Privacy Policy

The controller of your personal data is:

Mikołaj Kopeć Coflow
Tax ID (NIP): 6932196909, REGON: 529114406
ul. Armii Krajowej 15/88, 67-200 Głogów, Poland
Email: mikolaj.kopec@coflow.pl

No Data Protection Officer has been appointed. For any data protection inquiries, please contact the Controller directly at the email address above.

We collect the following personal data:

a) AI Diagnostic (ai-report.coflow.pl)

• Email address
• Diagnostic form data: industry, team size, time-consuming areas, tools used, intent
• Newsletter consent (yes/no)

b) Meeting booking (Calendly)

• Full name
• Email address
• Business description
• Meeting objective

c) Technical data

• IP address (processed by hosting services)
• Analytics data (PostHog, Vercel Analytics) — only after cookie consent

Your data may be shared with the following service providers, with whom the Controller has appropriate Data Processing Agreements (DPAs):

Provider	Purpose	Location
Resend, Inc.	Email delivery, contact storage	USA (EU-US Data Privacy Framework, SCCs)
PostHog, Inc.	Analytics (only after cookie consent)	EU (EU servers)
Vercel, Inc.	Hosting, Vercel Analytics, Speed Insights	USA/Global (DPA with SCCs)
Calendly, LLC	Meeting scheduling	USA (DPA with SCCs)

Your data is never sold or shared with third parties for marketing purposes.

Some of the above providers process data outside the European Economic Area (primarily in the USA). Transfers are made based on:

• Standard Contractual Clauses (SCCs) approved by the European Commission (Decision 2021/914)
• EU-US Data Privacy Framework (for Resend)

Under the GDPR, you have the following rights:

• Right of access — obtain a copy of your data
• Right to rectification — correct inaccurate data
• Right to erasure — request deletion of your data ("right to be forgotten")
• Right to restriction of processing
• Right to data portability — receive your data in a machine-readable format
• Right to object — to processing based on legitimate interest
• Right to withdraw consent — at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, email: mikolaj.kopec@coflow.pl.
We will respond within 30 days of receiving your request.

You also have the right to lodge a complaint with the supervisory authority — President of the Personal Data Protection Office (UODO) (ul. Stawki 2, 00-193 Warsaw, Poland, uodo.gov.pl).

This website uses the following browser storage mechanisms:

Name	Type	Purpose	Consent Required
cookie-consent	localStorage	Remember your cookie preference	No (essential)
PostHog cookies	Analytics cookies	Traffic and behavior analytics	Yes
Vercel Analytics	Analytics script	Page performance measurement	No (privacy-friendly, cookieless)

PostHog is disabled by default and only activated after you accept cookies in the cookie banner. You can change your decision at any time by clearing the site data in your browser settings.

The AI Diagnostic form (ai-report.coflow.pl) uses fonts loaded from Google servers (Google Fonts). When loading the page, your browser connects to Google servers, which results in your IP address being transmitted. More info: Google Privacy Policy.

We implement appropriate technical and organizational measures to protect personal data, including:

• Encrypted data transmission (HTTPS/TLS)
• Restricted data access (Controller only)
• Use of service providers with security certifications (SOC 2)

The Controller reserves the right to modify this Privacy Policy. Significant changes will be communicated by publishing an updated version on this page with a new update date.