Hello, good morning!

If you’ve landed here, it’s a sure sign that you value your privacy. I understand this perfectly, which is why I’m providing you with a document that summarizes, in one place, the principles of personal data processing and the use of cookies and other tracking technologies in connection with the operation of the website www.vrkas.pl (hereinafter referred to as the “Website”).

Formal information to begin with – The owner of the website and the controller of your personal data is Weronika Skibniewska, running a business under the name: Weronika Skibniewska, Pobiel 50, 56-210 Wąsosz, NIP: 5010083355 REGON 524219483, entered into the register of the Central Registration and Information on Business.

The document and the information contained therein are provided pursuant to Article 13
of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 94/46/EC (hereinafter referred to as the “GDPR”).

This privacy policy has been structured in a question-and-answer format. This format was chosen to ensure the clarity and readability of the information presented to you.

If you have any questions regarding our privacy policy, please contact us at any time by sending a message to kontakt@vrkas.pl

# 1: Who is the controller of your personal data?
The controller of your personal data is Weronika Skibniewska, conducting business activity under the name: Weronika Skibniewska, Pobiel 50, 56-210
Wąsosz, NIP: 5010083355 REGON 524219483 (hereinafter referred to as the “Data Controller”).

#2 How can you contact the Data Controller?
You can contact the Data Controller via email:
kontakt@vrkas.pl or by mail to the Controller’s registered office address.

#3 What personal data of yours do I process?
(Categories of data processed): The Data Controller processes your personal data, i.e.:
1. data identifying a person, including: first name, last name, nickname or social media nickname,
2. address and contact details, including: billing address, residential address, telephone number, and email address,
3. bank account number or payment card number (if card payment is possible on the Website),
4. information visible on social media,
5. IP address,
6. image and voice of a participant in a course, training session, workshop, or other equivalent services (if they are recorded on a video recording of the meeting). The basis for the processing of your image and voice is your consent.
If you are placing an order as part of your business activity, you must provide your company name, registered office address, and Tax Identification Number (NIP), which I will also process for the purpose of fulfilling the contract.

#4 For what purpose and on what legal basis do I process personal data?
Your personal data will be processed by the Data Controller for the purposes of:
1. selling products and providing services offered on the Website – legal basis Article 6 paragraph 1 letter b of the GDPR,
2. fulfilling your orders, conducting courses, masterclasses, workshops, challenges, running a group on social media, an established messenger or performing other activities or providing services to you, in accordance with the products, services or digital content you purchased – legal basis Article 6 paragraph 1 letter b of the GDPR,
3. creating and maintaining your Customer Account – legal basis Article 6 paragraph 1 letter b of the GDPR,
4. publishing your opinion on the Website – legal basis Article 6 paragraph 1 letter a of
the GDPR,
5. providing the newsletter sending service, in accordance with the terms of the contract (Newsletter Regulations available on the Website) – legal basis Article 6 paragraph 1 letter b of the GDPR, 6.
responding to a message received via the e-mail address via the contact form – legal basis Article 6 paragraph 1 letter f of the GDPR. A legitimate interest is to contact the person sending the message in order to provide a response or establish contact,
7. considering your possible complaints and claims – legal basis Article 6 paragraph 1 letter f of the GDPR. A legitimate interest is to consider the complaint received by the Controller and to respond to the claims,
8. tax and accounting administration – legal basis Article 6 paragraph 1 letter c
of the GDPR, i.e. in order to perform the legal obligations incumbent on the Personal Data Controller, on the basis of Article 70 of the Act of 29 August 1997 – the Tax Ordinance,
9. pursuing possible claims or conducting debt collection proceedings, if a situation arises in which the Data Controller is authorized to take such actions – legal basis Article 6 paragraph 1 letter f of the GDPR. Your data may also be processed for the following secondary purposes: archiving data and maintaining summaries, analyses and statistics – the legal basis is Article 6(1)(f) of the GDPR, consisting in maintaining internal summaries and statistics of its clients and completed orders by the Data Controller.

