GoAutomate — Chmielna 10, 00-020 Warszawa, Poland
Summary: We collect only what we need to deliver your project and process your payment. We do not sell your data. You have full rights over your personal information under the GDPR.
The data controller responsible for your personal data is:
GoAutomate operates under Polish law and is subject to EU data protection regulations, including the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679). Our supervisory authority is the Urząd Ochrony Danych Osobowych (UODO), the Polish Data Protection Office (uodo.gov.pl).
We collect personal data in the following situations:
When you fill in the contact form on our website, we collect:
When you purchase a service, payment is processed entirely by Stripe, Inc. We never see, receive, or store your card number, CVC, or full payment credentials. Stripe provides us with a limited transaction record containing:
Charges appear on your bank statement as GOAUTOMATE.WORK.
Once a project is under way, we communicate via email. This correspondence may contain your name, email address, and details about your systems or business processes. We retain project-related emails for the duration of the support period plus any legally required retention period.
Our website does not use analytics services, tracking pixels, or advertising cookies. We do not collect IP addresses, device fingerprints, or behavioural data. The only technical data processed is what is inherently captured in standard web server access logs (IP address, browser type, page requested, timestamp), which are retained for no longer than 30 days and are not used for profiling.
| Purpose | Data used | Legal basis |
|---|---|---|
| Respond to enquiries and provide quotes | Name, email, tools used, project description | Legitimate interest / Pre-contractual steps |
| Deliver the automation service | Name, email, project details | Performance of contract |
| Process payment | Billing name, transaction record (via Stripe) | Performance of contract |
| Issue invoices and comply with tax law | Name, address, transaction amount | Legal obligation |
| Provide post-delivery support | Name, email, project details | Performance of contract / Legitimate interest |
| Protect against fraud and abuse | Transaction metadata (via Stripe) | Legitimate interest |
| Maintain server access logs | IP address, browser, timestamp | Legitimate interest (security) |
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
We rely on the following legal bases:
We do not currently rely on consent as the primary legal basis for any processing. If we introduce email marketing or optional communications in the future, we will request your explicit consent at that time and provide a clear, easy way to withdraw it.
Your full card details are never transmitted to or stored by GoAutomate. Payment processing is handled entirely by Stripe.
Our payment processor is Stripe, Inc. (354 Oyster Point Blvd, South San Francisco, CA 94080, USA). When you make a payment, you submit your card details directly to Stripe's secure infrastructure. Stripe processes the transaction and returns a confirmation to us.
Stripe acts as an independent data controller for the payment data you provide to them. Their collection and use of your personal data is governed by Stripe's own Privacy Policy, available at stripe.com/privacy. We encourage you to read it.
The limited payment record Stripe shares with us (transaction ID, last four digits, billing name, amount) is stored securely and used only for order fulfillment, invoicing, and refund processing.
Stripe is certified to PCI DSS Level 1, the highest level of payment security certification. Stripe also participates in the EU–US Data Privacy Framework.
We do not sell, rent, or trade your personal data to third parties. We share it only in the following limited circumstances:
Any third party that processes personal data on our behalf is required to do so only on our documented instructions and in compliance with GDPR.
GoAutomate is based in Poland (European Union). Some of the third-party services we use — in particular Stripe — are headquartered in the United States. When personal data is transferred outside the European Economic Area (EEA), we rely on one or more of the following safeguards:
You may request a copy of the relevant transfer safeguards by contacting us at support@goautomate.work.
| Data category | Retention period | Reason |
|---|---|---|
| Contact form submissions (no purchase) | 12 months from last contact | Legitimate interest in following up |
| Project correspondence and deliverables | Duration of support period + 2 years | Warranty and dispute resolution |
| Invoice and payment records | 5 years from the invoice date | Polish Accounting Act (Ustawa o rachunkowości) / EU VAT obligations |
| Server access logs | 30 days | Security monitoring |
After the applicable retention period, your data is securely deleted or anonymised so that it can no longer be linked to you.
As a data subject in the EU/EEA, you have the following rights. You can exercise any of them by contacting us at support@goautomate.work. We will respond within 30 days without charge (unless a request is manifestly unfounded or excessive).
Request a copy of all personal data we hold about you, along with information on how it is used.
Ask us to correct inaccurate data or complete incomplete data we hold about you.
Request deletion of your data where there is no compelling reason for continued processing. Note: legal retention obligations may apply.
Ask us to pause processing of your data while a complaint is being investigated or accuracy is contested.
Receive your data in a structured, machine-readable format (applies to data processed by automated means under contract or consent).
Object to processing based on legitimate interests. We will stop unless we can demonstrate compelling grounds that override your interests.
Right to lodge a complaint. If you believe we have handled your data unlawfully, you have the right to lodge a complaint with the Polish Data Protection Office (UODO) at uodo.gov.pl, or with the supervisory authority in the EU member state where you live or work.
Our website (goautomate.work) uses only strictly necessary cookies. We do not use analytics cookies, advertising cookies, tracking pixels, or social media plugins that collect personal data.
The cookies our site may set are:
Because we use only strictly necessary cookies, we are not required to obtain cookie consent under Article 5(3) of the ePrivacy Directive. No consent banner is displayed. If we add any non-essential cookies in the future, we will update this policy and display a consent notice before setting those cookies.
Our services are intended for business use and are directed at adults (18 years and over). We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have inadvertently collected personal data from a child, we will delete it promptly. If you believe we have collected data from a minor, please contact us at support@goautomate.work.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will update the "Last updated" date at the top of this page.
We encourage you to review this page periodically. If you have an active engagement with us at the time of a material change, we will notify you by email.
Continued use of our website or services after any changes have been posted constitutes your acknowledgement of those changes.
For any questions, concerns, or requests relating to your personal data or this Privacy Policy, please contact us:
We respond within 30 days as required by the GDPR (usually faster).
If you are not satisfied with our response, you have the right to lodge a complaint with the Urząd Ochrony Danych Osobowych (UODO):
ul. Stawki 2, 00-193 Warszawa, Poland — uodo.gov.pl