Privacy
policy
Last updated: 27 March 2026
This Privacy Policy sets out the rules for storing and accessing data on User devices when using the Service for electronic service delivery by the Controller, as well as the rules for collecting and processing personal data provided voluntarily by Users through the tools available on the Service.
§1 Definitions
- Service
- the website "solveshape.com" operating at https://solveshape.com
- External service
- websites of partners, service providers, or service recipients cooperating with the Controller
- Service / Data Controller
- the Controller of the Service and the Data Controller (hereinafter: Controller) is solveshape.com, providing services electronically through the Service
- User
- a natural person for whom the Controller provides electronic services through the Service
- Device
- an electronic device with software through which the User accesses the Service
- Cookies
- text data collected in the form of files placed on the User's Device
- GDPR
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- Personal data
- information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person
- Processing
- any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, erasure, or destruction
- Restriction of processing
- the marking of stored personal data with the aim of limiting their processing in the future
- Profiling
- any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person
- Consent
- any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
- Personal data breach
- a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data
- Pseudonymisation
- the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, kept separately
- Anonymisation
- an irreversible data operation process that destroys or overwrites personal data, making it impossible to identify or link a given record to a specific user
§2 Data Protection Officer
Pursuant to Article 37 of the GDPR, the Controller has not appointed a Data Protection Officer.
For matters relating to the processing of data, including personal data, please contact the Controller directly.
§3 Types of cookies
- Internal cookies
- files placed on and read from the User's Device by the Service's IT system
- External cookies
- files placed on and read from the User's Device by the IT systems of External Services. Scripts from External Services that may place cookies have been intentionally included in the Service
- Session cookies
- files placed on and read from the User's Device by the Service during a single session of that Device. The files are deleted from the User's Device when the session ends
- Persistent cookies
- files placed on and read from the User's Device by the Service until they are manually deleted. The files are not automatically deleted when the Device session ends
§4 Data storage security
Cookie storage and reading mechanisms
The mechanisms for storing, reading, and exchanging data between Cookies stored on the User's Device and the Service are implemented through built-in browser mechanisms and do not allow other data to be retrieved from the User's Device or from other websites, including personal data or confidential information.
Internal cookies
The cookies used by the Controller are safe for Users' Devices and do not contain scripts, content, or information that could threaten the security of personal data or the Device.
External cookies
The Controller takes every possible action to verify and select Service partners in the context of User security. The Controller does not, however, have full control over the content of cookies originating from external partners.
Cookie control
Users may at any time independently change the settings for saving, deleting, and accessing data stored in cookies for any website. Users may at any time delete all saved cookies using the tools on their Device.
Risks on the User side
The Controller takes every possible technical measure to ensure the security of data placed in cookies. It should be noted, however, that the security of such data depends on both parties. The Controller accepts no responsibility for the interception of such data as a result of User activity, viruses, or other spyware.
Storage of personal data
The Controller ensures that every effort is made so that processed personal data is secure, access to it is limited, and it is processed in accordance with its purpose and the purposes of processing.
§5 Purposes for which cookies are used
- –Improving and facilitating access to the Service
- –Personalising the Service for Users
- –Marketing and remarketing on external services
- –Maintaining statistics (users, number of visits, device types, connection speed, etc.)
§6 Purposes of personal data processing
Personal data voluntarily provided by Users is processed for one of the following purposes:
Personal data provided voluntarily
- –Delivery of electronic services
- –Communication between the Controller and Users on matters relating to the Service and data protection
- –Pursuing the legitimate interests of the Controller
Anonymous data collected automatically
- –Maintaining statistics
- –Remarketing
- –Pursuing the legitimate interests of the Controller
§7 Cookies from external services
The Service uses JavaScript scripts and web components from partners who may place their own cookies on the User's Device. Remember that you can manage which cookies are allowed through your browser settings.
Services provided by third parties are outside the Controller's control. These parties may at any time change their terms of service, privacy policies, purposes of data processing, and how they use cookies.