#5 Where do I get your personal data?
I collect personal data only from data subjects.
In most cases, you provide it to me yourself. This happens when:
● you place an order
● you register a customer account on my website
● you submit a complaint or withdraw from a contract
● you contact me via email or contact form
● you send me a review of a service or product you have used
● you sign up for the newsletter
● you follow my social media profiles or interact with content I publish on social media
Some information about you (e.g., your IP address) may be automatically collected by the tools we use.

#6 Do you have to provide me with your personal data?
Providing your personal data is voluntary, but necessary for me to conclude a contract or provide services or deliver purchased digital content to you, as well as necessary for the performance of the contract between us.

#7 What is the data storage period?
Your personal data will be processed by the Data Controller:
1. for the purposes of performing the contract and providing services – for the duration of the contract,
2. for the purposes of considering complaints and claims – until the statute of limitations for potential claims arising from a data processing infringement expires,
3. for the purposes of responding to a message received via email via a form – until the exchange of correspondence between the parties ends or the cooperation undertaken on the basis of the message ends,
4. for the purposes of debt collection and pursuing claims by the Data Controller – until the statute of limitations for potential claims expires,
5. for the purposes of conducting court proceedings – data may be processed for up to 6 years from the date of the final judgment concluding the proceedings,
6. for the purposes of creating reports, analyses, and statistics – for the duration of the contract, and then no longer than the period after which claims arising from the contract expire,
7. for archival and accounting purposes – after the contract expires, personal data are processed for a maximum period of 5 years, unless the law provides for a shorter period.
Data processed based on consent will be processed until it is withdrawn. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

#8 Who are the recipients of your personal data?
We’d venture to say that modern business cannot function without services provided by third parties. I, too, use such services. Some of these services involve the processing of your personal data. External service providers involved in the processing of your personal data include:
● the hosting provider, which stores the data on the server;
● the accounting office, which processes your data visible on invoices and settlements;
● the entity providing technical support services, which obtains access to the data if the technical work involves areas where personal data is located
; ● other subcontractors, which obtain access to the data if the scope of their activities requires such access (e.g., payment platforms).
Your personal data may also be shared with entities cooperating with the Data Controller to perform the contract concluded with you. Access to the data processed by the Data Controller may be granted in particular to its employees, associates and entities acting on behalf of the Data Controller participating in the performance of the subject matter of the contract, as well as entities providing payment, HR and payroll, analytical, IT, legal, etc. services for the
Data Controller. If you participate in a challenge, event or service that the Data Controller co-organizes with another entity, your personal data in the form of your name, surname and nickname on a social media platform may also be transferred to that entity solely for the purpose of performing the contract concluded with you.

The Data Controller, based on its business relationships or collaboration with other entities, may also present the services of other entities on the website. In particular, the Seller presents products sold by Weronika Skibniewska’s business in Dubai under the name: VRKA S PORTAL, Burj Khalifa 4309, Dubai UAE, 1482583, in particular the VrkaS Portal subscription service, details of which can be found at
https://vrkasportal.circle.so/. The processing of personal data by this entity is governed by the privacy policy at https://vrkasportal.circle.so/privacy

Moreover, when it comes to Anonymous Information, the providers of tools or plug-ins that collect Anonymous Information have access to it. The providers of these tools are independent controllers of the data collected within them and may share this data under the terms they define in their own terms and conditions and privacy policies, which I have no control over.
All entities entrusted with the processing of personal data guarantee the use of appropriate personal data protection and security measures required by law.

