PRIVACY POLICY

The following privacy policy (hereinafter: "Privacy Policy") applies to the websites and dedicated mobile applications (hereinafter: "Services" and "Applications", respectively) of Vocapp Sp. z o.o.

Administrator of personal data

The administrator of Users' personal data (hereinafter referred to as Service Provider) is Vocapp Sp. z o.o. with its registered office in Warsaw, 8/58 R. Mielczarskiego Street, 02-798 Warsaw, NIP: 9512457919, REGON: 369727696, KRS: 0000723917 (District Court for the Capital City of Warsaw in Warsaw, 13th Commercial Division of the National Court Register).

Contact

If you have any questions about your account, how the service works, or need assistance, please send an email to: fiszkoteka@fiszkoteka.pl


If you have any questions about this Privacy Policy or our use of Users' personal information, etc., please contact us at the following email address: dane@fiszkoteka.pl


We may need to authenticate the identity of a User who submits a request for assistance before processing the request, for the sake of their and our security.

Data collection

We collect data about you when you use our Services and Applications or create an account on one of our Services or Applications.

Data provided when Users create an account

When you create an account, we ask you to provide the following data:

- email address,

- account name (login) - visible to the public,

- access password.

Optional account data provided by Users.

After creating an account, you can complete your profile with optional data:

- user’s image (avatar) - publicly visible,

- first and last name.


If you log in to the service or create an account through an external service, for example, Facebook or Google, we obtain from such service your account ID on such service, first name, last name, and email address.

Content sent by you

While you are using our Services, we collect and process the following data:

- the history of orders and payments made on the Services and Applications, including the data of the depositor (in the case of payments to our bank account, these are name, address, bank account number),

- communications with you directed to us via email, contact form, social networks,

- IP addresses and information about the devices through which you use our services,

- your history of use of the Services and Applications,

- your learning history (including information about vocabulary words you have studied, repetitions you have performed, words and grammatical constructions you have learned),

- comments of Users left on the Services,

- displays of advertisements and content and interaction with them,

- content, lists of vocabulary and grammatical items or image sent by the user, as well as other content you store on the Services and Applications.

Logs

When you use the Services and Applications, each time a request is sent to the Service Provider's server, the following information may be recorded:

- the date and time the request was sent,

- the content and status of the request (for example, the URL of the visited page with the attached parameters),

- IP address of the computer from which the request was sent,

- amount of data sent in response,

- headers sent by the User's device (specifying, among other things, the browser, operating system, language set, page from which the redirection was made, content of cookies).

Cookies, browser memory, and device cache

We use mechanisms such as cookies, browser local storage (for example, Web Storage) or device memory (in the case of Applications), which can store both the data necessary to provide the requested service (for example, your session data, preferences and settings) and additional information such as unique identifiers or temporary data to speed up the loading of content.


We also use cookies to store a unique identifier for the operation of the Remember Me function so that you do not have to log in to the Services each time from a particular browser/app on a particular device, unless you log out in the meantime using the Logout button, the cookies do not expire/are not deleted by you and you change your account password in the meantime.


If you do not agree with the placement of such data on the device you are using, you can modify your browser settings accordingly. Restricting the use of the mentioned mechanisms may affect the functionalities available on the Services. With the help of appropriate browser settings, it is also possible to delete previously saved data.

Pixel tags

We use pixel tags, i.e. elements placed, for example, in an email message or in the code of a website, which allow us to monitor activity such as opening an email message or viewing a given page.

Data in the Applications obtained by third parties

To achieve a better experience, when using the Service Provider's services, the Applications use the services of the following third parties that may collect information used to identify you:

AdMob

Firebase

Freshworks

Google Play Services

Google Analytics for Firebase

Firebase Crashlytics

Facebook

PayU

Purpose, legal basis and duration of data processing

We process your personal data only if we have a legal basis for doing so.


The purposes of data processing under Article 6(1)(b) of the GDPR (processing necessary for the performance of a contract to which you are a party, or to take action at your request before entering into a contract):

- to conclude and perform the contract between us, including maintaining your account on the site and processing payments,

- providing quality services, maintaining the operation of the services, resolving technical problems,

- sending message notifications related to transactions made and subscriptions ending,

- settling the contract after its termination.


Purposes of data processing under Article 6(1)(c) of the GDPR (fulfillment of legal obligations incumbent upon us):

- accounting and tax settlement,

- storage of accounting documents for the time required by law,

- handling complaints,

- storage of change history to ensure accountability of processed personal data.


Purposes of data processing under Article 6(1)(f) GDPR (our legitimate interest):

- handling of requests you direct to us, for example via email, contact form,

- monitoring activity on the Services and Applications in order to develop the services provided and improve the user experience,

- using partners that provide us with the content and software necessary to provide our services,

- making improvements to existing services and products,

- developing new services and products,

- conducting statistical analysis,

- offering better-tailored content,

- tailoring advertisements that allow us to offer some services free of charge,

- ensuring security, detecting abuse, enforcing legal claims.


We keep the information for no longer than is necessary for the purposes for which the data are processed, in particular for the period in which we are obliged to keep the data or fulfill other obligations provided by law or for the period of the statute of limitations for claims.

Entrusting the processing of personal data to other entities

We entrust the processing of your personal data to:

- entities providing infrastructure solutions, IT systems, providing hosting services, handling email,

- entities handling payments,

- entities providing accounting and tax settlements,

- entities providing us with legal or consulting services,

- partners promoting our services.


We may transfer your personal data to public authorities upon their authorized request.


Entrusting data processing to companies outside the European Union

We may share data with entities in various countries, including those with headquarters outside the European Economic Area. Data protection regulations in these differ from those in the European Union, but we require all providers to process entrusted data securely and in accordance with EU data protection law. We apply the standard measures set forth in EU law - primarily the relevant contractual clauses.

Entitlements

You are entitled to:

- access your personal data and receive a copy of the personal data being processed;

- to rectify your inaccurate data;

- request the erasure of your data in the circumstances provided for in Article 17 of the GDPR;

- request the restriction of data processing in the cases indicated in Article 18 GDPR;

- to object to the processing of your data in the cases indicated in Article 21 GDPR;

- to transfer the data provided;

- the right to lodge a complaint to the supervisory authority (President of the Office for Personal Data Protection).


The possibility of exercising the above rights may depend on the legal basis for our use of your data and the purpose of its processing.


You can view or modify most of the personal data associated with your account on the Account Settings page. There is also a function there by which you can request the deletion of your account.

Changes to the Privacy Policy

The Service Provider guarantees that they may update this Privacy Policy at any time. In such case, a relevant notice will be made available on the Services and Applications.