🚧 Vetkuro is in alpha testing — full launch expected in the second half of 2025

  • Home

  • Privacy Policy

Privacy Policy

This Privacy Policy (hereinafter: "Policy") contains information on the processing of your personal data in connection with the use of the Vetkuro App (hereinafter: "Application").

Any capitalized terms not otherwise defined in the Policy shall have the meaning given to them in the Terms and Conditions, available at: https://vetkuro.com/docs/terms-and-conditions.pdf.

Personal data Controller

The Controller of your personal data is Agudo, operating under the name Agudo PaweÅ‚ SobociÅ„ski (address of the fixed place of business: MoÅ‚dawska 5/19, 02-127 Warsaw, Poland, entered into the Central Register of Information on Business kept by the minister in charge of economy, with a NIP (Tax Identification Number): 5423040067, REGON number: 360904783  (hereinafter: "Controller").

Contact with the Controller

In all matters related to the processing of personal data, you can contact the Controller via:

  1. e-mail - at: [email protected]
  2. traditional mail - at: Mołdawska 5/19, 02-127 Warsaw, Poland
  3. phone number - at the number: +48 504 426 710.

Personal data protection measures

The Controller applies modern organisational and technical safeguards to ensure the best possible protection of your personal data and guarantees that it processes them in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter:  "GDPR"), the Act of 10 May 2018 on the Protection of Personal Data and Other Personal Data Protection Regulations.
 

Information on the personal data processed

The use of the Application requires the processing of your personal data. Below you will find detailed information about the purposes and legal grounds of processing, as well as the period of processing and the obligation or voluntariness to provide them.
 

Purpose of processingPersonal data processedLegal basis
Conclusion and performance of the Application Use Agreement and Account creation
  1. name and surname
  2. e-mail address
  3. telephone number
  4. address

Article 6(1)(b) of the GDPR 

(processing is necessary for the performance of the Application Use Agreement concluded with the data subject or to take steps to conclude it)

Providing the above-mentioned personal data is a condition for concluding and performing the Application Use Agreement (providing them is voluntary, but the consequence of failure to provide them will be the inability to conclude and perform the Application Use Agreement). 

The Controller will process the above-mentioned personal data until the statute of limitations for claims arising from the Application Use Agreement expires. 

Purpose of processingPersonal data processedLegal basis
Conclusion and performance of the Newsletter Delivery Agreement (related to the Application)e-mail address

Article 6(1)(b) of the GDPR 

(processing is necessary for the performance of the Agreement for the provision of the Newsletter or Digital Content concluded with the data subject or to take steps to conclude it)


 and 

Article 6(1)(f) of the GDPR

(processing is necessary for the purpose of the legitimate interest of the Controller, in this case informing about new products and promotions available in the Application)

Providing the above-mentioned personal data is voluntary, but necessary in order to receive the Newsletter or Digital Content (the consequence of not providing them will be the inability to receive the Newsletter or Digital Content).

The Controller will process the above-mentioned personal data until an effective objection is raised or the purpose of the processing is achieved, or until the claims arising from the Agreement for the provision of the Newsletter or Digital Content expire (whichever occurs first).

Purpose of processingPersonal data processedLegal basis
Conducting a complaint procedure 
  1. name and surname
  2. E-mail address

Article 6(1)(c) of the GDPR

(processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case the following obligations:

  • responding to a complaint – Article 7a of the Consumer Rights Act;
  • exercising the User's rights resulting from the provisions on the Controller's liability in the event of non-compliance of the Physical Goods with the Sales Agreement or the Object of Digital Supply with the Agreement applicable to it)

Providing the above-mentioned personal data is a condition for receiving a response to the complaint or exercising the Service Recipient's rights resulting from the provisions on the Controller's liability in the event of non-compliance of the Subject of Digital Service with the Agreement applicable to him (their provision is voluntary, but the consequence of failure to provide them will be the inability to receive a response to the complaint and the exercise of the above-mentioned rights).

The Controller will process the above-mentioned personal data for the duration of the complaint procedure, and in the case of exercising the above-mentioned rights of the User – until their limitation expires.

Purpose of processingPersonal data processedLegal basis
Conclusion and performance of the sponsored content agreement 

1) name and surname / company;

3) e-mail address;

4) (optional) NIP 

5) address of residence / address of business

6) (optional) telemetry data

7) (optional) Location-based interactions (geographic position; precise location; background location)

Article 6(1)(b) of the GDPR 

(processing is necessary for the performance of the Sponsored Content Publication Service Agreement concluded with the data subject or to take steps to conclude it)

Providing the above-mentioned personal data is a condition for concluding and performing the Agreement for the provision of the Sponsored Content Publication Service (their provision is voluntary, but the consequence of not providing them will be the inability to conclude and perform the above-mentioned agreement).

The Controller will process the above-mentioned personal data until the statute of limitations for claims under the Sponsored Article Publication Service Agreement expires.

Purpose of processingPersonal data processedLegal basis
Conducting a verification procedure and considering appeals against decisions on dealing with unacceptable content 
  1. name and surname/business name,
  2. contact details, including e-mail address

Article 6(1)(c) of the GDPR

(processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case the following obligations:

  • provide a mechanism for reporting inappropriate content (Article 16 of Regulation 2022/2065 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act)(hereinafter: "DSA")
  • handling complaints (Article 20 of the DSA).

