woordsy← Back to Home

Privacy Policy

Last Updated: August 16, 2025

1. Introduction

This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our English language learning application (the "Service"). Please read this Privacy Policy carefully.

2. Data Controller

The data controller for your personal information is:

Kamil Kubik

Stanisława Reymonta 3

41-800 Zabrze, Poland

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: Name, email address, password
  • Profile Information: Learning preferences, language proficiency level
  • Content Data: Vocabulary lists, study materials, notes, progress data
  • Payment Information: Billing details (processed by third-party payment processors)
  • Communications: Messages, feedback, and support requests

3.2 Information Collected Automatically

  • Usage Data: Features used, session duration, interaction patterns
  • Device Information: Device type, operating system, browser type
  • Log Data: IP address, access times, pages visited
  • Cookies and Similar Technologies: Session cookies, preferences, analytics data

3.3 AI-Generated Data

  • Exercise results and performance analytics
  • AI-generated content (examples, exercises, word suggestions)
  • Token usage statistics

4. How We Use Your Information

4.1 Primary Purposes

  • Service Delivery: Provide and maintain the Service functionality
  • Account Management: Create and manage user accounts
  • AI Features: Generate personalized content and exercises
  • Progress Tracking: Monitor learning progress and performance
  • Payment Processing: Handle subscription billing and token purchases

4.2 Secondary Purposes

  • Service Improvement: Analyze usage patterns to enhance features
  • Customer Support: Respond to inquiries and provide assistance
  • Communications: Send service updates, security alerts, and promotional content (with consent)
  • Legal Compliance: Meet legal obligations and protect rights

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract Performance: To provide the Service you've subscribed to
  • Legitimate Interests: Service improvement, security, and business operations
  • Consent: Marketing communications and non-essential features
  • Legal Obligation: Compliance with applicable laws

6. Data Sharing and Disclosure

6.1 Third-Party Service Providers

We may share data with:

  • Payment Processors: For billing and subscription management
  • Cloud Infrastructure Providers: For data hosting and storage
  • AI Service Providers: For AI-powered features (anonymized where possible)
  • Analytics Services: For service improvement (aggregated data only)

6.2 Legal Requirements

We may disclose information when required by law, court order, or to:

  • Protect our rights and property
  • Investigate violations of Terms of Service
  • Ensure user safety and security

6.3 Business Transfers

In case of merger, acquisition, or sale, your information may be transferred to the new entity.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We implement appropriate safeguards to protect your data during international transfers, including:

  • Standard Contractual Clauses
  • Adequacy decisions by relevant authorities
  • Other legally recognized transfer mechanisms

8. Data Retention

8.1 Active Accounts

We retain your data while your account is active and as needed to provide services.

8.2 Account Deletion

After account termination:

  • Personal data is deleted within 90 days
  • Aggregated, non-identifiable data may be retained for business purposes
  • Some data may be retained longer for legal compliance

8.3 Backup Systems

Data in backup systems is deleted according to our standard backup retention schedule (typically 12 months).

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

9.1 Technical Safeguards

  • Encryption of data in transit and at rest
  • Access controls and authentication systems
  • Regular security assessments and updates
  • Secure development practices

9.2 Organizational Measures

  • Staff training on data protection
  • Data access on a need-to-know basis
  • Incident response procedures
  • Regular security policy reviews

10. Your Rights and Choices

10.1 Data Subject Rights (GDPR)

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to processing based on legitimate interests
  • Withdrawal: Withdraw consent for consent-based processing

10.2 How to Exercise Rights

Contact us using the information provided in Section 15 to exercise your rights. We will respond within 30 days of receiving a valid request.

10.3 Account Controls

Through your account settings, you can:

  • Update profile information
  • Manage communication preferences
  • Download your data
  • Delete your account

11. Cookies and Tracking Technologies

11.1 Types of Cookies

  • Essential Cookies: Required for basic service functionality
  • Analytics Cookies: Help us understand service usage
  • Preference Cookies: Remember your settings and preferences

11.2 Cookie Management

You can control cookies through your browser settings. Disabling certain cookies may affect service functionality.

12. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. For users aged 13-17, parental consent is required.

If we learn we have collected information from a child under 13 without parental consent, we will delete that information promptly.

13. Marketing Communications

13.1 Consent

We will only send marketing communications with your explicit consent.

13.2 Opt-Out

You can unsubscribe from marketing communications at any time by:

  • Clicking the unsubscribe link in emails
  • Updating preferences in your account settings
  • Contacting us directly

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • Legal requirements
  • Service improvements

14.1 Notification

We will notify you of material changes through:

  • Email notifications
  • Service announcements
  • Website/app notifications

14.2 Continued Use

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

15. Contact Information

15.1 General Inquiries

For questions about this Privacy Policy or data practices:

Kamil Kubik

Stanisława Reymonta 3

41-800 Zabrze, Poland

15.2 Data Protection Officer

For privacy-specific inquiries, you may also contact our Data Protection Officer (if applicable) at the same address.

15.3 Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have processed your personal data unlawfully.

16. Additional Information for EU Residents

This Privacy Policy complies with the General Data Protection Regulation (GDPR). EU residents have specific rights under GDPR, which are outlined in Section 10 of this policy.

This Privacy Policy is effective as of the date listed above and applies to all information collected by our Service.