1. Introduction

Welcome to TeleInf ("we," "us," or "our"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our interactive ICT learning platform (the "Service").

This policy applies to all users, including those in the European Economic Area (EEA) and California, and is designed to comply with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

When you first visit the Service, we will ask you to choose your cookie preferences. Essential cookies are required to operate the platform, while analytics cookies remain disabled until you grant consent. You can revise your decision at any time via the "Cookie preferences" link in the site footer.

2. Information We Collect

We collect information that you provide directly to us, information collected automatically, and information from third parties.

• Personal Identification Information: Your full name, username, and email address, which are collected when you register for an account.
• Password: We collect your password in a hashed format for account security. We cannot see your plain-text password.
• Payment Information: When you purchase premium features, you are redirected to one of our third-party payment processors. We use Polar.sh for international credit/debit card and digital wallet payments (e.g., PayPal, Apple Pay) and Stripe for BLIK payments in Poland. We do not collect or store your full payment card details. Our payment partners provide us with a transaction confirmation, which includes your name, the amount paid, and the subscription or product purchased.
• Usage Data: We automatically collect information about how you interact with the Service. This includes your IP address, browser type, device information, pages visited, features used, and the dates and times of your visits.
• Cookies and Tracking Technologies: We use cookies and similar tracking technologies to operate and personalize the Service. This includes essential cookies for security and functionality, and optional cookies for analytics. Optional analytics cookies are only activated after you provide consent through our cookie banner or preferences panel, and you can withdraw that consent at any time.

3. How We Use Your Information

We use the information we collect for various purposes, based on clear legal grounds:

• To Provide and Maintain Our Service (Contractual Necessity): We use your identification and account information to create and manage your account, provide you with access to our platform, and fulfill our service obligations.
• To Process Payments (Contractual Necessity): Your transaction information is used to process payments for premium services and manage your subscription status.
• To Improve Our Service (Legitimate Interests): We analyze usage data to understand user behavior, identify areas for improvement, and enhance the user experience.
• For Security and Fraud Prevention (Legitimate Interests): We monitor account activity, IP addresses, and device information to protect against unauthorized access, fraud, and other security threats.
• To Communicate With You (Legitimate Interests): We may use your email address to send you important service-related announcements, security alerts, and updates to our policies. You may also receive marketing communications, which you can opt out of at any time.
• To Comply with Legal Obligations (Legal Obligation): We may process your data to comply with legal requirements, such as tax laws, or to respond to lawful requests from public authorities.

4. Sharing Your Information

We do not sell your personal information. We may share your information with the following third parties under specific circumstances:

• Payment Processors: As mentioned, we share transaction data with Stripe (for BLIK) and Polar.sh (for other payment methods) to process your payments securely. Their use of your personal information is governed by their respective privacy policies, and we are not responsible for their data practices.
• Service Providers: We engage third-party companies to perform services on our behalf, such as cloud hosting (e.g., AWS, Vercel), analytics, and customer support. These providers are contractually obligated to protect your data and are restricted from using it for any other purpose.
• Legal Authorities: We may disclose your information if required by law or in response to valid requests by public authorities (e.g., a court or government agency).

5. Data Security

We implement a variety of security measures to maintain the safety of your personal information. These include password hashing, encryption of data in transit (TLS/SSL), and access controls. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security. Your use of the Service is at your own risk.

6. Your Data Protection Rights

Depending on your location, you have certain rights regarding your personal data:

• The Right to Access: You have the right to request copies of your personal data.
• The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
• The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

7. International Data Transfers

Your information, including personal data, may be transferred to - and maintained on - computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

8. Children’s Privacy

Our Service is not intended for use by children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal identifiable information from children under this age.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "updatedAt" date. You are advised to review this Privacy Policy periodically for any changes.