PRIVACY & COOKIES POLICY

SERVICE: VIRALPLACE.IO

Scope of this Privacy & Cookies Policy

The joint data controllers are:

Fundacja AIP (AIP Foundation), registered office: Al. Ks. J. Poniatowskiego 1, 03-901 Warsaw, Poland, entered in the Register of Entrepreneurs of the National Court Register maintained by the District Court for the Capital City of Warsaw, 14th Commercial Division, KRS 0000199402, NIP 5242495143
(hereinafter: “Foundation” or “Controller No. 1”)
Mikołaj Ostrowski, operating the project named ViralPlace
(hereinafter: “Controller No. 2” or “Project”)

Together referred to as the “Joint Controllers,” “we,” or “us.”

We are committed to collecting, using, and protecting personal data properly. We want you to be confident that your data are secure with us and fully understand how we use them to offer better and more personalized services. Therefore, we prepared this Privacy & Cookies Policy (the “Policy”), which:

sets out the types of personal data we collect;
explains how and why we collect and use your personal data;
explains when and why we share your personal data with other organizations;
explains your rights and choices regarding your personal data.

This Policy applies to you if you use our services (referred to in this Policy as “our Services”). Using our Services includes, in particular:

creating an account on our Service and using features available within it;
contacting us (or us contacting you) about our Services.

Our websites or mobile apps may contain links to other websites operated by third parties that have their own terms and privacy policies. Please read those policies carefully before providing any personal data on such websites, as we are not responsible for third-party sites.

Personal data we collect

This section explains what personal data we may collect from you when you use our Services and what data we may receive from other sources.

When you register for our Services

You may provide:

personal details: full name, postal address, email address, phone number, date of birth;
account credentials: username and password.

When you browse our Service / use our mobile apps

We may collect:

information about how you browse our websites and apps, and about clicks on our ads (including on third-party sites);
information about devices used to access our Services (brand, model, operating system, IP address, browser type, mobile device identifiers).

When you contact us / we contact you; promotions, contests, surveys

We may collect:

personal data you provide when contacting us about our Services (e.g., name, username, contact details, login), by phone, email, post, and via social media;
details about our emails and other digital messages sent to you, including any links you click;
your opinions and responses in satisfaction surveys.

Other sources of personal data

We may also use personal data from other sources (e.g., specialist data providers, business partners, public registers) to:

review and improve the accuracy of data we hold;
improve and measure the effectiveness of our marketing communications, including online advertising.

How and why we use personal data

Below we explain how and why we use personal data and on what legal basis.

We use personal data to…	This means processing allows us to…	Why we process your data this way	Legal basis
Provide access to our Services	Manage your account on the Service	To manage your user account and deliver the Services you request. Without contact/profile data we cannot provide the Services.	Performance of a contract
Manage and improve daily operations	Use cookies and similar technologies to enhance user experience	Some cookies are essential for the Service; others are optional (see “Cookies” section).	Legitimate interests
Develop and enhance services	Market research; improving IT systems and security	Better tailor services and increase security.	Legitimate interests
Detect and prevent fraud	Monitor our Services	Ensure safe use of the Services.	Legitimate interests
Personalize services	Analyze behavior and preferences	Tailor content and features to your needs.	Legitimate interests
Marketing	Send messages (email, post, online ads) and measure effectiveness	Provide relevant marketing content aligned with your interests. You can change preferences at any time.	Consent / Legitimate interests
Contact and interactions	Phone, email, post, social media replies	Provide explanations and assistance in response to your communications.	Legitimate interests
Promotions and contests	Manage your participation	Perform relevant promotion/contest rules.	Performance of a contract
Surveys and research	Invite you to satisfaction surveys	Service development; participation is voluntary.	Legitimate interests

Our legitimate interests

Where we rely on legitimate interests, this includes:

serving customer needs (delivering Services);
promoting and marketing our Services;
account servicing, handling complaints, and dispute resolution;
understanding users (patterns, behavior, preferences);
protecting and supporting our business, staff, users, and co-owners;
testing and developing new services and improving existing ones;
meeting legal/regulatory requirements.

Sharing personal data with service providers

We work with carefully selected service providers performing specific functions on our behalf (e.g., customer support, technology services, hosting, data storage and combination, payment processing, order delivery). We share only necessary data, require appropriate safeguards, and do not allow providers to use data for their own marketing.

Some providers operate online media channels where they may display relevant ads for our services (e.g., on social networks or internet TV).

Sharing personal data with other parties

We may share personal data with other organizations where:

required by law or a public authority;
necessary to establish, exercise, or defend legal claims (including sharing to prevent fraud and reduce credit risk);
we sell/transfer (or negotiate the sale/transfer of) any of our rights or obligations under a contract with you— the recipient may use your data the same way we do;
to any successors to our business.

