Privacy Policy

1. General Information

This policy applies to the website operating under the URL: dock.codes. The operator of the website and the Data Controller is:

Dock Sp. z o.o. Address: ul. Rakoczego 9/73, Gdańsk 80-288, Poland Email contact: hello@dock.codes

The Operator is the administrator of your personal data provided voluntarily through the website. The website processes personal data for the following purposes:

• Managing the newsletter,
• Conducting online chat conversations,
• Handling inquiries through forms,
• Providing ordered services,
• Presenting offers or information.

The website collects information about users and their behavior in the following ways:

• Through data voluntarily entered in forms, which are added to the Operator’s systems,
• By storing cookies (i.e., “cookies”) on end devices.

2. Selected Data Protection Methods Used by the Operator

• Login areas and forms where personal data are entered are protected by SSL encryption. This ensures that personal data and login credentials entered on the site are encrypted on the user’s computer and can only be read on the target server.
• Personal data stored in the database is encrypted in such a way that only the Operator with the proper key can read it. This protects the data in case of database theft from the server.
• User passwords are stored in a hashed form, using a one-way hashing function. This modern standard ensures that passwords cannot be reversed or recovered.
• The website uses two-factor authentication (2FA), providing an extra layer of login protection.
• The Operator periodically changes administrative passwords.
• For data protection purposes, the Operator regularly performs data backups.
• A key aspect of data protection is regularly updating all software used by the Operator for processing personal data, including software components.

3. Hosting

The website is hosted on servers provided by the hosting company: cyberFolks.pl.

The hosting provider maintains server logs for technical reliability. These logs may include:

• Resources identified by URL (addresses of requested pages, files),
• The time the request was received,
• The time a response was sent,
• The client’s station name (identified via the HTTP protocol),
• Information on errors encountered during the execution of HTTP transactions,
• The URL of the page previously visited by the user (referrer link), in cases where the transition to the website was made via a hyperlink,
• Information about the user’s browser,
• The user’s IP address,
• Diagnostic information related to the self-service ordering process via site forms,
• Information related to handling email directed to and from the Operator.

4. Your Rights and Additional Information on Data Usage

The Operator has appointed a Data Protection Officer to comply with personal data protection laws and ensure the real protection of data. Data Protection Officer: Miron Miotk Address: ul. Rakoczego 9/73, Gdańsk 80-288 Email contact: m.miotk@dock.codes

In certain situations, the Administrator may share your personal data with other recipients if necessary to fulfill the contract with you or to meet legal obligations. These recipients may include:

• Hosting companies (based on an entrustment agreement),
• Postal operators,
• Authorized employees and collaborators who use data to fulfill the website’s purpose,
• Companies providing marketing services for the Administrator.

Your personal data will not be processed longer than necessary for the activities specified by separate regulations (e.g., accounting regulations). For marketing data, your data will not be processed longer than 3 years.

You have the right to request from the Administrator:

• Access to your personal data,
• Rectification of your data,
• Erasure of your data,
• Restriction of processing,
• Data portability.

You have the right to object to the processing of your personal data based on legitimate interests pursued by the Administrator, including profiling. However, this right cannot be exercised if there are valid legal grounds for processing that override your interests, rights, and freedoms, or if the data is necessary for establishing, asserting, or defending legal claims.

If you believe your data is being mishandled, you can file a complaint with the President of the Personal Data Protection Office in Poland.

Providing personal data is voluntary but necessary to use the website.

The Administrator does not transfer personal data to third countries outside the European Union.

5. Information in Forms

The website collects information provided voluntarily by users, including personal data. The website may record information about connection parameters (such as time and IP address). Information provided in the form is processed for the purpose related to the specific form, such as handling service requests or sales inquiries. Each form clearly states its intended purpose.

6. Administrator Logs

User behavior on the site may be logged. These data are used to administer the website.

7. Important Marketing Techniques

The Operator uses statistical analysis tools for website traffic through Google Analytics (Google Inc., USA). Only anonymized data is transferred to the operator of this service. The service relies on cookies stored on the user’s device. You can review and edit your ad preferences based on cookie-stored information using the tool: https://www.google.com/ads/preferences/.

The Operator uses remarketing techniques to tailor advertising messages to users’ behavior on the website. Although this might give the impression that personal data is used for tracking, no personal data is transferred to advertising service providers. This functionality requires cookies to be enabled.

The Operator uses Facebook Pixel technology, which allows Facebook (Facebook Inc., USA) to recognize users registered on their platform as they visit the website. This is based on Facebook’s data where it acts as a controller. The Operator does not share any personal data with Facebook. This service relies on cookies stored on the user’s device.

The Operator uses heat mapping and session recording technology. These anonymized data help analyze user behavior on the site. Recorded data do not include passwords or other personal information.

The Operator may use automated actions related to website operation, such as sending emails to users after they visit a specific page, provided they have consented to receive marketing emails.

8. Cookie Information

The website uses cookies. Cookies are small text files stored on the user’s device to help the website function. Cookies usually include the website name, duration, and a unique identifier.

Cookies serve the following purposes:

• Maintaining the user’s session (after logging in) so the user doesn’t have to re-enter their login and password on each page,
• Realizing the objectives described under „Important Marketing Techniques.”

The website uses both „session cookies” (temporary files stored until you log out or close your browser) and „persistent cookies” (stored for a specified time or until removed by the user). Web browsers typically accept cookies by default, but users can modify their settings to remove or block cookies. However, blocking cookies essential for authentication, security, or user preferences may hinder website functionality.

Cookies stored on the user’s device may also be used by third-party services like Google (Google Inc., USA), Facebook (Facebook Inc., USA), and Twitter (Twitter Inc., USA).

9. Managing Cookies – How to Express and Withdraw Consent?

If you do not wish to receive cookies, you can change your browser settings. Disabling cookies required for authentication, security, and maintaining user preferences may impede or, in extreme cases, prevent the use of the website.

10. Automatic generation of alternative texts (alt texts) using AI

As part of the Service, a function is offered for the automatic generation of alternative texts (alt texts) for images on users’ websites, serving to improve their digital accessibility in accordance with the requirements of the WCAG standard. Alt text is generated based on an analysis of publicly available content specified by the user (e.g. website address) and images on those pages.

The scanning process does not take place in real time while the user is browsing the website. Instead, special scanning robots periodically visit the indicated websites to automatically download images and fragments of surrounding content (e.g. headings, descriptions), which serve as context for generating alt texts.

The generated alternative descriptions are created using artificial intelligence (AI) technology. For this purpose, data such as: – URLs of the indicated pages, – images publicly available on these pages, – fragments of text accompanying the images, may be transferred to an external AI technology provider – Google (Gemini model). This data does not contain any information that could identify the user (e.g. name, email address, account details), and processing is carried out in accordance with applicable data processing agreements and Google’s privacy policy.

The legal basis for the processing of personal data in this respect is as follows: Article 6(1)(b) of the GDPR – processing is necessary for the performance of a contract, namely the provision of alternative text (alt text) generation services, Article 6(1)(f) of the GDPR – processing is based on the legitimate interest of the Controller in enhancing the digital accessibility of websites.