This is an English translation provided for convenience. The Polish version is the legally authoritative text.
Legal document
Privacy Policy
Last updated: June 17, 2026
1. Data controller
The data controller is the owner of the Paczesny Analytics service (the "Service"), available at analytics.blonie.cloud. For matters concerning privacy and data protection, you can write to bartek@paczesny.pl.
2. Data we process
Account data. Email address and authentication credentials (a hashed password, optionally MFA) necessary to create and secure your account.
Analytics data (cookieless). For the sites you connect, we collect visit events without cookies and without personal data. The visitor identifier is computed server-side as sha256(siteId + ip + user-agent + daily salt) — the IP address is never stored, and the identifier cannot track the same person across days. We keep raw events for up to 30 days, and afterwards only aggregated data.
Google Search Console data. If you choose to connect your Google account, we read the performance statistics of your verified sites in Search Console (clicks, impressions, CTR, average position — broken down by query, page, country and device).
3. Google Search Console — data scope and use
The Google connection uses only the read-only scope https://www.googleapis.com/auth/webmasters.readonly. We do not modify any of your site's settings in Search Console.
The fetched data serves a single purpose: presenting your search statistics in the Service's dashboard. We do not use it for advertising, do not share it with third parties, and do not use it to train models.
Paczesny Analytics's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
The OAuth refresh token is stored encrypted (AES-256-GCM). You can revoke access at any time — by disconnecting the integration in the Service's settings or in your Google account settings.
4. Storage and security
Data is stored in a self-hosted database (Appwrite) on a server under our control. We use connection encryption (TLS), encryption of sensitive tokens, and we restrict data access exclusively to the account owner.
5. Cookies
The analytics tracker uses no cookies or other tracking techniques. The only cookie we use is a technical session token required to keep you signed in to the dashboard.
6. Recipients and processors
We do not sell or exchange data. We use the services of the following providers solely for the operation of the Service:
- Google (Search Console API and PageSpeed Insights / CrUX) — retrieving performance data and speed metrics for your sites,
- Groq — generating funnel suggestions based on aggregated, non-personal event paths.
7. Your rights
You have the right to access, rectify, delete, and object to the processing of your data (GDPR). You can disconnect the Google integration, delete connected sites or your entire account at any time. For these matters, write to bartek@paczesny.pl.
8. Policy changes
We may update this policy. We signal significant changes with the "Last updated" date at the top of the page.