Privacy and Personal Data Protection Policy

Identification and Contact Data During the account registration and verification process, we collect information such as first name, last name, email address, phone number, and exact date of birth. Age verification is an absolute legal requirement in Poland – access to the platform is allowed only for individuals over 18 years of age. This data is necessary to create a secure profile and ensure authorized access to services.

Technical Data and System Logs We automatically record data such as IP address, device type, operating system, browser version, and unique hardware identifiers. This information is critical for monitoring platform stability, preventing cyber attacks, and optimizing content display according to the end-user's device technical specifications.

Activity and Transaction Data We process information about how the service is used, login sessions, time spent in individual sections, and the status of completed technical operations. When using services requiring billing, we process payment status data through certified third parties.

Personal data processing processes are based on the following legal foundations:

• Contract performance: When data is necessary to provide services requested by the user under the terms and conditions.
• Legal obligation: When Polish regulations impose on us the obligation to verify identity, age, or report specific events.
• Legitimate interest: To ensure network cybersecurity, detect fraud, and improve platform analytical tools.
• User consent: For voluntary additional services, such as subscribing to informational communications.

The collected data is used exclusively for proper user account management, ensuring efficient technical support, analyzing service performance to introduce ergonomic improvements, and protecting against cyber threats. Data may also be used to meet regulatory requirements regarding operational transparency in Poland.

We store personal data only for the period necessary to achieve the purposes for which it was collected, or for the time required by Polish law (e.g., archiving obligations). After this period, the data is permanently and securely deleted from our servers or subjected to an anonymization process that prevents re-assignment of information to a specific individual.

We never sell or rent our users' data to commercial entities. Data may only be transferred to trusted technical service providers (e.g., server operators) who act on our behalf based on data processing entrustment agreements. In situations provided for by law, we may be obliged to provide data to Polish law enforcement authorities.

Most processing operations take place within the European Economic Area. In cases where our technical partners are located outside the EEA, we apply appropriate legal safeguards, such as Standard Contractual Clauses approved by the European Commission, to guarantee a level of data protection consistent with GDPR standards.

We use advanced solutions to protect data against loss, unauthorized access, or modification. Our protocols include SSL/TLS connection encryption, intrusion detection systems, and strict access control for authorized technical personnel, based on the principle of least privilege.

In accordance with the regulations, every user has the right to access their data, rectify it, delete it ("right to be forgotten"), restrict processing, and transfer data to another administrator. The user also has the right to object to processing based on legitimate interest.

To exercise your rights or obtain additional explanations, please contact our data protection team at: [email protected]. We treat every request as a priority and respond within the timeframes provided by law.

This policy is regularly reviewed and updated to adapt it to changes in law and technology. All changes will be published in this section.