Privacy Policy for the “Borcook” Application

Please read this Policy to understand how we handle your data and how it is processed. By using the application, you agree to the provisions contained in this Privacy Policy.

The administrator and owner of the Borcook application is ZUT BORNIAK Dawid Szurlej, Al. Niepodległości 41, 78‑449 Borne Sulinowo, Poland (hereinafter referred to as BORNIAK).

I. Scope of this Policy

BORNIAK attaches great importance to protecting your privacy. We process your data with care and in compliance with the obligations arising from applicable personal data protection regulations.

This Policy describes the types of data we may collect from you or that you may provide when using the application, as well as the rules for collecting, using, processing, disclosing, and protecting such data. The Policy applies to all persons using the Borcook application and may be updated.

Regardless of this Policy, in certain situations we may request your explicit and voluntary consent to process your personal data if such consent is required by law.

II. Definitions

• Application Administrator – the entity responsible for the operation of the application (ZUT BORNIAK Dawid Szurlej, Al. Niepodległości 41, 78‑449 Borne Sulinowo).
• Data Controller – the entity responsible for processing users’ personal data (same as above).
• User – any individual using the application.
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation).

III. Basic Information

When downloading the application from app platforms (e.g. Google Play Store, Apple App Store, Huawei AppGallery), the administrators of these platforms may process the following information:

• your user name on the respective platform,
• the e‑mail address associated with your platform account,
• the date and time the application was downloaded,
• your device’s unique identifier.

BORNIAK has no influence over this data collection and is not responsible for it. For more information, please refer to the privacy policies of the respective platforms:

• Google Play Store
• Apple App Store
• Huawei AppGallery

IV. Application Users

The Borcook application is not intended for use by persons under 16 years of age without the consent of their legal guardian. We do not knowingly collect data from children under this age. If we discover that we have processed a minor’s data without such consent, we will take appropriate steps to delete it, which may include blocking access to the application.

V. Processing of Personal Data

By using the application, you provide us with your personal data. The Data Controller ensures that all processing activities meet the highest standards and the GDPR requirements.

1. Data Controller

The Data Controller, within the meaning of Article 4(7) GDPR, is ZUT BORNIAK Dawid Szurlej, Al. Niepodległości 41, 78‑449 Borne Sulinowo.

Contact details:

• phone: +48 94 373 00 02
• e‑mail: biuro@borniak.pl
• postal address: Al. Niepodległości 41, 78‑449 Borne Sulinowo, Poland

2. Purpose of Data Processing

We process your data for the following purposes:

• registration and maintenance of your account – Article 6 (1)(b) GDPR (contract – acceptance of the Terms of Service);
• operating and controlling the device and related functions – Article 6 (1)(b) GDPR;
• providing premium features – Article 6 (1)(b) GDPR;
• processing payments for premium features – Article 6 (1)(c) GDPR (legal obligations, e.g. tax regulations);
• handling complaints – Article 6 (1)(c) GDPR;
• analysing used features and recipes to improve the application – Article 6 (1)(f) GDPR (legitimate interest);
• establishing, exercising or defending legal claims – Article 6 (1)(f) GDPR;
• internal analytics and statistics – Article 6 (1)(f) GDPR;
• user satisfaction surveys and quality assurance – Article 6 (1)(f) GDPR;
• responding to user enquiries – Article 6 (1)(f) GDPR;
• sending push notifications – Article 6 (1)(a) GDPR (consent).

3. Categories of Processed Data

• first name and e‑mail address (required for account creation);
• country of application use (based on device settings);
• information about viewed and used recipes, articles and products;
• information on device operation (statuses, settings);
• technical data: device type, OS version, app version, diagnostic logs;
• payment data (transaction status) – card data handled by the payment operator;
• push token (device identifier for notifications);
• other data voluntarily provided (e.g. correspondence, complaints).

Premium features are provided via external payment systems (e.g. Google Play, Apple App Store). BORNIAK does not process payment card data.

4. Data Retention Period

• for as long as the account exists – data necessary for app use;
• as required by law (e.g. accounting) or until claims become time‑barred;
• for the duration of the legitimate interest or until an objection is raised;
• until consent is withdrawn or the processing purpose is fulfilled.

5. Data Recipients

• authorised employees and associates of the Controller;
• service providers (hosting, technical support, push services) under data processing agreements (Article 28 GDPR);
• competent state authorities, if legally requested.

6. Data Transfers Outside the EEA

User data are not transferred to recipients in third countries or international organisations (except countries/organisations recognised by the European Commission as providing adequate protection).

7. Your Rights

You have the rights to: access, rectify, erase, restrict processing, object, data portability, and withdraw consent at any time. You can withdraw consent by e‑mail (support@borcook.com) or in the app settings (when available). Withdrawal does not affect the lawfulness of prior processing.

8. Exercising Your Rights

Requests are handled promptly, no later than within one month (extendable by two months for complex requests). No fees are charged for exercising rights.

9. Complaint to the Supervisory Authority

You have the right to lodge a complaint with the Polish Data Protection Authority (UODO) or another competent authority if you believe that processing violates the GDPR.

10. Voluntary Data Provision

Providing data is voluntary but necessary to use the application.

11. Automated Decision‑Making and Profiling

The Controller does not make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you (Article 22 GDPR). The app may use limited recommendations (remembering recent searches, suggesting popular recipes in your country, adapting content to your device) – purely functional, without legal impact.

VI. Data Security

We apply appropriate technical and organisational measures to protect data against unauthorised access. Only authorised persons bound by confidentiality have access to personal data.

You should also safeguard your own data (e.g. keep login credentials confidential, use antivirus software, keep your system updated).

VII. Use of Local Storage Technologies (cookies / cache / local storage)

The application may store data locally (cache, local storage) to ensure proper operation, remember settings, or the last recipes used. Such data are not transmitted to the Controller or used to track you outside the application.

VIII. Copyright

All content placed in the application by the Controller is protected by copyright and may be used by users only in accordance with its intended purpose described in the Terms of Service.

IX. Policy Updates

This Policy may be amended. We will inform you about significant changes through the application or other communication channels.

Effective date: 2024-07-01