GDPR Information Obligation

The following notice constitutes a concise, intelligible, and transparent summary of the information contained in the Privacy Policy regarding the Data Administrator, the purposes and methods of personal data processing, and your rights in connection with that processing, in the form required to fulfil the GDPR information obligation. Details regarding the methods of processing and the entities involved in that process are available in the Privacy Policy linked above.

Table of Contents

Who is the Data Administrator?

The Personal Data Administrator (hereinafter: Administrator) is the individual Ignacy Kwiecień, residing in Kraków, providing electronic services through the Service.

How can you contact the Data Administrator?

Email: [email protected]
Contact form: available at https://decodethefuture.org/contact/

Has the Administrator appointed a Data Protection Officer?

Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer. For all matters relating to data processing, including personal data, please contact the Administrator directly.

Where do we obtain personal data and what are its sources?

Data is obtained from the following sources:

Directly from the individuals concerned
In the case of registration via social media platforms, from those platforms with the informed consent of the individuals concerned

What is the scope of personal data we process?

The Service processes standard personal data voluntarily provided by the individuals concerned (e.g. first and last name, username, email address, phone number, IP address, etc.).

Full details of the scope of processed data are available in the Privacy Policy.

What are the purposes of our data processing?

Personal data voluntarily provided by Users is processed for one of the following purposes:

Providing electronic services:
- User account registration and maintenance, and related functionalities
- Newsletter service (including sending promotional content with consent)
- Commenting on / liking posts in the Service without registration
Communication between the Administrator and Users on matters related to the Service and data protection
Ensuring the Administrator’s legitimate interests

What is the legal basis for data processing?

The Service collects and processes User data on the basis of:

GDPR (Regulation EU 2016/679):
- Art. 6(1)(a) – the data subject has given consent to the processing of their personal data for one or more specific purposes
- Art. 6(1)(b) – processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract
- Art. 6(1)(f) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator or a third party
Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
Act of 16 July 2004 – Telecommunications Law (Journal of Laws 2004 No. 171, item 1800)
Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)

What legitimate interests does the Administrator pursue?

To establish, pursue, or defend against legal claims — legal basis: legitimate interest (Art. 6(1)(f) GDPR), consisting in the protection of the Administrator’s rights
To assess the risk profile of potential clients
To evaluate planned marketing campaigns
To carry out direct marketing

For how long do we process personal data?

As a general rule, personal data is retained only for the duration of the service provided by the Administrator. It is deleted or anonymised within 30 days of the end of service provision (e.g. account deletion, newsletter unsubscription, etc.).

In exceptional circumstances, where necessary to protect the Administrator’s legitimate interests, this period may be extended. In such cases, data may be retained from the date of the deletion request for no longer than 3 years, in the event of a breach or suspected breach of the Terms of Service by the data subject.

Who are the recipients of the data, including personal data?

As a general rule, the only recipient of data is the Administrator. However, processing may be entrusted to other entities providing services to the Administrator in order to maintain the operation of the Service, including:

Hosting companies providing hosting or related services to the Administrator
Companies through which the Newsletter service is provided

Will your personal data be transferred outside the European Union?

Personal data may be transferred outside the European Union. Such transfers occur as a result of using services provided by entities located outside the EU, or as a result of the User’s own actions (e.g. posting a comment), which makes the data accessible to any visitor of the Service. Where personal data is transferred or entrusted for processing outside the EU, such processing is governed by an agreement concluded between the Administrator and the service provider.

Will personal data be used for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What rights do you have regarding the processing of your personal data?

Right of access – Users have the right to obtain access to their personal data, upon request submitted to the Administrator
Right to rectification – Users have the right to request immediate correction of inaccurate personal data or completion of incomplete personal data, upon request submitted to the Administrator
Right to erasure – Users have the right to request immediate deletion of their personal data. For user accounts, deletion involves anonymising identifying data. For the Newsletter service, Users may independently delete their data via the unsubscribe link included in every email.
Right to restriction of processing – Users have the right to request restriction of processing in cases specified in Art. 18 GDPR, including where the accuracy of personal data is contested, upon request submitted to the Administrator
Right to data portability – Users have the right to receive their personal data in a structured, commonly used, machine-readable format, upon request submitted to the Administrator
Right to object – Users have the right to object to the processing of their personal data in cases specified in Art. 21 GDPR, upon request submitted to the Administrator
Right to lodge a complaint – Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection

Who is the Data Administrator?

How can you contact the Data Administrator?

Has the Administrator appointed a Data Protection Officer?

Where do we obtain personal data and what are its sources?

What is the scope of personal data we process?

What are the purposes of our data processing?

What is the legal basis for data processing?

What legitimate interests does the Administrator pursue?

For how long do we process personal data?

Who are the recipients of the data, including personal data?

Will your personal data be transferred outside the European Union?

Will personal data be used for automated decision-making?

What rights do you have regarding the processing of your personal data?

Inwestowanie

Jak chronić oszczędności przed inflacją – 7 metod

Polskie obligacje skarbowe w 2026 roku — kompletny przewodnik

Inflacja galopująca: 9 faktów, progi i skutki

POPULAR POSTS

MCP — Model Context Protocol: pełny przewodnik 2026

Efekt dyspozycji — dlaczego inwestor sprzedaje za wcześnie

GPT-5.5 od OpenAI (kwiecień 2026): 9 faktów i benchmarki

POPULAR CATEGORY

ABOUT US

FOLLOW US