Privacy Policy

Implementation note: This document requires completion of the data protection contact email, effective date, and the current list of subprocessors handling personal data.

Legal note: This document is a draft prepared for further verification. Consultation with a lawyer familiar with applicable data protection law is recommended before publication.

§1. General Provisions

1. This Privacy Policy sets out the rules for the processing and protection of personal data of users of the website available at www.thefreemoji.com (the "Service").

2. The data controller is JAKUB SZLOSEK - FREEMOJI PROSTA SPÓŁKA AKCYJNA, ul. Złotnicka 28/---, 54-029 Wrocław, Poland, registered in the entrepreneurs register under KRS number 0001126579, Tax ID (NIP) 6351872421 (the "Controller").

3. The Controller can be contacted regarding personal data protection matters at: hello@rebenagesta.com or by phone: +48 654 456 546.

4. The Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and applicable provisions of Polish law.

§2. Definitions

1. "Service" - the website available at www.thefreemoji.com.

2. "User" or "Client" - a natural person whose personal data is processed in connection with the use of the Service.

3. "BetterMessage Service" - a service consisting of analyzing correspondence or other text materials submitted by the Client.

4. "Materials" - emails, correspondence exports, PDF files, messenger messages, text documents, correspondence screenshots, or other content submitted by the Client for the purpose of performing the BetterMessage Service.

5. "AI" - IT tools using artificial intelligence or language models supporting the provision of services by the Controller.

§3. Scope and Purposes of Personal Data Processing

Personal data of Users is processed for the purposes of:

• concluding and performing agreements for the provision of services or delivery of Digital Products,
• performing the BetterMessage Service,
• handling orders, payments, and billing,
• handling inquiries, complaints, and correspondence with the Client,
• conducting marketing activities for the Controller's own products and services, where the User has given consent,
• fulfilling legal obligations, including tax and accounting obligations,
• establishing, pursuing, or defending against claims,
• ensuring the security of the Service and preventing abuse.

§4. Legal Bases for Processing

Personal data is processed on the basis of:

• Article 6(1)(b) GDPR - processing necessary for the performance of a contract,
• Article 6(1)(c) GDPR - processing necessary for compliance with a legal obligation,
• Article 6(1)(f) GDPR - the Controller's legitimate interest, in particular marketing of its own services and establishing and pursuing claims,
• Article 6(1)(a) GDPR - the User's consent, in particular for cookies used for purposes other than strictly technical ones.

§5. Categories of Personal Data Processed

• identification and contact data: first name, last name, email address, phone number,
• order, payment, and billing data,
• technical data: IP address, device identifiers, browser data, cookies,
• content of correspondence with the Controller,
• Materials submitted for the performance of the BetterMessage Service.

§6. Materials Submitted for the BetterMessage Service

1. As part of the BetterMessage Service, the Client may submit Materials to the Controller containing personal data, including personal data of third parties to whom the submitted correspondence relates.

2. The Client is solely responsible for the legality of submitting Materials, including having an appropriate legal basis for disclosing third-party data to the Controller.

3. The Controller recommends that, before submitting Materials, the Client remove or anonymize data that is not necessary to perform the BetterMessage Service, in particular special category data within the meaning of Article 9 GDPR.

4. Detailed rules for submitting and processing Materials are set out in the Service's Terms of Service.

§7. Use of Artificial Intelligence

1. The Controller may use AI tools, including external providers, in particular OpenAI and Anthropic, to support the analysis of Materials as part of the BetterMessage Service.

2. Data submitted to AI tools is processed under settings and plans which, according to these providers' declarations, do not provide for the use of the Client's input data to train these providers' models.

3. The output of AI tools is reviewed, edited, or supervised by the Controller's personnel before being delivered to the Client.

4. The Controller does not use Client Materials to sell personal data, share data with data brokers, or conduct behavioral advertising based on the content of submitted correspondence.

§8. Data Recipients

Personal data may be transferred to entities cooperating with the Controller, in particular:

• hosting providers,
• payment system providers,
• email service providers,
• AI tool providers, in particular OpenAI and Anthropic,
• entities providing accounting and legal services,
• public authorities, where required by applicable law.

§9. Transfer of Data Outside the European Economic Area

1. Where personal data is transferred outside the European Economic Area, the Controller ensures an adequate level of data protection, in particular based on an adequacy decision of the European Commission, the recipient's participation in the EU-U.S. Data Privacy Framework, standard contractual clauses, or another appropriate safeguard provided by law.

2. The User may obtain a copy of the relevant data protection safeguards by contacting the Controller.

§10. Data Retention Period

1. Materials submitted for the performance of the BetterMessage Service are stored for no longer than 90 days from the date of service performance, unless earlier deletion is possible and requested by the Client, or a longer retention period is required by law, accounting obligations, security, or the need to establish, pursue, or defend against claims.

2. After the specified period, Materials are deleted or anonymized.

3. Data related to the conclusion of an agreement, accounting documentation, and complaint-related correspondence are stored for the period required by applicable law.

4. Data processed on the basis of consent is stored until the consent is withdrawn.

§11. Cookies and Similar Technologies

1. The Service uses cookies and similar technologies to ensure the proper functioning of the Service, analyze traffic, and, with the User's consent, for marketing purposes.

2. The User can manage cookie settings using the consent banner available in the Service and the settings of their web browser.

3. Disabling certain cookies may limit the functionality of the Service.

§12. Rights of Data Subjects

The User has the right to:

• access their personal data,
• rectify their personal data,
• erase their personal data ("right to be forgotten"),
• restrict the processing of their personal data,
• data portability,
• object to the processing of their personal data,
• withdraw consent at any time, without affecting the lawfulness of processing carried out before its withdrawal,
• lodge a complaint with the President of the Personal Data Protection Office (or another competent supervisory authority) if the User considers that the processing of their data violates the law.

§13. Automated Decision-Making

1. Analyses prepared as part of the BetterMessage Service are supportive, informational, and educational in nature.

2. The Controller does not make decisions producing legal effects or similarly significantly affecting Clients or third parties based solely on automated processing, including profiling.

§14. Data Security

1. The Controller applies appropriate technical and organizational measures to ensure the security of processed personal data, including protection against unauthorized access, loss, or destruction of data.

2. Access to personal data, including Materials, is granted only to persons authorized by the Controller, to the extent necessary to perform their assigned tasks.

§15. Changes to the Privacy Policy

1. The Controller may amend this Privacy Policy in the event of changes in law, changes in the Service's functionality, changes of technology providers significant to the provision of services, or other justified reasons.

2. The Controller informs about changes to the Privacy Policy by publishing a new version in the Service.

§16. Contact and Complaints

1. Any questions, requests, or demands regarding the processing of personal data may be submitted to: hello@rebenagesta.com.

2. The Controller handles such requests without undue delay, no later than within the time limits provided by GDPR.

§17. Final Provisions

1. This Privacy Policy is available in the Service free of charge, in a manner enabling its downloading, recording, and printing.

2. This Privacy Policy is effective from: [INSERT DATE].