How we protect your personal data

We apply technical and organizational measures, including:

limiting access to data solely to authorized staff;
physical, electronic, and procedural safeguards for collection, storage, and disclosure of data;
physical access controls to buildings and files;
firewalls and encryption of transmissions (SSL).

Even so, we cannot guarantee the security of data transmitted over the Internet.

Transfers outside the EEA. Personal data we collect from you may be transferred to and stored at a destination outside the European Economic Area (EEA) and processed by companies outside the EEA working for us or our providers. We ensure your privacy rights are respected by, typically:

using standard contractual clauses (more info: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_en), or
an approved program (e.g., historical Privacy Shield register: https://www.privacyshield.gov/welcome).

How long we process personal data

We retain personal data no longer than necessary, depending on:

the primary purpose for which data were collected;
how long ago we collected them;
whether there is a legal/regulatory basis to retain them;
whether we need them to protect your or our interests.

Your choices for marketing communications and research

We send offers and information about our services by various channels (including email) only with your prior consent.
During registration we will ask for marketing consent. You can change your preferences at any time in your account settings, by phone (+48 533 517 116), or in writing (address below).
We may invite you to market research—participation is voluntary.

How we use cookies

Cookies are text files stored on your device at each visit. They let our websites remember your device and serve several purposes. The entity placing and accessing cookies on end-user devices is the Foundation (Controller No. 1).

Our server automatically logs information sent by your browser when displaying the site (e.g., network requests, IP address, browser type and language, date and time). These data help improve our Services (recognizing preferences, tracking trends).

Types of cookies used on our Services

PURPOSE	DESCRIPTION	TYPE
Performance	Compatibility (e.g., browser type); optimization (page load timing)	Session – deleted when the browser closes
Security	Verifying that the device remains securely logged in during the visit	Session – deleted when the browser closes
Preferences	Personalized content, greeting, remembering language	Session – deleted when the browser closes
Analytics (usage of the Service)	Stats incl. visits, page views, referrals	Persistent – deleted after a longer period of inactivity
User feedback	Suppressing one-time and recurring notifications for a defined period	Session / Persistent
Plugins / widgets	Sharing content on social platforms; interaction counters	Persistent – deleted after a longer period of inactivity
Marketing content (incl. online ads)	Showing the most relevant ads on our and third-party sites	Persistent – deleted after a longer period of inactivity
Measuring marketing effectiveness	Measuring campaign performance (incl. email), capping ad views	Persistent – deleted after a longer period of inactivity

Cookies may also be used by third parties (e.g., tools, widgets) to provide additional functionality—this may cause their cookies to be stored on your device.

Your cookie choices

Most browsers allow cookies by default. You can block them, but some features of the Service may not work fully.
Change settings in your browser (usually Tools or Preferences).
Not changing cookie settings means you consent to their placement and our access to them.

Browser guides:

Firefox: https://support.mozilla.org/pl/kb/ciasteczka
Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=pl
Opera: https://help.opera.com/Linux/12.10/pl/cookies.html
Safari: https://support.apple.com/pl-pl/HT201265>
More info: https://allaboutcookies.org

Your rights

Right of access

You have the right to obtain access to the personal data we hold about you.

Other data subject rights

Right to rectification – if data are inaccurate or incomplete, tell us and we will correct them.
Right to object
- General objection – we will assess your objection to our use of your data. If your rights override our interests, at your request we will restrict processing or delete the data.
- Objection to direct marketing – on objection, we will stop using your data for direct marketing. Where no other legal basis applies, processing will be stopped within 30 days.
Right to restriction of processing – e.g., where:
- you filed a general objection;
- you contest the accuracy of data;
- data were processed unlawfully but you do not want deletion.
Right to erasure – e.g., where:
- data are no longer needed;
- a general objection succeeds;
- you withdraw consent and no other legal basis applies;
- data were processed unlawfully.
Right to data portability – to receive a copy of your data, contact: sales@viralplace.io.
Right to lodge a complaint with a supervisory authority – you may complain to the Polish Data Protection Authority (PUODO) or your local authority if you believe we process data unlawfully.

More about your rights: Polish DPA (UODO) – https://uodo.gov.pl/

Contact us

Controller No. 2 (ViralPlace)

Phone: +48 533 517 116
Email: sales@viralplace.io
Post: Wiśniowa 62, 89-600 Chojnice, Poland

Controller No. 1 (AIP Foundation)

Email: support@bizky.ai

This Policy was last updated: 14.09.2025