SYSTEMS: OPERATIONALV.2.0.4
/// NAVIGATION_DECK
HOMESERVICESPRODUCTSABOUTCONTACT
/// LEGAL_PROTOCOL

Privacy Protocol

System-wide data protection and privacy governance framework for all BASALT SYSTEMS operations and client interactions.
PROTOCOL_UPDATED: 3/7/2026
PRIVACY POLICY

Basalt Systems (“we”, “us”, “our”) respects your privacy. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what choices you have.

Effective date: 2026-02-13

This policy applies to our website and storefront at basalt.systems.

QUICK READ OVERVIEW
  • We collect contact form details (name, email, message, optional phone) to reply and discuss services.
  • If you buy a digital product, checkout is handled by Lemon Squeezy; we receive order/contact details to deliver and support your purchase (we don’t store full payment card data).
  • We send occasional newsletters only if you opt in, and you can unsubscribe anytime.
  • We use Google Analytics 4 only after you consent via our cookie banner; we do not use advertising features
  • We protect forms with Google reCAPTCHA and host the site onNetlify; we may also use an error-monitoring provider (such as Sentry) to fix issues.
  • We keep contact requests for 12 months; purchase records are kept as required by law.
  • Vendors may process data outside the EEA; where required we use safeguards such as SCCs.
  • You have GDPR rights (access, deletion, etc.) and can withdraw cookie consent anytime by changing your cookie settings.
  • Contact us at support@basalt.systems for privacy requests
WHO WE ARE (CONTROLLER)

Controller: Basalt Systems

Location: Wrocław, Poland (EU)

Privacy contact: support@basalt.systems

Basalt Systems is currently operated as a sole proprietorship (JDG) in Poland and may transition to a company structure in the future. If that happens, we will update this policy accordingly.

WHO THIS WEBSITE IS FOR

Our website is intended for a worldwide audience (primarily EU/UK/USA) and is not directed at children. We do not knowingly collect personal data from minors.

WHAT PERSONAL DATA WE COLLECT

We collect only the data needed to run the site, respond to requests, deliver products, and send newsletters when you opt in.

A) Contact / consultation forms

When you contact us, we collect:
  • Name
  • Email address
  • Message content
  • Phone number (optional)

B) Digital product purchases (checkout via Lemon Squeezy)

When you purchase a product, we may receive:
  • Customer contact information (such as name and email)
  • Order details (such as product purchased, purchase date/time, invoice/receipt details, transaction identifiers, and purchase metadata)

C) Newsletter subscriptions

If you subscribe to our newsletter, we may collect:
  • Email address
  • Optional metadata related to your subscription (e.g., when you subscribed, whether you confirmed subscription, and unsubscribe status)

If you consent to statistics cookies, we use Google Analytics 4 (GA4) to understand how visitors use our site. We configured GA4 to:

  • Load only after cookie consent
  • Use IP anonymization
  • Disable Google Signals
  • Avoid advertising features

E) Security and anti-spam (Google reCAPTCHA)

We use Google reCAPTCHA to protect our forms and prevent spam and abuse. reCAPTCHA may collect information about your device and interactions to determine whether activity is legitimate.

F) Error monitoring (site reliability)

We may use an error monitoring provider such as Sentry to detect and fix technical issues. This can include technical data like device/browser information, error logs, and event identifiers. We aim to avoid collecting unnecessary personal data in error logs.

G) Hosting and delivery (Netlify)

Our website is hosted on Netlify. Netlify may process technical data (such as IP address and request logs) to deliver the website and keep it secure.

HOW WE USE YOUR DATA (PURPOSES)
We use personal data to:
  • Respond to inquiries and provide service consultations
  • Process and support digital product purchases and delivery (e.g., providing access links and customer support)
  • Send newsletters when you opt in
  • Operate, secure, and maintain the website (fraud prevention, spam protection, troubleshooting)
  • Improve site performance and user experience (analytics only where you consent)
LEGAL BASES FOR PROCESSING (GDPR)

We process personal data under these legal bases:

Consent

  • Cookies/analytics: we use GA4 only with your consent collected via our cookie banner.
  • Newsletters: we send newsletters only when you opt in, and you can withdraw consent at any time by unsubscribing.

