Privacy Policy

The controller of your personal data is:

Jakub Radziwiński (Kaveia)
Tax ID (NIP): 5170446507

Registered in: Poland

Address: Kolorowa 22, 35-235 Rzeszów, Poland

Email: hello@kaveia.com

If you have any questions regarding this Privacy Policy or your personal data, you can contact us at the email address above.

We collect only the data necessary to operate the website and early access program.

a) Data you provide directly

• Email address (when you join the waitlist or contact us)
• Any information you voluntarily include in a contact message

Providing this data is voluntary, but necessary if you want to join the waitlist or receive a response.

b) Data collected automatically

When you visit the website, certain technical data is processed automatically via logs and privacy-friendly analytics:

• IP address (processed and not stored in a form that allows direct identification of users)
• Browser type and version
• Operating system
• Approximate location (country level)
• Pages visited

Important: We do not use cookies or client-side trackers to collect this data.

We process personal data for the following purposes:

a) Early access and communication

• Managing the early access waitlist
• Contacting you with updates about product availability
• Sending updates related to product availability and early access
• Responding to messages sent via the contact form

Legal basis:

Article 6(1)(b) GDPR – steps taken at your request prior to entering into a contract

Article 6(1)(f) GDPR – legitimate interest in communicating with users regarding the waitlist

b) Website operation and analytics

• Ensuring proper functioning of the website
• Understanding general traffic trends (privacy-friendly analytics)

Legal basis:

Article 6(1)(f) GDPR – legitimate interest in running, securing, and improving the website

c) Legal and security purposes

• Ensuring website security (e.g., DDoS protection)
• Preventing abuse or misuse
• Defending potential legal claims

Legal basis:

Article 6(1)(f) GDPR – legitimate interest

We retain personal data only for as long as necessary:

• Waitlist and contact data: until you request deletion or until the purpose is fulfilled (e.g., product is closed and subsequent communication).
• Analytics and logs: for a limited period, in accordance with our infrastructure providers' retention policies (usually deleted or anonymized shortly after collection).
• Legal data: as required by applicable law.

You may request deletion of your data at any time.

We do not sell your data.

Your data may be shared only with trusted service providers necessary to operate the website and early access program, such as:

• Hosting and infrastructure providers (e.g., Vercel, AWS)
• Privacy-friendly analytics providers (Cloudflare Web Analytics)
• Email and communication tools used for waitlist and contact communication

All providers are required to protect your data.

Some service providers (e.g., hosting, email services) may process data outside the European Economic Area (EEA), primarily in the USA.

In such cases, we ensure appropriate safeguards. Where possible, we rely on the EU-U.S. Data Privacy Framework (DPF) for transfers to US-based providers certified under the framework. Alternatively, we rely on Standard Contractual Clauses approved by the European Commission.

No. We do not use cookies or local storage trackers on our website.

We use Cloudflare Web Analytics, which is a privacy-first tool. It measures site traffic based on non-invasive signals and does not store any files on your device or track your behavior across other websites.

Because we do not use cookies, you do not see a cookie consent banner on our website.

We apply appropriate technical and organizational measures, including:

• Encrypted connections (TLS/HTTPS)
• Access control and limited permissions
• Secure infrastructure and hosting
• Regular system monitoring

We take reasonable steps to protect personal data from unauthorized access, loss, or misuse.

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

Requests can be sent to hello@kaveia.com.

We respond within the timeframes required by law.

Using the website involves sending requests to our servers. These requests are logged for technical and security purposes (e.g., to prevent DDoS attacks).

Server logs may include:

• IP address
• Date and time of request
• Browser and system information

This data is not used to identify individual users for marketing purposes, but is essential for the technical maintenance of the site.

We may update this Privacy Policy as the product evolves.

Any changes will be published on this page.

If changes are significant, we may notify registered users via email.

If you have any questions about this Privacy Policy or how we process personal data, contact us at: hello@kaveia.com