Privacy Policy

This Privacy Policy explains how Skaftos by Bartosz Beza collects, uses, and protects personal data when you visit skaftos.com. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and applicable EU/EEA data protection laws.

Skaftos by Bartosz Beza is the Data Controller responsible for your personal data collected via this Website.

Contact email: hello@skaftos.com

We collect the following categories of personal data:

• Name and email address — collected via our contact form, newsletter sign-up, and meeting booking via cal.com.
• Meeting and follow-up data — booking details and related communications managed via cal.com and our CRM (Notion).
• Usage and analytics data — collected automatically when you browse the Website via cookies placed by Google Analytics.

• Contact forms on the Website
• Newsletter subscription forms
• Meeting scheduling via cal.com
• Cookies and tracking technologies (Google Analytics)

We process your personal data on the following legal grounds:

• Consent (Art. 6(1)(a)) — for newsletter subscriptions and non-essential analytics cookies. You may withdraw your consent at any time.
• Contractual necessity (Art. 6(1)(b)) — to schedule meetings, deliver paid consultations, and fulfil orders for digital products.
• Legitimate interests (Art. 6(1)(f)) — for follow-up communications after a meeting or enquiry, and for improving our Website.

• To respond to your enquiries submitted via the contact form
• To send you our newsletter (with your consent)
• To schedule and manage meetings booked via cal.com
• To conduct follow-ups after meetings or consultations
• To provide paid consultation services and digital products
• To analyse Website traffic and user behaviour (Google Analytics)

We use the following third-party service providers that may process your personal data on our behalf:

• Google Analytics (Google LLC) — Website analytics. Google may transfer data outside the EEA under Standard Contractual Clauses. You can opt out via the Google Analytics Opt-out Browser Add-on.
• cal.com — Meeting scheduling. Data shared includes your name, email address, and chosen meeting time.
• Notion — Used as our CRM to store and manage contact records and follow-up notes.
• Anthropic (Claude API) — AI reasoning used to support content creation and service delivery. Data submitted through relevant features may be processed by Anthropic.
• OpenAI (ChatGPT API) — AI reasoning used to support content creation and service delivery. Data submitted through relevant features may be processed by OpenAI.

All processors are required to implement appropriate technical and organisational measures in compliance with GDPR.

Some of our service providers (including Google, Anthropic, and OpenAI) are based outside the European Economic Area (EEA). Where data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions issued by the European Commission.

We retain your personal data for a minimum of 1 year from the date of collection, or longer if required by law or ongoing business need. Specifically:

• Newsletter subscribers: retained until you unsubscribe.
• Contact form submissions and meeting data: retained for at least 1 year from the date of last contact.
• CRM records (Notion): reviewed periodically and deleted when no longer necessary.

We use the following cookies:

• Essential cookies — required for the Website to function properly.
• Analytics cookies — placed by Google Analytics to help us understand how visitors use our Website.

When you first visit the Website, you will be asked to consent to non-essential cookies. You can manage or withdraw your cookie preferences at any time via your browser settings.

As a data subject based in the EU/EEA, you have the following rights:

• Right of access — to request a copy of your personal data we hold.
• Right to rectification — to correct inaccurate or incomplete data.
• Right to erasure — to request deletion of your data.
• Right to restriction of processing — to request we limit how we use your data.
• Right to data portability — to receive your data in a machine-readable format.
• Right to object — to object to processing based on legitimate interests.
• Right to withdraw consent — at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at hello@skaftos.com. We will respond within 30 days. You also have the right to lodge a complaint with your national supervisory authority. In Poland, this is the Urząd Ochrony Danych Osobowych (UODO) at uodo.gov.pl.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. However, no method of internet transmission is 100% secure.

Our Website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact hello@skaftos.com and we will delete it promptly.

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised date. We encourage you to review this policy periodically.

Skaftos by Bartosz Beza

Email: hello@skaftos.com

Website: skaftos.com