Privacy Policy

Last updated: February 2026

This website is a personal, non-commercial demo project showcasing professional experience and technical capabilities.

The goal of this policy is to explain, in a clear and transparent way, how data is handled when you use this site.

1. Data controller

Data controller (site owner): Piotr Synak.

2. What data is collected

This website does not collect personal data such as names, email addresses, accounts, or profiles.

The only data processed during normal operation is:

  • an anonymous session identifier stored in a strictly necessary cookie
  • minimal technical request metadata required to operate the service (e.g. request timing)

No form submissions, user accounts, or identifiers are required to use the site.

3. Cookies

This site uses one strictly necessary technical cookie:

  • Name: ask_piotr_session_id
  • Purpose: store an anonymous session identifier required to maintain conversation continuity
  • Type: first-party, HttpOnly, SameSite=Lax, Secure when served over HTTPS
  • Scope: strictly functional
  • Lifetime: the cookie may persist for up to 1 year (Max-Age: 31536000 seconds); however, the associated server-side session context is transient and may expire or be reset at any time

    • The presence of the cookie does not imply long-term storage of conversation data or continuous availability of prior session context.

This cookie:

  • does not track users across websites
  • does not enable profiling
  • is not used for analytics or advertising

Strictly necessary cookies are generally exempt from consent requirements under EU ePrivacy rules. You can still disable cookies in your browser, although some site functionality may not work correctly.

4. No tracking or analytics

This website does not use:

  • Google Analytics
  • marketing or advertising cookies
  • third-party tracking pixels
  • fingerprinting or cross-site tracking
  • behavioral profiling

There are no ads and no commercial tracking of any kind.

5. Interaction logging (privacy-first)

For operational reliability, abuse prevention, and debugging, the backend may process limited logs in a privacy-minimised form.

  • Logs are used solely for reliability and abuse prevention
  • Data is not sold and not used for advertising
  • Retention is limited (see below)

Note: infrastructure providers (hosting/CDN/reverse proxy) may transiently process technical connection data (including IP addresses) for security and delivery purposes.

The service may also use an internal request header (x-session-id) to correlate requests during processing. This header is not stored in the browser.

6. Data retention

Technical logs, if stored, are retained only for a limited period and are not used to identify individuals.

No personal profiles or long-term behavioral histories are created.

7. Data sharing

No personal data is sold, shared, or transferred to third parties for marketing purposes.

To generate answers, the service may call external AI model providers. Those providers may process request content transiently to produce a response, within the technical scope of the service.

8. Use of Artificial Intelligence

This website uses artificial intelligence (AI) models to generate answers to user questions.

The AI system operates under the following principles:

  • Evidence-based answers only
  • Responses are generated exclusively from a curated, predefined knowledge base created by the site owner.
  • The system is designed not to invent, guess, or extrapolate beyond available source material.

No autonomous learning from users

  • User interactions are not used to train or fine-tune AI models.

No personal profiling

  • The AI does not build user profiles, infer identities, or track individuals across sessions.

Human-authored knowledge base

  • All factual content originates from human-curated documents describing professional experience, projects, and publications.

Model providers

  • AI model providers may process request content transiently to generate responses.
  • No personal data is intentionally submitted. Where supported, privacy-preserving settings are preferred.

9. Limitations and transparency

While AI is used to assist with information retrieval and summarisation:

  • the system may refuse to answer if sufficient evidence is not available
  • answers are constrained by the completeness of the underlying knowledge base
  • AI output should be interpreted as informational, not advisory (no legal/medical/financial advice)

This design prioritises correctness, transparency, and responsible AI usage over conversational breadth.

10. Your rights

If you are located in the EU or Switzerland, you have rights under GDPR / revFADP, including the right to information and deletion.

Because this site does not maintain personal user accounts or identifiable profiles, there is typically no personal data to retrieve or erase.

11. Contact

If you have any questions about privacy or data handling, you can contact:

Piotr Synak
📧 [email protected]

12. Changes to this policy

This policy may be updated if the technical architecture or data handling practices change.

The date at the top indicates the latest revision.