diff --git a/app.py b/app.py
index cf72f81..a592b8f 100644
--- a/app.py
+++ b/app.py
@@ -4064,6 +4064,37 @@ def settings_2fa():
         db.close()
 
 
+@app.route('/settings/privacy', methods=['GET', 'POST'])
+@login_required
+def settings_privacy():
+    """Privacy settings - control visibility of phone and email"""
+    db = SessionLocal()
+    try:
+        user = db.query(User).get(current_user.id)
+
+        if request.method == 'POST':
+            # Update privacy settings
+            user.privacy_show_phone = request.form.get('show_phone') == 'on'
+            user.privacy_show_email = request.form.get('show_email') == 'on'
+            db.commit()
+
+            logger.info(f"Privacy settings updated for user: {user.email}")
+            flash('Ustawienia prywatności zostały zapisane.', 'success')
+            return redirect(url_for('settings_privacy'))
+
+        return render_template('settings/privacy.html',
+                               user=user,
+                               show_phone=user.privacy_show_phone if user.privacy_show_phone is not None else True,
+                               show_email=user.privacy_show_email if user.privacy_show_email is not None else True)
+
+    except Exception as e:
+        logger.error(f"Privacy settings error: {e}")
+        flash('Wystąpił błąd.', 'error')
+        return redirect(url_for('dashboard'))
+    finally:
+        db.close()
+
+
 @app.route('/forgot-password', methods=['GET', 'POST'])
 @limiter.limit("5 per hour")
 def forgot_password():
diff --git a/database.py b/database.py
index c0ea49d..99a27ea 100644
--- a/database.py
+++ b/database.py
@@ -215,6 +215,10 @@ class User(Base, UserMixin):
     totp_enabled = Column(Boolean, default=False)
     totp_backup_codes = Column(StringArray, nullable=True)  # Emergency backup codes
 
+    # Privacy settings
+    privacy_show_phone = Column(Boolean, default=True)  # If FALSE, phone hidden from other users
+    privacy_show_email = Column(Boolean, default=True)  # If FALSE, email hidden from other users
+
     # Relationships
     conversations = relationship('AIChatConversation', back_populates='user', cascade='all, delete-orphan')
     forum_topics = relationship('ForumTopic', back_populates='author', cascade='all, delete-orphan', primaryjoin='User.id == ForumTopic.author_id')
diff --git a/database/migrations/028_add_user_privacy_settings.sql b/database/migrations/028_add_user_privacy_settings.sql
new file mode 100644
index 0000000..23fefa9
--- /dev/null
+++ b/database/migrations/028_add_user_privacy_settings.sql
@@ -0,0 +1,14 @@
+-- Migration: Add privacy settings to users table
+-- Date: 2026-01-28
+-- Description: Adds fields to control visibility of phone and email in user profile
+
+-- Add privacy columns to users table
+ALTER TABLE users ADD COLUMN IF NOT EXISTS privacy_show_phone BOOLEAN DEFAULT TRUE;
+ALTER TABLE users ADD COLUMN IF NOT EXISTS privacy_show_email BOOLEAN DEFAULT TRUE;
+
+-- Comment for documentation
+COMMENT ON COLUMN users.privacy_show_phone IS 'If FALSE, phone number is hidden from other users';
+COMMENT ON COLUMN users.privacy_show_email IS 'If FALSE, email is hidden from other users';
+
+-- Grant permissions
+GRANT SELECT, UPDATE ON users TO nordabiz_app;
diff --git a/templates/base.html b/templates/base.html
index b6d5d28..1306239 100755
--- a/templates/base.html
+++ b/templates/base.html
@@ -1042,6 +1042,13 @@
                                     <span class="user-menu-badge" id="userMenuUnreadBadge" style="display: none;">0</span>
                                 </a>
                                 <div class="user-menu-divider"></div>
+                                <a href="{{ url_for('settings_privacy') }}" class="user-menu-item">
