Jestes w: - Privacy Policy

Privacy Policy

Bugeto Sp. z o.o. (hereinafter referred to as “Bugeto”), as a company operating in the educational sector, considers the protection of personal data to be one of the most important aspects of its business activity. Therefore, our goal is to properly inform our Users about matters related to the protection and processing of personal data.

By using the online services available at https://bugeto.online/, the User entrusts us with their data. This Privacy Policy is intended to help Users understand what data we collect, for what purposes, and how we use it. This information is important, which is why we kindly ask you to read this document carefully.

This document also fulfills the information obligation pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR).

Data Controller

The controller of the personal data of users of the website https://bugeto.online/ (hereinafter referred to as the “Website”) is:

Bugeto Spółka z ograniczoną odpowiedzialnością (Bugeto Sp. z o.o.)
Registered office: ul. W. Romańczuka 3, 35-302 Rzeszów, Poland
Entered into the Register of Entrepreneurs maintained by the District Court in Rzeszów, 12th Commercial Division of the National Court Register under KRS number: 0000951469
Tax Identification Number (NIP): 8133874044
Business Registry Number (REGON): 521142099

What Exactly Is Personal Data?

Personal data refers to any information relating to an identified or identifiable natural person. This may include data such as name and surname, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Processing of personal data means any operation or set of operations performed on personal data, whether or not by automated means, such as collecting, storing, recording, viewing, sharing, using, deleting, or destroying the data.

Information provided by the user when creating an account on the website:

Our goal is to ensure full transparency regarding the methods and legal grounds for processing personal data. That is why we make every effort to clearly inform Users about the types of data we collect and the purposes for which they are used.

To fully access the services offered through the Website, registration is recommended. In such cases, we ask Users to complete a registration form with personal data such as: full name, email address, country, and phone number. This information is stored along with the account data. The information provided is used for necessary communication with our Users and to better tailor the content and advertising we display to their needs and interests.

The collection of Users’ personal data is treated as a separate, secure database stored on a server in a dedicated security zone to ensure proper protection. Full access to the database is granted only to a limited number of authorized individuals responsible for its administration.

The collected personal data is not sold or shared with other individuals or institutions unless this occurs with the explicit consent or at the request of the User, or upon the demand of public authorities authorized under applicable law in connection with their official proceedings. However, we may share aggregate, general statistical summaries (e.g., website traffic reports) with cooperating online services or advertising agencies. These summaries do not contain data that could identify individual Users.

Right of Access and User Rights

Right of access and user rights

In accordance with the GDPR, every User has the following rights:

Right of access to data (Article 15 GDPR)
The User has the right to obtain from the Controller confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the data. Upon request, the Controller shall provide the User with a copy of the personal data undergoing processing.

Right to rectification (Article 16 GDPR)
The User has the right to obtain from the Controller the rectification of inaccurate personal data concerning them without undue delay.

Right to erasure (“right to be forgotten”) (Article 17 GDPR)
The User has the right to obtain from the Controller the erasure of personal data without undue delay, and the Controller has the obligation to erase such data where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

  • the User withdraws consent on which the processing is based;

  • the User objects to the processing and there are no overriding legitimate grounds for the processing.

Right to restriction of processing (Article 18 GDPR)
The User has the right to request the restriction of processing in the following circumstances:

  • when the data is inaccurate – for a period allowing the Controller to verify the accuracy of the data;

  • when the User has objected to processing – pending the verification whether the legitimate grounds of the Controller override those of the User;

  • when the processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of its use instead.

Right to data portability (Article 20 GDPR)
The User has the right to receive the personal data concerning them, which they have provided to the Controller, in a structured, commonly used and machine-readable format, and has the right to transmit those data to another controller without hindrance.

Right to object (Article 21 GDPR)
If personal data are processed for direct marketing purposes, the User has the right to object at any time to processing of personal data concerning them for such marketing, including profiling to the extent that it is related to such direct marketing.

How can you exercise your rights?

We have appointed a dedicated team responsible for handling inquiries related to the above matters. To contact us, please write to: rodo@bugeto.online.

For proper identification, the email should be sent from the address used during registration.

Questions or requests may also be submitted by post — by sending a registered letter to the address of the data controller.

The controller will respond to the user’s request within one month. If no action is taken, the user will be informed accordingly.

Users have the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO).

How long do we process your data?

The user’s data will be stored by the controller for the duration necessary to carry out specific services or purposes, and additionally:

  • for the period of limitation of claims, in accordance with the provisions of the Code of Civil Procedure;

  • for the period required by tax law — in relation to personal data connected with fulfilling obligations under tax regulations;

  • until an effective objection is raised — with regard to data processed on the basis of the controller’s legitimate interest or for marketing purposes;

  • until consent is withdrawn or the purpose of processing is achieved — with regard to data processed based on the user’s consent;

  • until the data becomes outdated or no longer useful — with regard to data processed mainly for analytical, statistical purposes, cookie usage, and website administration.

Data security measures

The website is equipped with security measures aimed at protecting personal data under the Controller’s control against loss, misuse, and alteration. The Controller has also implemented an internal Personal Data Protection Policy to ensure the proper protection of personal data in accordance with applicable laws and standards, particularly the following principles:

Access to the personal data collected by the Controller is granted only to authorized employees or associates of the Controller, as well as individuals responsible for the operation of the Website who have been granted appropriate authorizations.

The Controller declares that when outsourcing services to third parties, it requires its partners to ensure a high standard of personal data protection. This includes signing appropriate data processing agreements in which partners confirm their compliance with the standards and acknowledge the Controller’s right to audit their compliance.

To ensure proper protection of services provided electronically, the Controller uses a high level of security, including cryptographic protection of personal data transmission (SSL protocol).

Due to the public nature of the Internet, using services provided electronically may be associated with risks, regardless of the Controller’s best efforts to ensure data security.

How we use the information we collect

Providing, improving, and developing our services
Access to this information allows us to maintain our services, personalize content, and suggest solutions tailored to our Users. The data we collect helps us understand how Users interact with the features and content they find most valuable. We also use the information to offer various enhancements and personalized suggestions.

Communication with the User
We use User information to determine which marketing content to send, to communicate about our services, and to inform about policies and terms. This information also helps us respond to User inquiries or contact requests.

Displaying and measuring ads and services
We use the data to improve our advertising and analytics systems in order to show Users relevant ads both within and outside the Website, and to measure the effectiveness and reach of ads and services.

Cookies policy and similar technologies

To provide access to our web content, we use cookies — small text files saved on the User’s computer or mobile device while browsing. These files help enable various features on the website or confirm whether the User has seen specific content.

This policy also applies to other similar technologies used across our online services.

Disabling cookies may limit access to certain services, especially those requiring login. However, disabling cookie acceptance does not prevent Users from reading or viewing publicly available content, except in cases where login is required.

Information from access logs

Like most website operators, we collect information about how Users access and use our services, including IP addresses, based on server log analysis. This information is used for technical purposes related to server administration, as well as for statistical and demographic analysis.

We may be legally required to release certain information — including IP addresses found in access logs — to competent authorities if requested for official investigations.

Changes to the privacy policy

This privacy policy may be updated from time to time. The most current version will always govern our use of information and will be available at: https://bugeto.online/polityka-prywatnosci.

If we make any changes, we will notify Users on the Website or via email linked to their account. By continuing to access or use our Services after changes take effect, Users agree to be bound by the updated version of the privacy policy.