Privacy Policy
Privacy Policy
This Privacy Policy applies to the website https://dawid-troska.com, operated from Poland by a natural person as a personal blog.
The Polish version is the primary version of this Privacy Policy. The German and English versions are intended as translations; in the event of interpretive discrepancies, the Polish version shall prevail.
1. Data controller
The controller of the personal data processed in connection with the use of the website is Dawid Troska.
Correspondence address:
ul. Grabowa 35
42-609 Tarnowskie Góry
Poland
Contact email: info@dawid-troska.com
2. Scope of this Privacy Policy
This Privacy Policy describes the principles of the processing of personal data in connection with:
visiting the website https://dawid-troska.com,
using the contact form,
using functions related to cookies and analytics,
the technical provision of security and the proper functioning of the website.
This Privacy Policy does not apply to third-party websites or services that may be linked from this website. The rules governing the processing of personal data by such entities are determined separately by their providers or controllers.
3. Categories of personal data processed
Depending on how the website is used, the controller may process the following categories of data:
identification and contact data voluntarily provided through the contact form, in particular a name or pseudonym, email address, and the content of the message,
technical and operational data related to the use of the website, in particular IP address, date and time of the request, address of the requested page or resource, information about the browser, operating system, device language, error data, and other data stored in server logs or telemetry systems,
information related to cookies or similar technologies, including online identifiers, information about the granting, refusal, or withdrawal of consent, and analytical data generated during the use of the website, to the extent depending on the website configuration and user settings.
4. Purposes and legal bases for processing
Personal data may be processed for the following purposes and on the following legal bases:
handling correspondence and responding to messages sent through the contact form – on the basis of Article 6(1)(f) GDPR, namely the controller's legitimate interest in conducting correspondence, handling inquiries, and defending against possible claims,
ensuring the technical functioning, security, integrity, and stability of the website – on the basis of Article 6(1)(f) GDPR, namely the controller's legitimate interest in administering the website, detecting abuse, diagnosing errors, and protecting against security incidents,
carrying out statistical and analytical measurements concerning the use of the website, including through Microsoft Application Insights – on the basis of Article 6(1)(a) GDPR where the relevant analytical function requires prior consent, or on the basis of Article 6(1)(f) GDPR where the processing concerns technically necessary solutions or solutions permitted without consent under applicable law,
establishing, pursuing, or defending claims and demonstrating compliance with legal obligations – on the basis of Article 6(1)(f) GDPR and, where a specific legal obligation applies, also on the basis of Article 6(1)(c) GDPR.
The controller's legitimate interest consists in particular in conducting correspondence, ensuring website security, analysing errors, maintaining continuity of operation, and protecting against abuse.
5. Source of the data
Personal data comes primarily:
directly from the person who fills in the contact form or otherwise contacts the controller,
from the device and software used while visiting the website,
from cookies, similar technologies, and telemetry or analytics tools if they are active for the relevant user and website configuration.
6. Contact form
Using the contact form requires the provision of the data marked as necessary to send a message. Failure to provide such data may make it impossible to send the message or receive a reply.
The content of a message sent through the contact form may contain additional personal data if the person making contact includes such data on their own initiative. The controller asks users not to submit special categories of personal data or other information through the form unless providing such information is necessary for handling the matter.
Messages sent through the contact form are forwarded to the controller's email inbox. The provider of the email service may have access to the data to the extent necessary to provide the email service and ensure its security and availability.
7. Cookies, technical data, and analytics
The website uses cookies and may use similar technologies to the extent necessary for its proper functioning and – depending on the configuration – for functional, statistical, or analytical purposes.
Detailed information about the types of cookies used, the scope of consent, and the way preferences are managed is provided separately in the cookie settings or in a cookie notice. Technologies that are not necessary for the proper provision of the website are used only after obtaining the required consent, where such consent is required by law.
The website uses Microsoft Application Insights, including the Application Insights JavaScript SDK, to monitor availability, performance, errors, and the way the website is used, to the extent resulting from the configuration of that service. In this connection, technical and telemetry data may be processed, such as IP address, online identifiers, information about the browser and device, data on interactions with the website, errors, response times, and technical event data.
