Privacy and Personal Data Protection Policy

Identification and Contact Data

During account registration, we collect basic information such as first name, last name, e-mail address, phone number, and date of birth. Age verification is an absolute legal requirement in Poland – access to the platform is permitted only for individuals aged 18 or over. This data allows us to create a unique user profile, ensure secure access to services, and enable quick technical communication.

Technical Data and System Logs

During every interaction with the service, our servers automatically record technical data such as IP address, device type, browser version, operating system, and session duration. This information is essential for monitoring platform stability, detecting potential hacking attempts, and optimizing content display according to the user's hardware technical specifications.

Usage and Interaction Data

We process information about which features you use most often, how long you stay in particular sections of the service, and what actions you take. If you use services requiring financial settlements, we also process data on transaction status, although detailed payment data is usually isolated and handled by certified payment operators to ensure the highest level of financial protection.

Data processing on our platform is carried out in accordance with Art. 6 GDPR and is based on the following foundations:

• Contract performance: When data is necessary for the provision of services chosen by the user.
• Legal obligation: When Polish regulations require us to verify identity, age, or report specific events.
• Legitimate interest: To ensure network security, prevent fraud, and improve our technical tools.
• User consent: For voluntary additional services, such as subscribing to newsletters.

We use the collected data for:

• Proper management of your account and verification of entitlements.
• Ensuring efficient technical support and resolving user-reported issues.
• Analyzing service performance to introduce innovations and ergonomic improvements.
• Protection against cyber threats and actions violating the platform's regulations.
• Fulfilling regulatory requirements regarding transparency and reporting in Poland.

We store personal data only for the period necessary to achieve the purposes for which it was collected, or for the time required by Polish law (e.g., tax regulations, statute of limitations for claims). After the retention period, data is permanently and securely deleted or subjected to an anonymization process that prevents re-attribution of information to a specific individual.

We never sell or rent our users' data to commercial entities. Information may only be transferred to trusted technical service providers (e.g., server operators, IT companies managing security systems) who act on our behalf based on data processing agreements. In situations provided by law, we may be obliged to share data with Polish law enforcement agencies or other authorized state institutions.

Most processing operations take place within the European Economic Area. In exceptional cases, when we use global technology providers, data may be transferred outside the EEA. In such situations, we always apply standard contractual clauses approved by the European Commission and additional technical safeguards to guarantee a level of data protection equivalent to GDPR standards.

We apply advanced technical measures to protect data against accidental destruction, loss, unauthorized modification, or access by third parties. These include:

• Encryption of connections using SSL/TLS certificates.
• Intrusion detection and prevention systems (IDS/IPS).
• Regular security audits and penetration tests.
• Restrictive access control for employees, based on the principle of least privilege. The user is also responsible for the security of their data by using strong passwords and not sharing login details with unauthorized persons.

In accordance with GDPR regulations, every user has a number of rights that can be exercised by contacting us directly:

• Right of access to data content: You can receive information about what data we process.
• Right to rectification: You have the right to correct inaccurate or outdated information.
• Right to erasure ("right to be forgotten"): In specific cases, you can request permanent deletion of data.
• Right to restriction of processing: You can request the suspension of operations on your data in specific circumstances.
• Right to data portability: You can receive your data in a structured format.
• Right to object: You have the right to object to data processing based on legitimate interests.

To exercise your rights or clarify doubts regarding data processing, please contact us by email at: [email protected]. Each request is analyzed individually, and we respond without undue delay, no later than one month from receiving the request.

Our approach to data protection evolves with the development of the platform. Any changes to this policy will be published immediately on this page. We recommend regularly reviewing the document to stay updated on the protection of your rights and personal information.