Privacy Policy
Flambia Sp. z o.o. (“Flambia”, “we”, “us”) is the controller of your personal data.
- Registered office: Karola Olszewskiego 6, 25-663 Kielce, Poland
- KRS 0000902514 · NIP 9592042763 · REGON 389019110
- Represented by Paweł Kaczyński, President of the Management Board
- Privacy and data requests: pawel@mindlink.digital
- Website: https://go.flambia.com
1. Who we are
This page explains how we handle your personal data when you visit go.flambia.com, sign up for our free resources, or buy The First-Customer Kit.
The data controller is Flambia Sp. z o.o., with its registered office at Karola Olszewskiego 6, 25-663 Kielce, Poland (KRS 0000902514, NIP 9592042763, REGON 389019110), represented by Paweł Kaczyński, President of the Management Board.
If you have any question about your data, just email us at pawel@mindlink.digital. A person reads it.
2. What information we collect
We keep this simple. We only collect what we need to deliver the Kit, answer you, and run our website.
- Identity and contact details — your name and email address, when you opt in or buy.
- Order information — what you bought and when. Payment and card details are entered with and handled by Stripe. We do not see or store your card number.
- Usage and device data — pages viewed, clicks, approximate location, browser and device type, collected through analytics tools.
- Communications — the messages you send us and our replies.
3. How we collect it
We collect data in two ways:
- Directly from you — when you fill in a form, join our email list, or complete checkout.
- Automatically — through cookies and similar technologies when you use the site, as described in section 5.
4. Why we use it and our legal bases
Under the GDPR (Article 6), we always have a lawful reason to use your data:
- To perform our contract with you (Art. 6(1)(b)) — delivering The First-Customer Kit, processing your order, and giving you support.
- For our legitimate interests (Art. 6(1)(f)) — understanding how the site is used, keeping it secure and working, and measuring whether our advertising works. We balance these interests against your rights.
- With your consent (Art. 6(1)(a)) — setting non-essential cookies (analytics and marketing) and sending you marketing emails. You can withdraw consent at any time.
- To meet legal obligations (Art. 6(1)(c)) — keeping accounting and tax records of your purchase.
5. Cookies and tracking technologies
Cookies are small files stored on your device. We group them into three categories:
- Strictly necessary — needed for the site and store to work, such as keeping your session and cart. These are always on.
- Analytics — help us see how the site is used so we can improve it. Set only with your consent.
- Marketing — help us measure and improve our advertising. Set only with your consent.
The providers we use are:
| Provider | Purpose | Category |
|---|---|---|
| WordPress / WooCommerce | Runs the website and store; keeps your cart and session | Strictly necessary |
| Google Analytics 4 (measurement ID G-0RHK3V03FL) | Website analytics and traffic statistics | Analytics |
| Microsoft Clarity (project x3ysxw4xcp) | Session analytics and heatmaps | Analytics |
| Meta Pixel + Conversions API (Pixel ID 1927819624542989) | Advertising measurement; server-side events are deduplicated | Marketing |
Non-essential cookies (analytics and marketing) are only set after you give consent through our cookie banner. You can withdraw your consent at any time by reopening the cookie settings on the site, or by clearing cookies in your browser. Withdrawing consent does not affect anything done before you withdrew it.
6. Who we share data with
We do not sell your data. We share it only with trusted service providers who help us run the business, and only as far as they need it. Each acts under a contract that protects your data.
| Provider | Purpose |
|---|---|
| Stripe, Inc. | Payment processing. Card details are entered with and handled by Stripe; we do not store card numbers. |
| Google (Google Ireland Limited / Google LLC) | Website analytics (Google Analytics 4). |
| Meta Platforms Ireland Limited | Advertising measurement (Meta Pixel and Conversions API). |
| Microsoft Corporation | Session analytics and heatmaps (Microsoft Clarity). |
| Email delivery provider | Sending you the purchased Kit and occasional related emails. |
| Zenbox (Poland) | Website hosting. |
7. International data transfers
Some of our providers — Google, Meta, Microsoft and Stripe — are headquartered in the United States, so your data may be transferred outside the European Economic Area. When that happens, the transfer is protected by appropriate safeguards: Standard Contractual Clauses approved by the European Commission and/or the EU–US Data Privacy Framework. You can ask us for more detail at any time.
8. How long we keep it
We keep your data only as long as we need it for the purpose we collected it for.
- Order records — kept for the periods required by accounting and tax law.
- Email list data — kept until you unsubscribe or ask us to delete it.
- Analytics and advertising data — kept for limited periods set by each tool.
- Messages you send us — kept as long as needed to handle your request and for a reasonable time afterward.
9. Your rights
Under the GDPR, you have the right to:
- Access — get a copy of the data we hold about you.
- Rectification — have inaccurate or incomplete data corrected.
- Erasure — ask us to delete your data (“right to be forgotten”).
- Restriction — ask us to pause our use of your data.
- Portability — receive your data in a portable format.
- Objection — object to processing based on our legitimate interests.
- Withdraw consent — at any time, where we rely on your consent.
To exercise any of these rights, email us at pawel@mindlink.digital. We will respond within the time the law allows, and usually much sooner.
10. Security
We take reasonable technical and organisational measures to protect your data against loss, misuse, and unauthorised access. Payments run through Stripe over encrypted connections, and we limit who can access personal data to those who need it. No method of transmission over the internet is perfectly secure, but we work to keep your data safe.
11. Children
Our website and products are meant for business owners and are not directed to anyone under 16. We do not knowingly collect data from children. If you believe a child has given us their data, contact us and we will delete it.
12. Complaints
If you are unhappy with how we handle your data, we would like the chance to put it right — please email us first. You also have the right to lodge a complaint with the Polish supervisory authority:
Prezes Urzędu Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.
13. Changes to this policy
We may update this policy from time to time. When we do, we will change the “last updated” date at the top of this page. For significant changes, we will give you clearer notice. Please check back now and then.
14. Contact
Questions about this policy or your data? Email pawel@mindlink.digital or write to Flambia Sp. z o.o., Karola Olszewskiego 6, 25-663 Kielce, Poland. You can also reach us through our Contact page. See also our Terms and Refund Policy.