The website may also use Microsoft Clarity to better understand how users navigate and interact with the website, in particular through behavioural metrics, heatmaps, and session recordings. Depending on the current configuration and the user's consent choices, this may involve the processing of technical and usage data such as visited pages, clicks, scrolling behaviour, browser and device information, online identifiers, and data connected with cookies or similar technologies.
Where Microsoft Application Insights is used exclusively on the server side for technically necessary monitoring of availability, performance, and errors, the processing is based on Article 6(1)(f) GDPR.
Where Microsoft Application Insights is used on the client side in the browser and makes use of cookies or similar technologies or serves analytical purposes, it is used only after the required user consent has been obtained, where such consent is required by law.
Where Microsoft Clarity is used for analytical purposes and relies on cookies or similar technologies, it is activated only after the required user consent has been obtained, where such consent is required by law. Additional information about how Microsoft processes data is available in the Microsoft Privacy Statement.
The website is hosted in the Microsoft Azure App Service environment. As part of the hosting environment, basic technical and security logs may be created containing data necessary to maintain the availability, integrity, and security of the website.
8. Recipients of the data
Personal data may be disclosed to the following categories of recipients to the extent necessary to achieve the stated purposes:
providers of hosting, cloud, and infrastructure services, in particular providers of Microsoft Azure services,
providers of telemetry, monitoring, and analytics services, in particular in connection with Microsoft Application Insights and Microsoft Clarity,
providers of email services used by the controller to receive and handle messages,
entities supporting the controller in the area of IT maintenance, security, or the technical operation of the website, if the controller uses such services,
authorised public authorities, where disclosure is required by law.
9. Transfers of data outside the EEA
In connection with the use of Microsoft services and other technology providers, data may be transferred outside the European Economic Area where this results from the service architecture, technical support, remote access, security maintenance, or other processes carried out by the provider.
Where data is transferred outside the EEA, the controller seeks to ensure that such transfer takes place using the mechanisms provided for in Chapter V GDPR, in particular on the basis of an adequacy decision, standard contractual clauses, or other appropriate safeguards required by law.
10. Retention period
Personal data is stored for the period necessary to achieve the purpose for which it was collected, and afterwards for the period needed to demonstrate the lawfulness of the controller's actions, defend against claims, or fulfil legal obligations.
In practice, this means that:
correspondence data is stored for the time needed to handle the matter and continue communication, and afterwards for a period justified by the need to archive the contact history, document the course of contact, or defend against claims,
data contained in technical and security logs is stored for the period resulting from system configuration, operational needs, and security requirements,
telemetry and analytical data are stored for the period resulting from the current configuration of the analytics and telemetry tools used,
information about granted, refused, or withdrawn consent regarding cookies may be stored for the period necessary to manage user preferences and demonstrate compliance with applicable legal requirements.
11. Rights of the data subject
Under the conditions set out in the GDPR, the data subject has the right to:
access personal data,
rectify personal data,
erase personal data,
restrict processing,
data portability where the legal conditions are met in the specific case,
object to processing based on Article 6(1)(f) GDPR on grounds relating to the person's particular situation,
withdraw consent at any time where processing is based on consent; withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
To exercise these rights, the controller may be contacted using the details provided in section 1 or through the contact form available on the website.
12. Automated decision-making
The controller does not apply automated decision-making, including profiling within the meaning of Article 22 GDPR, in relation to users.
13. Right to lodge a complaint
The data subject has the right to lodge a complaint with the President of the Personal Data Protection Office in Poland if they believe that the processing of personal data infringes the GDPR or other applicable data protection laws.
14. Voluntary provision of data
Providing personal data in the contact form is voluntary, but it may be necessary in order to receive a reply. Providing technical data related to network traffic is, as a rule, a consequence of using the website and is necessary to display the website, ensure its security, and handle the connection.
Giving consent to cookies or analytical functions that require consent is voluntary. Failure to give consent or later withdrawal of consent may result in certain analytical or auxiliary functions not being active, but should not prevent the basic use of the website unless the relevant technology is necessary for its operation.
15. Related information and changes to this Privacy Policy
Supplementary information may be provided separately in the Legal Notice and in the cookie settings.
This Privacy Policy may be updated in the event of legal, organisational, or technical changes affecting the website, in particular changes concerning hosting, analytics tools, the contact form, or the use of cookies.
Last updated: 26.03.2026