iPomagaj Trusted local support for everyday care
Legal document

Privacy Policy of iPomagaj.pl

Information about how personal data is processed in connection with the use of iPomagaj.pl.

Version 1.0 | Last updated: 2026-05-03

1. Data Controller

The data controller is BITS, Warsaw, Polska, contact@ipomagaj.pl.

This Privacy Policy explains how personal data is processed in connection with the use of iPomagaj.pl.

2. Categories of Personal Data

Depending on how the Platform is used, personal data may include:

  • identification data, such as first name and last name,
  • contact data, such as email address and optional phone number,
  • location and profile data, such as city, postal code, or service area,
  • account data, such as login details, role, and account status,
  • selected service categories,
  • provider profile data, including bio, experience summary, and availability notes,
  • a profile photo, if uploaded,
  • contact request and communication metadata,
  • technical data, such as IP address, user agent, logs, and cookie consent records.

3. Purposes of Processing

  • account creation and management,
  • authentication, security, and fraud prevention,
  • enabling seeker-provider matching,
  • displaying provider profiles to seekers,
  • handling contact requests and internal platform communication,
  • operating, maintaining, and improving the Platform,
  • compliance with legal obligations,
  • handling complaints, support requests, and operational inquiries.

4. Legal Bases

  • Art. 6(1)(b) GDPR: performance of a contract or provision of account and platform services,
  • Art. 6(1)(f) GDPR: legitimate interests such as security, fraud prevention, platform operation, and complaint handling,
  • Art. 6(1)(c) GDPR: compliance with legal obligations where applicable,
  • Art. 6(1)(a) GDPR: consent, for example for optional cookies or optional communications where required.

5. Voluntary Nature of Data

Providing the data required to create and maintain an account is voluntary, but necessary to use registered features of the Platform. Some data, such as a phone number or profile photo, may be optional. Failure to provide required data may prevent account creation or limit the use of certain Platform functions.

6. Sharing of Data with Other Users

  • Limited profile information may be visible to other registered users where necessary for matching or contact.
  • Provider profiles may be shown to seekers.
  • Seeker details may be shown to providers only to the extent allowed by the Platform’s contact and request functionality.
  • Direct contact details should only be shared in accordance with the Platform’s intended functionality.

7. Processors and Service Providers

Personal data may be processed by service providers supporting the operation of the Platform, including:

  • hosting and infrastructure providers,
  • email or SMS providers if enabled,
  • payment processors if paid features are introduced in the future,
  • technical maintenance and support providers,
  • analytics providers only where valid consent has been given.

8. Cookies and Similar Technologies

  • Necessary cookies are used for login, session management, and platform security.
  • Non-essential cookies, such as analytics or marketing cookies, are used only with consent.
  • Cookie preferences may be changed through the cookie settings made available on the Platform.

9. International Transfers

Data may be processed outside the EEA if infrastructure or service providers are located outside the EU. Where this happens, transfers should rely on appropriate GDPR safeguards, such as adequacy decisions, standard contractual clauses, or other valid transfer mechanisms.

10. Retention

Personal data may be retained:

  • for as long as the account exists,
  • for as long as needed to provide platform services,
  • for periods justified by security needs, complaint handling, legal claims, or tax and accounting obligations where applicable,
  • for consent records, as needed to demonstrate compliance.

After relevant retention periods expire, data may be deleted or anonymized where appropriate.

11. User Rights

Users have the right to:

  • access personal data,
  • rectify personal data,
  • erase personal data,
  • restrict processing,
  • object to processing,
  • data portability where applicable,
  • withdraw consent where processing is based on consent,
  • lodge a complaint with the competent supervisory authority.

President of the Personal Data Protection Office (UODO)
ul. Stawki 2
00-193 Warsaw, Poland
uodo.gov.pl

12. Security

The Platform applies technical and organizational measures appropriate to the level of risk, which may include HTTPS, access controls, password hashing, CSRF protection, and security logging where applicable.

Users are also responsible for protecting their login credentials and using their accounts securely.

13. Children

The Platform is not intended for children. If personal data relating to a child is provided without an appropriate legal basis, the data may be deleted or restricted in line with applicable law.

14. Changes to this Policy

This Privacy Policy may be updated from time to time. The current version number and last updated date are shown on this page.

15. Contact

Questions about personal data processing may be sent to: contact@ipomagaj.pl

Cookies

We use necessary cookies for login, session handling, and portal security. Optional analytics and marketing cookies are used only if you give consent.

Privacy Policy

Customize