tel. +48 22 531 03 00).
This Privacy Policy is effective as of the date listed above and governs your use of the Pipetrics.com platform.