Privacy Policy – PointAPlace

Last updated: May 26, 2025

This Privacy Policy describes how PointAPlace ("we", "us", "our") collects, uses, and protects the personal data of users ("you", "User") of the PointAPlace mobile and web application in compliance with the General Data Protection Regulation (GDPR), other applicable data protection laws, and the policies required by Google Play and Apple App Store.

Note: In case of discrepancies, the Polish version of this policy shall prevail.

1. Data Controller

The controller of your personal data is:

Piotr Goryl – Gorilla Business
NIP (VAT): 9451969937
Website: https://www.gorillabusiness.pl
Address: ul. Bronisława Malinowskiego 15, 30-699 Kraków, Poland
Email: gdpr@pointaplace.com

2. What Data We Collect

We collect and process the following types of data:

Account Information: Email address and hashed credentials for login purposes
Location Data: GPS coordinates when creating or sharing content
Content Data: Notes, photos, audio, video, and text content you upload
Device Information: Device model, OS version, and anonymous identifiers for diagnostics and analytics
Usage Data: Logs related to user activity, time of access, feature use

3. Purpose of Data Processing

Your data is used for the following purposes:

Providing and operating the application's features
Displaying content linked to geographic location
Enabling sharing with friends and communities
Personalizing content and advertisements (where applicable)
Responding to abuse reports or GDPR-related requests
Complying with legal obligations

4. Legal Basis for Processing

We process your data under the following legal bases:

Consent: for optional features like location-based ads
Contractual Necessity: to provide the core functionality of the app
Legal Obligation: to comply with EU and Polish law
Legitimate Interests: for security, support, diagnostics, abuse prevention

5. Data Sharing and Recipients

We may share your data with:

Service providers involved in hosting, analytics, and app delivery (e.g., Firebase, hosting providers)
Advertising networks (if consented)
Authorities if required by law

We do not sell your personal data.

6. Data Retention

Your data is retained only as long as necessary for the purposes listed above. Content you share publicly may remain accessible to other users indefinitely unless deleted before publication.

7. User Rights

Under GDPR, you have the right to:

Access your data
Correct inaccurate data
Delete your data ("right to be forgotten")
Object to or restrict processing
Port your data

Requests should be sent to: gdpr@pointaplace.com

8. Data Security

We implement appropriate technical and organizational measures to secure your data against unauthorized access, alteration, or destruction.

9. Children's Privacy

The app is not intended for children under 13 years of age. Users under 18 must have consent from a parent or legal guardian. We do not knowingly process data from children.

10. International Data Transfers

If data is transferred outside the European Economic Area (EEA), it will be protected using standard contractual clauses or other legal mechanisms.

11. Updates

We may update this Privacy Policy from time to time. Significant changes will be communicated via the app. Continued use after updates constitutes acceptance.