TeleInf Edu

Privacy Policy

Last updated: 2026-05-11

1. General Provisions

This Privacy Policy sets out the rules for processing personal data in connection with the use of the TeleInf Edu platform.

Data processing relates in particular to the use of public educational materials, user accounts, quizzes, learning progress, XP and achievements, Premium features, payment handling, email communication, technical telemetry and administrative tools.

The Service provides cookie preferences. Essential cookies are required for authentication, security and core platform operation. Optional analytics and similar technologies operate according to the user's choice made through the cookie controls.

2. Categories of Data Processed

Depending on how the Service is used, the following categories of data may be processed:

  • Account data: name or display name, email address, username, displayed username, profile image, role, suspension status, time zone, email verification status and account creation and update dates.
  • Authentication data: password hash, session data, session tokens, verification and password reset tokens, IP address and user agent connected with a session or security event.
  • Educational data: reading progress, last seen article path, active study time, scroll percentage, article and course completions, study days, XP total, level, achievements and experience history.
  • Quiz data: quiz attempts, attempt status, start and expiry time, answers, score, pass status, awarded XP and attempt history.
  • Premium and transaction data: package identifier, purchased and remaining days, purchase and expiry dates, amount, currency, purchase status, Polar checkout, order, product and customer identifiers.
  • Technical data: request metadata, page and API paths, IP address, user agent, device and browser information, timestamps, error details, Web Vitals and operational telemetry events.
  • Local browser data: interface preferences, theme selection, content-map selections, local session UI cache and cookie preferences stored in local storage or cookies.

3. Purposes and Legal Bases

  • Providing the Service: account, session, progress, quiz and Premium data is processed for the performance of the Service agreement.
  • Authentication and security: login data, sessions, verification, password reset, IP addresses and user agents are processed to protect accounts, prevent abuse and ensure Service security.
  • Payments and Premium fulfillment: transaction data is processed to create checkout sessions, verify payments, activate Premium, present purchase history, handle refunds and resolve payment issues.
  • Educational features: progress, answer, score, XP and achievement data is processed to calculate results, recommendations, learning history and platform rewards.
  • Communication: email addresses are processed to send verification messages, password reset messages, security notices, account information and important Service changes.
  • Reliability and diagnostics: technical data and telemetry are processed to diagnose errors, measure performance, detect abuse, monitor integrations and maintain platform stability.
  • Legal obligations and claims: data may be processed to comply with tax, accounting, consumer, security or legal obligations and to establish, pursue or defend claims.

4. Recipients and Providers

Personal data is not sold. Data may be entrusted to or shared with providers only to the extent necessary for operation of the Service, payment handling, communication, security, diagnostics or compliance with legal obligations.

  • Hosting and deployment: the web application and API may operate through infrastructure, hosting and deployment providers such as Vercel, Render or equivalent providers.
  • Database and backend: account, progress, quiz, Premium and platform configuration records are stored in PostgreSQL-backed systems and handled by the Service backend.
  • Authentication: Better Auth supports account, session, verification and password reset handling.
  • Email delivery: Resend is used to send verification, password reset and account-related messages.
  • Payments: Polar handles Premium checkout, customer portal access, order verification, webhooks, payment status and refund status.
  • Observability: Axiom may receive structured operational telemetry and server events. Frontend error reports and Web Vitals are sent as optional browser analytics according to cookie preferences.

5. Cookies and Browser Storage

Essential cookies are used for sign-in, session maintenance, security and same-origin API requests. Without these cookies, signed-in areas of the Service may not operate correctly.

Browser storage may store interface preferences such as theme, navigation selections, local session UI cache and cookie preferences. These values support convenient use of the Service and do not replace server-side account records.

Optional analytics or similar technologies are used in accordance with cookie preferences available in the Service. The user may change those preferences through the cookie controls.

6. Data Retention

Personal data is retained for the period necessary to achieve the purposes set out in this Policy, unless longer retention is required by law, settlement obligations, security, abuse prevention or the need to pursue or defend claims.

Account, progress, quiz, XP, achievement and Premium data is generally retained while the account exists because it forms the basis of the user-visible learning history, results and access state.

Session, verification and password reset data expires according to its security purpose. Operational telemetry is retained for a limited diagnostic period according to the configured observability provider retention.

After account deletion, data connected with the account is deleted or anonymized unless further retention is required for legal, tax, payment, security, anti-fraud or claims-related reasons.

7. Transfers Outside the EEA

Some providers may process data outside the user's country or outside the European Economic Area. In such cases, appropriate safeguards required by law are used, in particular data processing agreements, standard contractual clauses or transfer mechanisms made available by the provider.

8. Data Security

Technical and organizational measures appropriate to the nature of the Service are applied, including password hashing, TLS transmission encryption, server-side authorization checks, access control, validation at API boundaries, telemetry redaction and restricted access to provider credentials.

No internet service provides absolute security. The user should use a strong password, protect login credentials and report any suspected unauthorized access to the account.

9. User Rights

To the extent provided by applicable law, the user may request access to data, receive a copy of data, request rectification, erasure, restriction of processing, data portability, object to processing or withdraw consent.

Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. Where processing is necessary to provide the Service, comply with a legal obligation or handle claims, fulfillment of some requests may be limited.

A user located in the European Economic Area or Poland may lodge a complaint with the President of the Personal Data Protection Office or another competent supervisory authority.

10. Children's Data

The Service is not directed to children. Personal data of children is not knowingly collected where applicable law requires consent from a parent or guardian.

11. Changes to This Privacy Policy

This Privacy Policy may be amended due to changes in the Service, providers, scope of data processing, security requirements or law. The current version applies from the date indicated on this page, unless mandatory law requires a different effective date or notice method.