← Back to Tyci Audit

Privacy Policy

Last updated: 18 October 2025

Data Controller

The entity responsible for processing your personal data is Tyci Tensor Sp. z o.o. w organizacji, with its registered office in Warsaw, Poland.

Address: Aleje Jerozolimskie 109/70, 02-011 Warszawa, Poland.
Contact: contact@tycitensor.com.

Status: This entity is currently in the formation stage under Article 11 § 3 of the Polish Commercial Companies Code. All rights and obligations will transfer to the final Sp. z o.o. upon KRS registration.

1. Scope of Data Collection

We collect personal data necessary to provide our security auditing services, including:

• Identity Data: Names, professional email addresses, and account credentials.
• Technical Data: IP addresses, browser types, and interaction logs with our website.
• Input Content: Data or code snippets provided for auditing purposes (which may contain personal identifiers).

2. Legal Bases for Processing (Art. 6 GDPR)

• Performance of Contract (Art. 6.1.b): To conduct audits and provide support.
• Legitimate Interest (Art. 6.1.f): To ensure the security of our services and internal administrative operations.
• Consent (Art. 6.1.a): For marketing communications such as our security tips newsletter. You can withdraw consent at any time.

3. How We Use Your Data

Our auditing service is human-led. Our expert engineers review your code and infrastructure manually, assisted by industry-standard automated scanning tools. We do not use your data to train AI models, and we do not send your code or data to third-party AI providers.

All audit findings are reviewed and validated by a human expert before being included in any report.

4. Data Retention

• Financial and contract records: Retained for 5 years from the end of the fiscal year in which the contract ended.
• Audit artifacts: Purged on a retention schedule agreed with the client. By default, artifacts are deleted within 90 days of engagement completion.
• Email newsletter data: Retained until you unsubscribe.

5. Your Rights

Under GDPR, you have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing based on legitimate interest.

To exercise any of these rights, contact us at contact@tycitensor.com.

6. Supervisory Authority

You have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO):

Urząd Ochrony Danych Osobowych
ul. Stanisława Moniuszki 1A, 00-014 Warszawa, Poland.

7. Cookies

7.1 Usage Categories

• Essential: Necessary for website functionality and session security.
• Analytical: We use Vercel Web Analytics to understand how visitors use our website. This is based on your consent or our legitimate interest in site optimization.

7.2 Management

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may impact website functionality.