Privacy Policy

1. General provisions

1. The data controller of personal data collected via the MapiGO platform is a natural person running an unregistered business:
   Kacper Kwiek
   Zielarska 96, 62-064 Plewiska, Poland
   Contact: contact@mapigo.net
2. The MapiGO platform is an online service that enables profile creation, saving places on a map, organizing points into groups, and using social features.
3. The Privacy Policy applies to all people using the platform, including:
   • users browsing public content (without registration)
   • registered users (account holders)
   • people contacting the administrator
4. The Platform is international; however, personal data is processed in accordance with Polish law and the GDPR.

2. Types of personal data collected

Depending on how the platform is used, we may collect:

2.1. Data provided voluntarily by users

1. Registration data:
   • e-mail address (login)
   • password (stored in encrypted form)
   • username
2. Profile data:
   • avatar
   • bio/short description
   • profile privacy settings
3. Point (marker) and group data:
   • point name and description
   • geographic coordinates
   • category and color
   • photos added by the user
   • optional external data (for example Google data)
4. Social data:
   • list of followers and friends
   • shared items (for example maps, points, groups)
5. Transactional data (paid plan):
   • payment data
   • invoice data (if applicable)
6. Correspondence data:
   • e-mail address
   • message content
   • other data provided in the request

2.2. Data collected automatically

1. Technical data and system logs:
   • IP address
   • browser type and version
   • operating system
   • date and time of visit
   • visited subpages
   • session identifiers
2. Data from cookies and similar technologies - details in the Cookie Policy
3. Location data - if the user consents to sharing device location

3. Purposes and legal bases for processing

1. Providing electronic services
   • Legal basis: Article 6(1)(b) GDPR (performance of a contract)
   • Purpose: account handling, creating profiles, maps, and points
2. Payment processing
   • Legal basis: Article 6(1)(b) and (c) GDPR
   • Purpose: transaction processing and settlements
3. Communication with users
   • Legal basis: Article 6(1)(b) or (f) GDPR
   • Purpose: responses to inquiries, complaint handling
4. Ensuring platform security
   • Legal basis: Article 6(1)(f) GDPR
   • Purpose: protection against cyberattacks, abuse detection
5. Statistical analysis and feature development
   • Legal basis: Article 6(1)(f) GDPR
   • Purpose: improving operation and service quality
6. Establishing and defending claims
   • Legal basis: Article 6(1)(f) GDPR
7. Fulfilling legal obligations
   • Legal basis: Article 6(1)(c) GDPR

4. Sharing personal data

4.1. Data publication

Some data may be published publicly on the platform:

• profile data (username, avatar, bio), if the profile is public
• points and maps marked as public or shared by link

By publishing content, the user consents to its sharing within the platform.

4.2. Data recipients (processors)

Your personal data may be shared with the following categories of recipients operating under data processing agreements:

1. Hosting and IT service providers - server maintenance
2. Map and place data providers - for example Mapbox, Google
3. Payment operators - for example Stripe
4. E-mail service providers - handling transactional messages
5. Public authorities - where required by law

5. Data transfers outside the EEA

Due to the use of external providers, your data may be transferred outside the EEA, in particular to the USA. Transfers are based on standard contractual clauses or other legally permitted safeguards.

6. Data retention periods

We store personal data for the period necessary to achieve the purposes for which it was collected:

1. User account data - until the account is deleted
2. Public data (maps, points) - until deleted
3. Accounting data and invoices - 5 years from the end of the tax year
4. System logs - up to 12 months
5. Claims-related data - until claims are time-barred

After the retention period, data is permanently deleted or anonymized.

7. Rights of data subjects

Every person whose data we process has the right to:

1. Access to data
2. Rectification of data
3. Erasure of data
4. Restriction of processing
5. Data portability
6. Object to processing
7. Withdraw consent
8. Lodge a complaint with the UODO

How to exercise your rights? Send a message to: contact@mapigo.net with subject "Personal data protection" or "GDPR request".

8. Data security

Protecting personal data is our priority. We apply technical and organizational measures intended to protect data from unauthorized access or loss.

9. Cookies and tracking technologies

The Platform uses cookies to ensure proper operation and improve service quality. Details can be found in the Cookie Policy.

10. Third-party data

If you provide us with personal data of other persons (for example in a point description or photo), you confirm that you have their consent to share such data.

11. Children and minors

The Platform is not dedicated exclusively to adults; however, persons under 18 should use it with the knowledge and consent of parents or legal guardians.

12. Links to external websites

The Platform may contain links to external sites (for example Google Maps). We are not responsible for the privacy policies of those sites.

13. Changes to the Privacy Policy

We reserve the right to make changes to this Privacy Policy in the event of changes in law or platform development.

14. Privacy contact

If you have questions about the Privacy Policy or want to exercise your rights, contact us:

E-mail:contact@mapigo.net
Message subject: "Privacy Policy" or "Data Protection"

Last updated: 18 January 2026