Home
Get Tokens
Upload
×
Login

Privacy Policy


1. Who We Are

The website rozbieracz.pl (the “Service”) is operated by a private administrator registered in Saint Vincent & the Grenadines (“we”, “our”, “us”). We respect your privacy and process personal data in line with the laws of Saint Vincent & the Grenadines and, where relevant, the EU GDPR.

2. Scope

This Policy explains:

* what data we collect;

* how and why we process it;

* the ultra‑short retention periods we apply;

* your rights;

* how to contact us.

3. Data We Collect & Ultra‑Short Retention

Technical session: IP address, user‑agent, time‑stamp, request headers – for routing, security, and abuse prevention. Maximum Retention: ≤ 60 minutes from upload completion.

Upload: Images you submit – for AI processing to create the Output. Maximum Retention: Irreversibly deleted ≤ 60 minutes after processing.

Output: AI‑generated image – for download by you. Maximum Retention: Deleted together with the source image (≤ 60 minutes).

Account (optional): Email, password hash, session token – for authentication. Maximum Retention: Deleted on account closure; otherwise metadata only ≤ 60 minutes after last action.

Payment (optional): Transaction ID / processor token – for billing active subscription. Maximum Retention: Stored only while the account is active; erased on account deletion.

*Full card details are never stored on our servers; payments are handled by PCI‑DSS‑compliant processors.

Core rule: No user‑supplied content or related metadata persists on our servers longer than one hour after processing. System logs roll every 60 minutes.

4. Legal Bases

We rely on:

1. Contractual necessity – to deliver the Service (Art. 6 (1)(b) GDPR).

2. Legitimate interest – transient security logging (Art. 6 (1)(f) GDPR).

3. Legal obligation – minimal bookkeeping for active paid accounts (Art. 6 (1)(c) GDPR).

4. Consent – optional marketing (Art. 6 (1)(a) GDPR).

5. Cookies & Tracking

Essential session cookie: expires when you close the browser or after 60 minutes of inactivity.

No third-party tracking cookies. Basic, in-house page-view metrics are aggregated in real time; raw events are purged hourly.

6. Security

TLS 1.3 in transit; AES-256 at rest (during the ≤ 60 min window).

Access to servers protected by VPN, MFA, role-based controls.

Automated purge jobs every 10 minutes enforce the 60-minute deletion rule.

Annual external penetration tests.

7. Sharing & Transfers

Edge CDN / hosting: Content delivery. Data-processing agreements; hourly purge.

Payment processor: Subscription billing. No card data stored locally.

Law-enforcement: Child-safety or court order. Formal request required; data may already be erased due to 60-min policy.

Primary servers are in the EU; standard contractual clauses secure any cross-border transfer.

8. Your Rights

Within legal limits you may:

Access / portability: Possible within 60 minutes post-upload.

Erasure: Auto-fulfilled after 60 minutes; you can trigger immediate deletion.

Rectification / restriction / objection: Applies to account or billing data.

Withdraw consent: Opt-out of marketing at any time.

Contact [email protected]; we respond within 30 days (typically 24h).

9. Children’s Privacy

We never knowingly process images of minors. Suspected child content triggers instant account ban and a report to law-enforcement; residual data is locked for authorities, then wiped.

10. Policy Changes

Material updates will be announced on the homepage 7 days in advance. Continued use after the effective date equals acceptance.

11. Contact

For privacy questions or requests, email [email protected].