+                                    <svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M10.325 4.317c.426-1.756 2.924-1.756 3.35 0a1.724 1.724 0 002.573 1.066c1.543-.94 3.31.826 2.37 2.37a1.724 1.724 0 001.065 2.572c1.756.426 1.756 2.924 0 3.35a1.724 1.724 0 00-1.066 2.573c.94 1.543-.826 3.31-2.37 2.37a1.724 1.724 0 00-2.572 1.065c-.426 1.756-2.924 1.756-3.35 0a1.724 1.724 0 00-2.573-1.066c-1.543.94-3.31-.826-2.37-2.37a1.724 1.724 0 00-1.065-2.572c-1.756-.426-1.756-2.924 0-3.35a1.724 1.724 0 001.066-2.573c-.94-1.543.826-3.31 2.37-2.37.996.608 2.296.07 2.572-1.065z"/>
+                                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 12a3 3 0 11-6 0 3 3 0 016 0z"/>
+                                    </svg>
+                                    Ustawienia
+                                </a>
                                 <a href="{{ url_for('release_notes') }}" class="user-menu-item">
                                     <svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24">
                                         <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-3 7h3m-3 4h3m-6-4h.01M9 16h.01"/>
diff --git a/templates/settings/privacy.html b/templates/settings/privacy.html
new file mode 100644
index 0000000..0e6dd5b
--- /dev/null
+++ b/templates/settings/privacy.html
@@ -0,0 +1,236 @@
+{% extends "base.html" %}
+
+{% block title %}Ustawienia prywatności - Norda Biznes Partner{% endblock %}
+
+{% block extra_css %}
+<style>
+    .settings-header {
+        margin-bottom: var(--spacing-xl);
+    }
+
+    .settings-header h1 {
+        font-size: var(--font-size-3xl);
+        color: var(--text-primary);
+        margin-bottom: var(--spacing-sm);
+        display: flex;
+        align-items: center;
+        gap: var(--spacing-md);
+    }
+
+    .settings-header p {
+        color: var(--text-secondary);
+        font-size: var(--font-size-lg);
+    }
+
+    .settings-card {
+        background: white;
+        border-radius: var(--radius-lg);
+        padding: var(--spacing-xl);
+        border: 1px solid var(--border-color);
+        box-shadow: var(--shadow);
+        margin-bottom: var(--spacing-lg);
+    }
+
+    .settings-card h2 {
+        font-size: var(--font-size-xl);
+        color: var(--text-primary);
+        margin-bottom: var(--spacing-md);
+        padding-bottom: var(--spacing-md);
+        border-bottom: 1px solid var(--border-color);
+    }
+
+    .setting-item {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        padding: var(--spacing-md) 0;
+        border-bottom: 1px solid var(--border-light);
+    }
+
+    .setting-item:last-child {
+        border-bottom: none;
+    }
+
+    .setting-info {
+        flex: 1;
+    }
+
+    .setting-label {
+        font-weight: 600;
+        color: var(--text-primary);
+        margin-bottom: var(--spacing-xs);
+    }
+
+    .setting-description {
+        font-size: var(--font-size-sm);
+        color: var(--text-secondary);
+    }
+
+    .toggle-switch {
+        position: relative;
+        width: 50px;
+        height: 26px;
+        flex-shrink: 0;
+        margin-left: var(--spacing-md);
+    }
+
+    .toggle-switch input {
+        opacity: 0;
+        width: 0;
+        height: 0;
+    }
+
+    .toggle-slider {
+        position: absolute;
+        cursor: pointer;
+        top: 0;
+        left: 0;
+        right: 0;
+        bottom: 0;
+        background-color: #ccc;
+        transition: 0.3s;
+        border-radius: 26px;
+    }
+
+    .toggle-slider:before {
+        position: absolute;
+        content: "";
+        height: 20px;
+        width: 20px;
+        left: 3px;
+        bottom: 3px;
+        background-color: white;
+        transition: 0.3s;
+        border-radius: 50%;
+    }
+
+    input:checked + .toggle-slider {
+        background-color: var(--success);
+    }
+
+    input:checked + .toggle-slider:before {
+        transform: translateX(24px);
+    }
+
+    .info-banner {
+        background: linear-gradient(135deg, #e0f2fe 0%, #bae6fd 100%);