#9 What rights does the data subject have? The person whose data is processed has the right to:
1. access personal data,
2. rectify data (if they are inconsistent with the actual state),
3. erase or restrict processing (in cases provided for by law),
4. transfer data (this does not apply to data that constitutes a trade secret, cannot adversely affect the rights and freedoms of others, including trade secrets or intellectual property, and will be implemented to the extent technically possible),
5. object to their processing (to the extent that the basis for the processing of personal data is the legitimate interest of the controller),
6. lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office with its registered office in Warsaw (00-923), ul. Stawki 2. To the extent that the basis for the processing of personal data is consent, the person whose data is processed on the basis of consent has the right to withdraw it at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can exercise all of the above-mentioned rights in accordance with the principles described in Articles 16–21 of the GDPR by contacting me at:
kontakt@vrkas.pl

#10 Does the website use automated decision-making or profiling?
The Administrator will not make automated decisions about you, including profiling. The Administrator does not individually adjust prices to specific consumers or specific categories of consumers based on automated decision-making or profiling consumer behavior.
However, I do use tools that allow me to take specific actions depending on the information collected through tracking mechanisms, but these actions do not have a significant impact on you, as they do not differentiate your situation as a customer, do not affect the terms of any contract you may enter into, etc.
By using certain tools, I can, for example, target you with personalized advertisements based on your previous actions on the website or suggest products that may interest you. This is referred to as
behavioral advertising. I encourage you to deepen your knowledge of behavioral advertising, particularly with regard to privacy issues. Detailed information, including the ability to manage behavioral advertising settings, can be found here.
The tools I use only allow me to access Anonymous Information. This information is stored on the servers of the providers of individual tools, and these servers can usually be located all over the world.

#11 Are personal data transferred to a third country or international organization?
The Controller does not transfer personal data to a third country or international organization.

#12 Is your data secure?
I guarantee the confidentiality of all personal data provided to me. I employ technical and organizational measures to ensure the protection of processed data in accordance with the requirements set forth in applicable data protection laws. Personal data is collected with due diligence and adequately protected against unauthorized access.
I collect and process only the necessary personal data for the shortest possible time. Separate consent is required for any activities not related to the performance of a sales or service contract.

#13 What does the processing of the image of Course participants involve?
If you purchase a product or service from me related to participation in an online event (e.g., a course, workshop, group meeting, or online training, etc.), I hereby inform you that the event may be recorded as a video file recording the event itself, in particular the image and voice of its participants (provided they have their cameras and microphones turned on and are actively participating in the event), which involves their recording and further dissemination, including for resale via the website www.vrkas.pl. By participating in an online event, you consent to the use of your image in this regard. Detailed information regarding the image of event participants will be provided to participants each time before the event begins, for example, by email regarding the event rules or at the first online meeting as part of the event.

#14: Do I use cookies and what exactly are they?
This website, like almost all other websites, uses cookies.
Cookies are small text files stored on your device (e.g., computer, tablet, smartphone) that can be read by my IT system (first-party cookies) or third-party IT systems (third-party cookies). Cookies can store and save certain information, which can then be accessed by IT systems for specific purposes. Some cookies I use are deleted after the end of the browser session, i.e., after closing it (so-called session cookies). Other cookies are stored on your device and allow me to recognize your browser the next time you visit the website (persistent cookies).
If you want to learn more about cookies, you can refer to this resource: https://pl.wikipedia.org/wiki/HTTP_cookie.

#15: On what basis do I use cookies?
I use cookies based on your consent, except when cookies are necessary for the proper provision of the service to you electronically.
Cookies that are not necessary for the proper provision of the service electronically remain blocked until you consent to the use of cookies. During your first visit to the website, I will display a message asking for your consent.
Please note that disabling or limiting the use of cookies may prevent you from using some of the features available on my website and may cause difficulties in using the website, as well as many other websites that use cookies. For example, if you block cookies from social media plugins, buttons, widgets, and social features implemented on the website may be unavailable to you.

