Privacy & Cookies Policy

For starters, it’s great you visited DevSec Blog and that you are not indifferent to the way we process your personal data. Below you will find the purposes, legal bases and the duration of personal data processing, described separately for each purpose of processing.

To begin with, we want to underline that your data is safe with us. We ensure the confidentiality of all personal data transferred to us, protect it from unauthorised users’ access and take adequate security and data protection measures required by regulations on personal data protection.

1. General information

1.1 The Administrator of your personal data is Krzysztof Pranczk running a business under the name Krzysztof Pranczk IT Consulting, NIP 7962999625. Should you have any doubt regarding privacy policy, you may contact us at any time using this e-mail address: .

1.2 The GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) grants to you the following rights related to the processing of your personal data:
a) the right to access your data and receive its copy, 
b) the right to amend (correct) your data, 
c) the right to erase your data (if in your opinion there is no legal basis for further processing of your data, you can ask us to erase you data), 
d) the right to request the limitation of processing your data (you can request the restriction of data processing for the sole purpose of their storage or performance of actions agreed with you),  
e) the right to object to processing the data (you have the right to object to processing the data on the basis of a legitimate interest; you should indicate a particular situation – covered by your objection, that justifies, in your opinion, ceasing data processing. We will cease to process your data for these purposes, unless we demonstrate grounds for the processing which override your rights or unless we need your data for the establishment of and pursuing legal claims as well as for the defence against your legal claims.
f) the right to transfer your data (you have the right to receive the personal data, which you provided to us upon a contract or your consent, in a structured, commonly used and machine-readable format; you can instruct us to transmit this data to another subject), 
g) the right to lodge a complaint with a supervising authority (if you come to conclusions that we are processing your data unlawfully, you can lodge a complaint with the President of the Personal Data Protection Office or another competent supervisory authority).

The procedure of exercising these rights have been provided in detail in sections 16 – 21 of the GDPR. Please remember that you can ask us to provide you the information about the data we already possess and the purposes of its processing. Just send a message to the following e-mail: .

1.3 Your personal data can be processed by the entities whose services we use. Those entities may have access to your personal data if the services they provide us with are or may be related to the processing of personal data. This concerns, in particular, entities such as the hosting provider, e-mail service providers, website technical service providers, law firms, marketing service providers, accounting offices, cloud software providers, etc. Remember that your data is safe and processed only to the necessary extent. In addition, if necessary, your personal data may be made available to entities, bodies or institutions authorized to obtain access to data on the basis of legal provisions, such as the police, security services, courts, public prosecutor’s offices, as well as tax offices, to the extent necessary to fulfill tax, billing and accounting obligations.

1.4 We transfer your personal data to third countries in connection with the use of tools that store personal data on servers located in the third countries, in particular in the USA. The providers of these tools guarantee the appropriate level of personal data protection through the adequate compliance mechanisms provided for in the GDPR or the use of standard contractual clauses. Personal data is stored on servers located in third countries within Google services (described in this Privacy Policy). For newsletter and marketing purposes, we’re using which is based in Europe and compliant with GDPR requirements.

1.5 We use tools that can operate in a specific manner depending on information gathered with tracking technologies (profiling and behavioural advertising). However, in our opinion these mechanisms do not affect you as they do not differentiate your situation as a client, they do not impact the terms of contract that you can conclude with us. 

2. Purposes and processing activities of personal data

2.1 Contact.

Processed data: name, e-mail address and alternatively data contained in the message (providing data is voluntary, however it is necessary to make contact).

The purpose of processing: making contact

Duration of data processing: The content of the correspondence can be archived and it cannot be precisely determined when it will be deleted.

Legal basis: art. 6 (1) (f) of GDPR, which is our legitimate interest. The legal basis of data processing after contract termination is also our legitimate purpose of archiving correspondence for internal needs (art. 6 (1) (f) of GDPR). 

Entitlement: You have the right to request access to the correspondence history that you conducted with us (if it was archived) and demand to erase it, unless archiving this data is justified due to our overriding interests, e.g. protection against potential claims on your part.

2.2 Newsletter.

Processed data: e-mail address (providing data is voluntary, however it is necessary to subscribe to a newsletter).

The purpose of processing: sending the newsletter. The mail system we use tracks your activities undertaken in connection with the messages sent to you. Therefore, we have information about messages you opened, messages you used in terms of the links contained in them etc.

