Privacy Policy

§1. General Information

1. The cardinals.cc website (hereinafter: "Website") is run by Cardinal Cryptography sp. z o.o. with registered seat in Kraków, Hubpoint, budynek A, ul. Czyżówka 16, drugie piętro, lokal 216, 30-526 Kraków, Poland, e-mail: hello@cardinals.cc (hereinafter: "Controller").

2. As part of the Website activity, the data of the users of the Website (hereinafter: "Users") may be collected, processed and used, including personal data.

3. Users’ data may be collected as a result of: their voluntary provision by Users, the use of cookies and the Controller’s use of the tools described below.

4. Additionally, information about the user’s IP address, the time of arrival of the request and sending a response, the website address from which the user was redirected to the Website and the type of software used by the user may be collected. This information is used for the purpose of administering the Website and for creating statistics and analyses.

§2. Personal Data

1. Controller of personal data is Cardinal Cryptography sp. z o.o. with registered seat in Kraków, Hubpoint, budynek A, ul. Czyżówka 16, drugie piętro, lokal 216, 30-526 Kraków, Poland, e-mail: hello@cardinals.cc.

2. Controller may collect and process personal data through the Website for purposes such as:

   • contacting the User,
   • sending to the User a newsletter and providing commercial information via e-mail or phone,
   • statistics and analysis of Users’ behaviour on websites.

3. Controller may provide Users’ data to subcontractors (entities that he uses during the processing) such as service providers and IT solutions or entities providing IT services.

4. Personal data is processed for a period that is each time indicated to the User in the relevant information submitted to him at the time of a data collection. In the case of data processed for the purpose of statistics and analysis of Users’ behavior on websites and for contact with the User, the Controller may process for a period of 3 years from the date of their collection.

5. The data subject has the following rights:

   • right to access personal data and the right to receive a copy;
   • right to rectification of the personal data;
   • right to erasure of the personal data;
   • right to restriction of processing concerning the personal data;
   • right to portability of the personal data;
   • right to object to processing of the personal data;
   • right to lodge a complaint with a supervisory authority.

6. By processing data, the Controller may use entities based in the USA. In consequence, the personal data may be transferred outside the European Economic Area. Controller uses only entities that provide an adequate level of data protection through appropriate safeguards such as Standard Contractual Clauses or certification under the EU-US Data Privacy Framework.

7. In the event that the data is processed on the basis of consent, the User who is a data subject also has the right to withdraw consent to the processing of personal data at any time. Withdrawal of consent does not affect the legality of the processing, which was made on the basis of consent before its withdrawal.

§3. Cookies

1. The Website may use small files called cookies for essential functionality purposes. These files are saved by the server on end user’s computer. Using cookies should be understood as their storage and access to them by the Controller.

2. Cookies are IT data, in particular text files, which are stored in the User’s end device and are intended for the use of websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, content (e.g., share IDs) and a unique number.

3. Cookies may be used for the following purposes:

   • adapting the content of the Website to the User’s preferences and optimizing the use of the Website. In particular, these files allow to recognize the User’s device and properly display the Website, adapting it to his needs and preferences.

4. The Website uses cookieless analytics (as described in §4), which means no cookies or local storage are used for tracking or statistical purposes.

5. The use of cookies does not cause any configuration changes on the end user’s device and the software installed on this device.

6. The default settings of web browsers usually allow the saving of cookies on end user’s devices. These settings can be changed by Users.

7. User can determine the conditions for the use of cookies by means of the software settings (web browser) installed on his end device. The change may consist in partial or complete limitation of the option of saving cookies files on the user’s end device.

8. Controller informs that pursuant to the provisions of the Telecommunications Law Act, the end user’s consent to storage of information or access to information already stored in the user’s telecommunications end device, may also be expressed by the user through the software settings installed in the end device used by him. Therefore, if the user did not want to express such consent, he shall change the settings of the web browser.

9. Detailed information on changing browser settings regarding cookies and their removal can be obtained on the official website of a specific browser. In particular, the above information can be found at the following website addresses:

   • Firefox browser;
   • Chrome browser;
   • Microsoft Edge browser;
   • Opera browser;
   • Safari browser.

§4. IT tools

1. Controller uses PostHog, a product analytics tool, to analyze website statistics and understand how Users interact with the Website. PostHog is operated in cookieless mode, meaning no cookies or local storage are used for analytics purposes. Instead, analytics data is stored only in memory during the browsing session. Data is processed on EU-based servers (PostHog EU hosting), ensuring that analytics data remains within the European Economic Area. More information about PostHog’s privacy practices can be found at https://posthog.com/privacy.