Partners or their services implemented in the Service that may place cookies:
- Google Analytics (statistics)
§8 Types of data collected
Anonymous data collected automatically
- –IP address
- –Browser type
- –Screen resolution
- –Approximate location
- –Subpages visited
- –Time spent on each subpage
- –Operating system type
- –Previous page address
- –Browser language
- –Internet connection speed
- –Internet service provider
Data collected on contact
- –Email address
- –IP address (collected automatically)
§9 Third-party access to personal data
As a general rule, the only recipient of personal data provided by Users is the Controller. Data collected as part of the services provided is not transferred to or sold to third parties.
Access to data may be held by parties responsible for maintaining the infrastructure and services necessary to operate the Service, i.e. hosting companies providing hosting or related services for the Controller.
The Controller uses the services of an external hosting provider, Netlify, Inc., to operate the Service. All data collected and processed through the Service is stored and processed within the service provider's infrastructure. Access to such data is governed by an agreement between the Controller and the Service Provider.
§10 How personal data is processed
Personal data provided voluntarily by Users
- –Personal data will not be transferred outside the European Union, unless published as a result of individual action by the User.
- –Personal data will not be used for automated decision-making (profiling).
- –Personal data will not be sold to third parties.
Anonymous data collected automatically
- –Anonymous data may be transferred outside the European Union.
- –Anonymous data may be used for automated decision-making (profiling).
- –Profiling of anonymous data does not produce legal effects or similarly significantly affect any person.
- –Anonymous data will not be sold to third parties.
§11 Legal bases for processing personal data
- –Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR): Article 6(1)(a) (consent), Article 6(1)(b) (performance of a contract), Article 6(1)(f) (legitimate interests)
- –Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
- –Telecommunications Law Act of 16 July 2004 (Journal of Laws 2004, No. 171, item 1800)
- –Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994, No. 24, item 83)
§12 Data retention periods
Personal data provided voluntarily
As a general rule, the personal data indicated is stored only for the period during which the Controller provides services through the Service. It is deleted or anonymised within 30 days of the end of service provision. An exception applies where retention is required to protect legitimate purposes, in which case data may be retained for no longer than 3 years.
Anonymous data collected automatically
Anonymous statistical data that does not constitute personal data is retained by the Controller for an indefinite period for the purpose of maintaining Service statistics.
§13 User rights in relation to personal data processing
- Right of access to personal data
- Users have the right to obtain access to their personal data, exercised on request submitted to the Controller.
- Right to rectification of personal data
- Users have the right to request that the Controller immediately rectify personal data that is inaccurate, or complete incomplete personal data.
- Right to erasure of personal data
- Users have the right to request that the Controller immediately erase their personal data. The Controller reserves the right to suspend fulfilment of an erasure request in order to protect a legitimate interest.
- Right to restriction of processing
- Users have the right to restrict the processing of personal data in cases specified in Article 18 of the GDPR, including where the accuracy of the personal data is contested.
- Right to data portability
- Users have the right to receive their personal data from the Controller in a structured, commonly used, machine-readable format.
- Right to object
- Users have the right to object to the processing of their personal data in cases set out in Article 21 of the GDPR.
- Right to lodge a complaint
- Users have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data.
§14 Contact details for the Controller
The Controller may be contacted in one of the following ways:
Email address: hello@solveshape.com
Contact form: available at https://solveshape.com/contact
§15 Service requirements
Restricting the saving and access to cookies on the User's Device may cause some Service functions to operate incorrectly.
The Controller accepts no responsibility for incorrectly functioning Service features in the event that the User restricts in any way the ability to save and read cookies.
§16 External links
The Service may contain links to external websites with which the Service owner has no affiliation. These links and the pages or files they point to may be dangerous for your Device or pose a risk to the security of your data. The Controller accepts no responsibility for content located outside the Service.
§17 Changes to the Privacy Policy
The Controller reserves the right to make changes to this Privacy Policy at any time without notifying Users with regard to the use and processing of anonymous data or the use of cookies.
The Controller reserves the right to make changes to this Privacy Policy with regard to the processing of personal data, and will notify Users by email within 7 days of any such change.
Changes to the Privacy Policy will be published on this page of the Service and take effect upon publication.