Duration of the processing: the time of providing newsletter services and archiving data in order to prove in the future that you consented to receiving the newsletter.

The content of the correspondence can be archived and it cannot be precisely determined when it will be deleted.

Legal basis: consent (art. 6 (1) (f) of GDPR) expressed when subscribing to the newsletter. 

Entitlements: You can unsubscribe from the newsletter at any time by clicking on the link provided in every message sent as a part of the newsletter or simply by contacting us. You can amend your data or object to processing of your personal data. Considering our legitimate interest (art. 6 (1) (f) of GDPR) we will not erase your data from our database. Erasing such data would prevent us from demonstrating, if necessary, the fact that in the past you have agreed to receive the newsletter. 

3. Cookies

3.1 Cookies and other tracking technologies. Our website uses cookies. 

Cookies are small pieces of text information stored on your end device (e.g. computer, tablet, smartphone) that can be read by our communication and information system (own cookies) or the communication and information systems of third parties (third-party cookies). Some cookies used by us are deleted after the end of the browsing session, that is after the browser is closed (session cookies). Other cookies are stored on your end device and enable us to recognise your browser the next time you visit the website (persistent cookies). 

3.2 Cookie Consent

  • During the first visit to our website, the information about the use of cookies together with an information about a consent to the use of these files is displayed. Thanks to a special tool you have a possibility to manage cookies from the website level, disabling individual cookies. You can manage them by clicking on consent change.
  • You can always change the cookie settings in your browser or delete cookies altogether. Browsers manage cookie settings in various ways. In the auxiliary menu of the web browser you will find explanations on how to change cookie settings.  
  • You can also manage cookie settings by downloading a special add-on enabling you to control cookies. 
  • Disabling or limiting the use of cookies may cause difficulties in using our website, as well as many other websites that use cookies.

3.2 Server Logs

  • Using the website involves sending queries to the server on which the website is stored. Each query directed to the server is saved in the server logs.
  • Server logs typically include your IP address, the date and time of the server, information about the web browser and the operating system you use. 
  • Logs are saved and stored on the server. The data saved in the server logs is not associated with particular persons using the website and is not used by us to identify you. 
  • The server logs are only auxiliary material used to administer the website, and their content is not disclosed to anyone except those authorised to administer the server. 

3.4 Google Analytics.

  • We use the Google Analytics tool provided by Google LLC based in the USA.
  • The purpose is to create statistics and their analysis in order to optimise websites.
  • The collected data is personal data and it does not enable your identification. The information we have access to as a part of Google Analytics is in particular: information about the operating system and the web browser you use, the subpages you are viewing as a part of our website, time spent on the website and its subpages, the source directing you to our website.
  • As a part of Google Analytics, we use Advertising Features such as demographic and interest reports, age range, gender, approximate location, interests expressed through online activities. 
  • In order to use Google Analytics, we have implemented a unique Google Analytics tracking code in the code of our website. The tracking code uses Google LLC cookies for the Google Analytics service.

3.5 Google Tag Manager 

  • We use the Google Tag Manager provided by Google LLC.
  • Google Tag Manager is used to manage website tags via interface. With the help of Google Tag Manager, we control our advertising campaigns and the way you use our websites.
  • Google Tool Manager implements only tags. Using Google Tool Manager does not involve the storage of cookies or the collection of personal data. This tool enables functioning of other tags that may collect data under certain circumstances. However, Google Tool Manager does not access this data.
  • Deactivating  saving options at domain or cookies level will apply to all tracking tags implemented via Google Tag Manager.
  • We carry out activities in this area based on our legitimate interest of marketing our products or services and optimising our websites.

3.6 Real Cookie Banner Plugin

  • To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at
  • The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
  • The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.

3.7 Content from external websites.

  • Content from external services is provided on our website, in particular the videos available on YouTube.  
  • Therefore, Google LLC cookies related to the YouTube service are used, including DoubleClick cookies.
  • It is possible to prevent the assignment of the data collected during playing videos or reading other content available on our website directly to your profile in given internet service, by logging out of this service before visiting our website, as well as, for example, by blocking scripts.
  • YouTube-related cookies are not loaded until the movie is played, so refraining from watching the movie will prevent them from loading. 
  • The purpose and scope of data collection and its further processing and use of the data by service providers, as well as your contact details and rights and settings to protect your privacy are described in the service providers’ privacy policies.

Please note that if any information provided by us regarding the privacy policy or cookies is unclear to you, you can contact us via e-mail.