#16: Can you disable cookies?
Yes, you can manage cookie settings within your web browser. You can block all or selected cookies. You can also block cookies for specific websites. You can also delete previously saved cookies and other website and plug-in data at any time.
Web browsers also offer the option of using incognito mode. You can use it if you don’t want information about visited websites and downloaded files saved in your browsing and download history. Cookies created in incognito mode are deleted when you close all incognito windows.
Browser plug-ins are also available that allow you to control cookies, such as Ghostery (https://www.ghostery.com). Additional software, especially antivirus packages, may also provide cookie control.
Furthermore, there are tools available online that allow you to control certain types of cookies, in particular for collectively managing behavioral advertising settings
(e.g., www.youronlinechoices.com/, www.networkadvertising.org/choices).
Please note that disabling or limiting the use of cookies may prevent you from using some of the features available on our website and may cause difficulties in using our website, as well as many other websites that use cookies. For example, if you block cookies from social media plugins, buttons, widgets, and social features implemented on our website may not be available to you.

#17: For what purposes do I use first-party cookies?
First-party cookies are used to ensure the proper functioning of certain website mechanisms, such as the correct submission of forms visible on the website. First-party cookies also store information about your consent to cookies.

#18: What third-party cookies are used?
My website uses third-party cookies associated with tools connected to my service. Individual tools may use more than one cookie, but I have refrained from listing them in detail, not wanting to overwhelm you with information overload and assuming that it would be more readable for you to use a list of tools along with the purposes of using them rather than listing all the technical cookies used within each tool.
I have also refrained from specifying the scope of information collected in cookies for each tool used, given that each tool collects information related to your characteristics and behavior on our website. In this regard, we are dealing with Anonymous Information, which we mentioned earlier in this privacy policy.
Recognizing the requirements established by the Court of Justice of the European Union, we have nevertheless refrained from specifying the lifespan of cookies used by individual tools. To reliably determine the lifespan of each cookie, we would have to overwhelm you with an excess of information that would in no way violate the principle of transparency and readability of the information provided to you. Furthermore, the lifespan of cookies may be subject to such active changes by tool providers that we are unable to exercise reliable control over it. Without specifying the lifespan of cookies, we remind you that the only way to truly control the storage time of information in cookies is to manage them directly. You can delete cookies stored on your device at any time from your web browser. We would like to emphasize once again that cookies do not provide us with access to information that would allow us to identify you. In this respect, we are dealing with Anonymous Information, which we have discussed in this privacy policy.
Moreover, while in the case of statistical and marketing tools we can view various types of reports generated on the basis of Anonymous Information, in the case of other tools we do not even obtain any access to the information collected in cookies, being interested only in whether the functions of a given tool for which the tool was installed work properly within our website.

#19: Do I track your behavior on the website?
I only analyze and generate statistics on website traffic, but this data is anonymous.

#20: Do I send targeted ads to you?
No.

#21: How can you manage your privacy?
The answer to this question is found in many places in this privacy policy, when describing individual tools, behavioral advertising, cookie consent, etc. However, for your convenience, I’ve collected this information in one place again. Below you’ll find a list of options for managing your privacy.
● Cookie settings within your web browser
● Browser plug-ins that support cookie management, e.g., Ghostery
● Additional cookie management software
● Incognito mode in your web browser
● Behavioral advertising settings, e.g., youronlinechoices.com
● Settings on the part of third-party tool providers

#22: What are server logs?
Using the website involves sending queries to the server where the page is stored. Every query sent to the server is recorded in the server logs.
The logs include, among other things, your IP address, server date and time, information about the web browser and operating system you are using. The logs are saved and stored on the server.
The data stored in the server logs is not associated with specific individuals using the website and is not used by us to identify you.
Server logs are only auxiliary material used to administer the website, and their contents are not disclosed to anyone other than those authorized to administer the server.

#23: Is there anything else you should know?
As you can see, the subject of personal data processing, cookie use, and privacy management in general is quite complex. I’ve made every effort to ensure that this document provides you with the most comprehensive information possible on the issues important to you. If anything is unclear, you want to learn more, or simply want to talk about your privacy, please contact us at kontakt@vrkas.pl

#24: Can this privacy policy be changed?
Yes, I can modify this privacy policy, particularly due to technological changes on the website and changes in legal regulations. If you are a registered user of the website, you will receive notification of any changes to the privacy policy.

This Privacy Policy is effective from June 12, 2025.