1. General Information

This Privacy Policy sets out the rules for processing and protecting the personal data of users of the Home Pizza Calculator application.

2. Data Controller

The personal data controller is Cali w Mące Karol Kłyciński, registered in Pruszków (05-800), ul. Powstańców 5/35, NIP: 5342168490, REGON: 146480372.

3. Scope of Data Collected

We collect the following personal data:

• First and last name
• Email address
• Application usage data
• Company information (for business accounts)
• Facebook login data (first name, last name, email address, profile photo)
• Google login data (first name, last name, email address, profile photo)
• Session identifiers and authentication tokens
• IP address and device information
• Application activity data (logs, action history)
• Invoice data (first and last name or company name, address, VAT number) – only when the User voluntarily provides it to receive a VAT invoice for purchasing a Premium plan.

Providing personal data is voluntary, but necessary to create an account and use the application's functionalities. Failure to provide data may prevent the proper provision of services.

3a. VAT Invoice Data

Invoice data (first and last name or company name, address, VAT number) is collected solely at the User's explicit request, in order to issue a VAT invoice for purchasing a Premium plan. This data is not used for marketing purposes or profiling. It is stored for the period required by tax law (5 years from the end of the tax year) and may only be disclosed to the invoicing system provider for the purpose of issuing the invoice.

4. Login Methods and Data Collection

The Application offers the following login methods:

• Traditional login: During registration we collect email address, password, and basic personal data
• Facebook login: We receive data from your Facebook profile in accordance with the permissions granted (first name, last name, email, profile photo)
• Google login: We receive data from your Google account in accordance with the permissions granted (first name, last name, email, profile photo)

When logging in through external providers (Facebook, Google), we do not store your passwords for those services. Authentication is performed directly through those platforms in accordance with their privacy policies.

5. Purpose of Data Processing

We process personal data for the following purposes:

• Providing application services
• User account management
• User authentication and authorization
• Communication with users
• Ensuring application security
• Personalization of user experience (the Controller does not use automated decision-making or User profiling within the meaning of Article 22 of the GDPR).
• Analysis of application usage for improvement purposes
• Fulfillment of legal obligations

6. Legal Basis

The legal basis for data processing is the performance of a contract (Article 6(1)(b) GDPR), the user's consent (Article 6(1)(a) GDPR), and the legitimate interest of the controller (Article 6(1)(f) GDPR).

7. Sharing Data with Third Parties

Your personal data may be shared with:

• Technical service providers supporting the application, in particular hosting/cloud providers, analytics service providers, payment system providers, invoicing system providers, Google/Meta (login)
• Government authorities, where required by law
• We do not sell or share personal data with third parties for marketing purposes

8. Data Retention Period

We store personal data for the period necessary to fulfill the purposes for which it was collected, but no longer than the period required by law. Data from external provider logins is stored until account deletion or withdrawal of consent.

9. User Rights

Users have the right to:

• Access their personal data
• Rectification of inaccurate data
• Erasure of personal data (right to be forgotten)
• Restriction of data processing
• Data portability
• Object to processing
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority (UODO / national DPA)

10. Data Security

We apply appropriate technical and organizational measures to ensure the security of processed personal data, including data encryption, secure communication protocols, regular backups, and access control.

11. Cookies and Tracking Technologies

The Application uses cookies and similar technologies for the following purposes:

• Ensuring proper functioning of the application
• Remembering user preferences
• Maintaining login sessions
• Analyzing application usage
• Improving the quality of services provided

You can manage cookie settings in your web browser.

12. International Data Transfers

When using Facebook or Google login, your data may be processed by those companies in accordance with their privacy policies. We ensure that we only work with providers who guarantee an adequate level of data protection. When transferring data outside the European Economic Area, this is done on the basis of standard contractual clauses approved by the European Commission.

13. Contact

For matters relating to personal data protection, you may contact the controller through the application or by email: [email protected]. We will respond to your inquiry within no more than 30 days of receipt.

14. Changes to the Privacy Policy

The Controller reserves the right to make changes to this Privacy Policy. Users will be notified of any significant changes through the application or by email with at least 14 days' notice.