Contract / steps before entering a contract

  • To process and support digital product purchases
  • To respond to requests related to our services and take steps at your request before entering into a contract

Legitimate interests

  • To keep our site secure, prevent fraud and abuse, and maintain reliability (including spam protection and basic operational logs)
  • (We do not rely on legitimate interests for analytics; analytics is consent-based.)

Legal obligation

  • To comply with applicable accounting/tax rules and related recordkeeping for purchases, where required
COOKIES AND CONSENT MANAGEMENT

We use a cookie consent tool (such as Cookiebot) to manage cookies and similar technologies.

Cookie categories

Your cookie banner lets you manage categories such as:

  • Necessary: required for basic site functionality and security
  • Preferences: remember choices you make (if used)
  • Statistics: analytics to understand site usage (GA4, only with consent)
  • Marketing: advertising/retargeting cookies

Marketing cookies: We do not use marketing/advertising cookies at this time.

Changing your preferences

You can update your cookie choices at any time via the cookie settings available on our site.

SHARING YOUR DATA (WHO WE SHARE IT WITH)
We share personal data only when needed to provide the website, sell products, send newsletters you requested, and keep the site secure. We do not sell your personal data.
THIRD-PARTY PROCESSORS

Depending on how you use our site, we may use the following providers:

  • Netlify (hosting and content delivery)
  • Google Analytics (Google) (website analytics, only after consent)
  • Cookiebot (cookie consent management)
  • Lemon Squeezy (checkout, order management, receipts, and related processing for digital products)
  • Google reCAPTCHA (anti-spam and abuse prevention)
  • Error monitoring provider such as Sentry (optional; reliability and troubleshooting)

Some providers may act as independent controllers for certain processing they perform for their own purposes. In all cases, we aim to share only what is necessary.

INTERNATIONAL DATA TRANSFERS
We serve users worldwide, and some of our providers may process data outside the European Economic Area (EEA). Where required, we rely on appropriate safeguards for international transfers, such as standard contractual clauses (SCCs) and/or other lawful transfer mechanisms available under data protection law.
HOW LONG WE KEEP YOUR DATA (RETENTION)

We keep personal data only as long as needed for the purposes described above:

  • Contact form submissions and related correspondence: up to 12 months, then deleted or anonymized unless we need to keep it longer to handle legal claims or obligations.
  • Newsletter subscription data: kept until you unsubscribe (and for a limited period after to respect and record your unsubscribe request).
  • Purchases: order and invoice/receipt records are kept as required by applicable accounting and tax laws.
  • Cookies: cookie lifetimes depend on the cookie category and your consent settings managed by the cookie consent tool. You can change your preferences at any time.
YOUR RIGHTS (GDPR)

If you are in the EEA/UK (and in many cases elsewhere), you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Restrict processing
  • Data portability
  • Object to processing based on legitimate interests
  • Withdraw consent at any time (for example, for cookies/analytics or newsletters)

You also have the right to lodge a complaint with your local data protection authority. If you are in Poland, you may contact the national authority (UODO), but you may also contact your local authority where you live.

To exercise your rights, email support@basalt.systems.

SECURITY

We use reasonable technical and organizational measures to protect personal data. No method of transmission or storage is 100% secure, but we work to prevent unauthorized access, misuse, or loss.

IF WE ADD USER ACCOUNTS LATER

We currently do not offer user registration or login accounts. If we add accounts in the future, we may collect additional data such as:

  • Account identifiers (e.g., email/username)
  • Authentication data (e.g., password or other credentials), handled securely (for example, passwords stored using industry-standard hashing)
  • Account activity related to product access and support

If we introduce accounts, we will update this Privacy Policy to explain what new data is collected and why.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time (for example, if we change providers, add features, or transition to a different legal entity structure). We will post the updated version on our website and update the “Effective date”.

HOW TO CONTACT US
If you have questions about this Privacy Policy or want to make a privacy request, contact:

Basalt Systems
Wrocław, Poland
Email: support@basalt.systems

/// END_OF_PROTOCOL
STATUS: ACTIVE | COMPLIANCE: GDPR_COMPLIANT | JURISDICTION: EU