Last Updated: 16 July 2026
The controller of personal data collected through the website yesepe.info is Yesepe, with its registered place of business at Stefana Żeromskiego 2, Elbląg, Poland. For all matters relating to the processing of personal data, the controller may be contacted at the email address [email protected] or by telephone at +48 55 233 8131. The controller is responsible for determining the purposes and means of processing personal data in connection with the operation of this website and the delivery of educational course services.
Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, GDPR), as well as the Polish Act of 10 May 2018 on the Protection of Personal Data (Dz. U. 2018, poz. 1000, as amended). Processing is carried out on the basis of: (a) the necessity for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract, pursuant to Article 6(1)(b) GDPR; (b) compliance with a legal obligation to which the controller is subject, pursuant to Article 6(1)(c) GDPR; (c) the legitimate interests pursued by the controller, pursuant to Article 6(1)(f) GDPR; and (d) the freely given, specific, informed, and unambiguous consent of the data subject, pursuant to Article 6(1)(a) GDPR, where consent has been expressly obtained.
The categories of personal data that may be collected through this website include: identification data such as first name and surname; contact data such as email address and telephone number; technical data automatically collected during website visits, including IP address, browser type and version, operating system, referring URL, and pages viewed; and communication data consisting of the content of messages submitted through the contact form. The controller does not knowingly collect sensitive data (special categories of data within the meaning of Article 9 GDPR) through this website.
Personal data collected through the contact form is processed for the purpose of responding to enquiries submitted by website visitors regarding the Yesepe course programme, upcoming sessions, and general informational requests. Technical data is processed for the purposes of ensuring the security and proper functioning of the website, analysing traffic patterns, and improving the user experience. Where consent has been provided for the use of analytical or marketing cookies, data collected through those cookies may be processed for the purposes described in the Cookie Policy available at yesepe.info/cookies.html.
Personal data submitted through the contact form is retained for a period necessary to respond to the enquiry and, where a service relationship arises, for the duration of that relationship and for the statutory period following its conclusion as required by applicable Polish accounting and tax legislation. Technical log data is retained for a period not exceeding 12 months from the date of collection. Where processing is based on consent, data is retained until consent is withdrawn. The controller periodically reviews data held to ensure that retention does not exceed what is necessary for the purpose for which data was collected.
Personal data may be shared with third-party service providers engaged by the controller to support website hosting, email infrastructure, and website analytics. Such providers act as data processors under written data processing agreements and are permitted to process personal data only in accordance with the controller's documented instructions. The controller does not sell personal data to third parties. Where data is transferred to entities located outside the European Economic Area, such transfers are conducted in accordance with Chapter V of the GDPR, including where applicable the use of standard contractual clauses approved by the European Commission.
Data subjects have the following rights under the GDPR: the right of access to personal data held about them (Article 15); the right to rectification of inaccurate or incomplete data (Article 16); the right to erasure of personal data where one of the grounds set out in Article 17 GDPR applies; the right to restriction of processing in circumstances described in Article 18 GDPR; the right to data portability where processing is based on consent or on a contract and is carried out by automated means (Article 20); and the right to object to processing carried out on the basis of legitimate interests (Article 21). Where processing is based on consent, data subjects have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. To exercise any of these rights, data subjects should contact the controller at [email protected]. Data subjects also have the right to lodge a complaint with the Polish supervisory authority, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, PUODO), ul. Stawki 2, 00-193 Warsaw.
This website uses cookies and similar tracking technologies. Detailed information about the types of cookies used, their purposes, and the options available to users for managing cookie preferences is provided in the Cookie Policy at yesepe.info/cookies.html. The website presents a cookie consent interface upon first visit that allows users to select their preferences. Strictly necessary cookies are used without consent as they are essential to the operation of the website. Other categories of cookies, including analytical and marketing cookies, are activated only upon the provision of explicit consent through the cookie consent interface.
The controller implements appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include the use of secure encrypted connections (HTTPS/TLS) for all data transmitted through the website, access controls limiting data access to authorised personnel, and regular review of security practices. The controller requires that third-party processors implement equivalent security measures. In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of natural persons, the controller will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with Article 33 GDPR.
The controller reserves the right to amend this Privacy Policy at any time to reflect changes in applicable law, regulatory guidance, or the controller's data processing activities. The revised policy will be published on this page with an updated effective date. Material changes affecting the rights of data subjects will be communicated through a prominent notice on the website. Continued use of the website following publication of a revised policy constitutes acknowledgement of the updated terms. Users are encouraged to review this policy periodically.
For any questions, concerns, or requests relating to the processing of personal data under this Privacy Policy, data subjects may contact the controller by email at [email protected], by telephone at +48 55 233 8131, or by post addressed to Yesepe, Stefana Żeromskiego 2, Elbląg, Poland. The controller will endeavour to respond to all data protection enquiries within 30 days of receipt.