This is a courtesy translation. In case of any discrepancy, the Polish-language version of this document is legally binding.

Oczep.pl privacy and cookie policy

Version 1.0 — effective from 8 July 2026.

1. Data controller

The controller of personal data processed in the Oczep.pl service (https://oczep.pl and https://app.oczep.pl — the “Service”) is [full name / company name — to be completed], [address — to be completed] — the “Controller”.

Contact for personal-data matters: thedarthbartek@gmail.com.

2. What data we process

Providing data is voluntary but necessary to create and use an account.

3. Purposes and legal bases of processing

Purpose Legal basis (GDPR)
Creating and running the account, providing the Service (projects, cut plan, exports) Art. 6(1)(b) — performance of a contract
Sending transactional emails (address verification, account notifications) Art. 6(1)(b) — performance of a contract
Ensuring security, error diagnostics, server logs Art. 6(1)(f) — legitimate interest of the Controller
Handling complaints and correspondence Art. 6(1)(b) or (f)
Payment settlement — after payments are launched (currently inactive) Art. 6(1)(b) and (c)

We do not run marketing, do not profile users and do not make automated decisions producing legal effects.

4. Data recipients

We entrust data only to entities necessary for the Service to operate:

We do not sell data and do not share it with other entities, unless such an obligation results from the law.

5. Retention period

Note: the Service is in a development phase (beta) — test data may be cleared periodically, which we try to announce in advance.

6. Your rights

You have the right to: access your data, rectify it, erase it, restrict processing, data portability and object to processing based on legitimate interest. To exercise these rights, write to the Controller’s contact address.

You can request deletion of your account at any time by email — we do not require a reason.

You also have the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, https://uodo.gov.pl).

7. Cookies and similar technologies

The Service uses only cookies and technologies necessary for the service to work. We do not use analytics, marketing or third-party cookies — which is why we do not display a cookie consent banner: under the Polish Electronic Communications Law, storing information necessary to provide the service requested by the user does not require consent.

Name Type Purpose Period
karkas_refresh httpOnly cookie (app.oczep.pl) keeping the logged-in session (token refresh) 30 days
browser storage (PWA cache / IndexedDB) local storage running the offline “job site” view until browser data is cleared

The information site (https://oczep.pl) does not set any cookies.

If we introduce analytics or marketing tools in the future, we will update this policy and — where required — ask for consent.

8. Security

We apply technical and organizational measures appropriate to the risk, in particular: encryption of transmission (HTTPS), storing passwords only as hashes, session tokens in an httpOnly cookie inaccessible to scripts, and restricting access to the infrastructure.

9. Changes to the policy

We will inform you of significant changes to this policy by email or by a notice in the Service. The current version is always available in the Service.