top of page

PRIVACY POLICY

Cezarys – Cezary Szczepaniak

 

1. General Information

This Privacy Policy explains how personal data of users of the Cezarys.com website, operated by Cezary Szczepaniak, is collected and processed. The Service Provider ensures that personal data is handled in accordance with applicable law, including the UK GDPR (Data Protection Act 2018) and the EU General Data Protection Regulation (GDPR).

 

2. Data Controller

The Data Controller is Cezary Szczepaniak, trading as Cezarys,  e-mail: info@cezarys.com. The Controller determines the purposes and methods of personal data processing.

 

3. Scope of Data Collected

The Controller may process the following personal data: name, surname, e-mail address, phone number, contact details provided via contact form, data related to photography service inquiries, and technical data such as IP address, browser type, or cookies. Providing data is voluntary, but necessary to establish contact or perform services.

 

4. Purposes of Processing

Personal data is processed for the following purposes: responding to contact form messages or e-mails, delivering photography services, preparing and sending quotations, handling billing and accounting, promoting the business where consent is given for image publication, ensuring proper website operation, and performing statistical or analytical functions to improve services.

 

5. Legal Basis for Processing

The legal basis for processing includes: user consent (Article 6(1)(a) GDPR), contract performance or pre-contractual measures (Article 6(1)(b) GDPR), legal obligations (Article 6(1)(c) GDPR), and the Controller’s legitimate interests such as marketing own services or defending legal claims (Article 6(1)(f) GDPR).

 

6. Data Sharing

Personal data may be shared only with trusted third parties involved in service delivery (e.g., hosting providers, accountants, IT service providers). Data is not sold, shared, or transferred to third parties for marketing purposes. If data is transferred outside the EEA, appropriate safeguards will be applied.

 

7. Data Retention

Personal data will be stored for as long as necessary to fulfil the purpose it was collected for, and then retained as required by law or until the data subject withdraws consent. Data used for contact or marketing will be processed until consent is withdrawn.

 

8. User Rights

Each data subject has the right to access their data, rectify it, erase it (“right to be forgotten”), restrict processing, transfer data, object to processing, withdraw consent at any time, and lodge a complaint with the Information Commissioner’s Office (ICO).

 

9. Cookies

The Cezarys.com website uses cookies to ensure proper functioning, analyse traffic, and personalise content. Users can change cookie settings in their browser at any time. Disabling cookies may affect website functionality.

 

10. Data Security

The Controller uses appropriate technical and organisational measures to protect data from loss, unauthorised access, alteration, or disclosure. Only authorised persons have access to personal data.

 

11. Changes to the Policy

The Controller reserves the right to modify this Privacy Policy to comply with new legal requirements or operational changes. The current version of the Policy is always available on Cezarys.com.

 

12. Contact

For any questions regarding personal data processing, please contact the Controller at: info@cezarys.com

bottom of page