+        border: 1px solid #7dd3fc;
+        border-radius: var(--radius-lg);
+        padding: var(--spacing-lg);
+        margin-bottom: var(--spacing-xl);
+        display: flex;
+        align-items: flex-start;
+        gap: var(--spacing-md);
+    }
+
+    .info-banner svg {
+        width: 24px;
+        height: 24px;
+        color: #0284c7;
+        flex-shrink: 0;
+    }
+
+    .info-banner .info-text {
+        color: #0369a1;
+        font-size: var(--font-size-sm);
+    }
+
+    .btn-save {
+        margin-top: var(--spacing-lg);
+    }
+
+    .settings-nav {
+        display: flex;
+        gap: var(--spacing-md);
+        margin-bottom: var(--spacing-xl);
+        flex-wrap: wrap;
+    }
+
+    .settings-nav a {
+        padding: var(--spacing-sm) var(--spacing-md);
+        border-radius: var(--radius-md);
+        text-decoration: none;
+        color: var(--text-secondary);
+        background: var(--bg-secondary);
+        transition: all 0.2s;
+    }
+
+    .settings-nav a:hover {
+        background: var(--bg-tertiary);
+        color: var(--text-primary);
+    }
+
+    .settings-nav a.active {
+        background: var(--primary);
+        color: white;
+    }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="settings-header">
+    <h1>
+        <svg width="32" height="32" fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24" style="color: var(--primary);">
+            <path d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z"/>
+        </svg>
+        Ustawienia prywatności
+    </h1>
+    <p>Kontroluj, które Twoje dane kontaktowe są widoczne dla innych użytkowników</p>
+</div>
+
+<div class="settings-nav">
+    <a href="{{ url_for('settings_privacy') }}" class="active">Prywatność</a>
+    <a href="{{ url_for('settings_2fa') }}">Uwierzytelnianie 2FA</a>
+</div>
+
+<div class="info-banner">
+    <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24">
+        <path d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"/>
+    </svg>
+    <div class="info-text">
+        Poniższe ustawienia kontrolują widoczność Twoich danych osobowych w portalu.
+        Dane Twojej firmy są zarządzane osobno w profilu firmy.
+    </div>
+</div>
+
+<form method="POST" action="{{ url_for('settings_privacy') }}">
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
+
+    <div class="settings-card">
+        <h2>Widoczność danych kontaktowych</h2>
+
+        <div class="setting-item">
+            <div class="setting-info">
+                <div class="setting-label">Pokaż numer telefonu</div>
+                <div class="setting-description">
+                    Twój numer telefonu ({{ user.phone or 'nie podano' }}) będzie widoczny dla innych członków
+                </div>
+            </div>
+            <label class="toggle-switch">
+                <input type="checkbox" name="show_phone" {% if show_phone %}checked{% endif %}>
+                <span class="toggle-slider"></span>
+            </label>
+        </div>
+
+        <div class="setting-item">
+            <div class="setting-info">
+                <div class="setting-label">Pokaż adres email</div>
+                <div class="setting-description">
+                    Twój adres email ({{ user.email }}) będzie widoczny dla innych członków
+                </div>
+            </div>
+            <label class="toggle-switch">
+                <input type="checkbox" name="show_email" {% if show_email %}checked{% endif %}>
+                <span class="toggle-slider"></span>
+            </label>
+        </div>
+    </div>
+
+    <button type="submit" class="btn btn-primary btn-save">
+        <svg width="16" height="16" fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24" style="margin-right: 6px;">
+            <path d="M5 13l4 4L19 7"/>
+        </svg>
+        Zapisz ustawienia
+    </button>
+</form>
+{% endblock %}