Providing the above-mentioned personal data is a condition for receiving a response to the report or exercising the User's rights under the provisions of the DSA (their provision is voluntary, but the consequence of failure to provide them will be the inability to receive a response to the report and the exercise of the above-mentioned rights).

The Controller will process the above-mentioned personal data for the duration of the complaint procedure, and in the case of exercising the above-mentioned rights of the User – until their limitation expires.

Purpose of processingPersonal data processedLegal basis
Handling queries submitted by Users
  1. name
  2. E-mail address
  3. other data contained in the message to the Controller

Article 6(1)(f) of the GDPR

(processing is necessary for the purpose of pursuing the legitimate interest of the Controller, in this case responding to the inquiry received)

Providing the above-mentioned personal data is voluntary, but necessary in order to receive a response to the inquiry (the consequence of failure to provide them will be the inability to receive an answer).

The Controller will process the above-mentioned personal data until an effective objection is raised or the purpose of processing is achieved (whichever occurs first).

Purpose of processingPersonal data processedLegal basis
Fulfilling tax obligations (m.in. issuing a VAT invoice, storing accounting documentation)
  1. name and surname/company
  2. address of residence/registered office
  3. TIN

Article 6(1)(c) of the GDPR 

(processing is necessary to comply with a legal obligation to which the Controller is subject, in this case obligations under tax law)

Providing the above-mentioned personal data is voluntary, but necessary for the Controller to meet its tax obligations (the consequence of failure to provide them will be the Controller's inability to meet the above-mentioned obligations).

The Controller will process the above-mentioned personal data for a period of 5 years from the end of the year in which the deadline for payment of tax for the previous year expired.

Purpose of processingPersonal data processedLegal basis
Compliance with obligations related to the protection of personal data
  1. name and surname
  2. contact details provided by you (e-mail address; correspondence address; telephone number)

Article 6(1)(c) of the GDPR 

(processing is necessary to comply with a legal obligation to which the Controller is subject, in this case the obligations resulting from the provisions on the protection of personal data)

Providing the above-mentioned personal data is voluntary, but necessary for the proper performance by the Controller of the obligations resulting from the provisions on the protection of personal data, m.in. the exercise of the rights granted to you by the GDPR (the consequence of failure to provide the above-mentioned data will be the inability to properly exercise the above-mentioned rights).

The Controller will process the above-mentioned personal data until the expiry of the limitation periods for claims for violation of personal data protection regulations.

Purpose of processingPersonal data processedLegal basis
Establishing, exercising or defending against legal claims
  1. name and surname/company
  2. e-mail address
  3. address of residence/registered office
  4. PESEL number
  5. TIN

Article 6(1)(f) of the GDPR

(processing is necessary for the purpose of pursuing the legitimate interest of the Controller, in this case establishing, investigating or defending against claims that may arise in connection with the performance of the Agreements concluded with the Controller)

Providing the above-mentioned personal data is voluntary, but necessary in order to establish, pursue or defend against claims that may arise in connection with the performance of the Agreements concluded with the Controller (the consequence of failure to provide the above-mentioned data will be the inability of the Controller to take the above-mentioned actions)

The Controller will process the above-mentioned personal data until the expiry of the limitation periods for claims that may arise in connection with the performance of the Agreements concluded with the Controller.

Purpose of processingPersonal data processedLegal basis
Analysis of your activity in the Application
  1. date and time of the visit
  2. IP number of the device
  3. device operating system type
  4. approximate location
  5. type of web browser
  6. time spent in the Application
  7. visited subpages and other actions taken within the Application
  8. source of visit
  9. Information about user interactions (clicks, scrolling)
  10. Navigation paths
  11. Demographic data

Article 6(1)(f) of the GDPR

(processing is necessary for the purpose of the legitimate interest of the Controller, in this case obtaining information about your activity in the Application)

Providing the above-mentioned personal data is voluntary, but necessary in order for the Controller to obtain information about your activity in the Application (the consequence of failure to provide them will be the Controller's inability to obtain the above-mentioned information).

The Controller will process the above-mentioned personal data until an effective objection is raised or the purpose of the processing is achieved.

Purpose of processingPersonal data processedLegal basis
Application administration
  1. IP address
  2. server date and time
  3. web browser information
  4. operating System Information

The above data are saved automatically in the so-called server logs, each time the Application is used (it would not be possible to administer it without the use of server logs and automatic saving).

Article 6(1)(f) of the GDPR

(processing is necessary for the purpose of pursuing the legitimate interest of the Controller, in this case ensuring the proper operation of the Application)

Providing the above-mentioned personal data is voluntary, but necessary to ensure the proper operation of the Application (the consequence of failure to provide them will be the inability to ensure the proper operation of the Application.

The Controller will process the above-mentioned personal data until an effective objection is raised or the purpose of the processing is achieved.

Purpose of processingPersonal data processedLegal basis
Share Service Reviews
  1. name
  2. optionally – other data included in the Review 

Article 6(1)(f) of the GDPR


 

(processing is necessary for the purpose of the legitimate interest of the Controller, in this case making the Review available for information and promotional purposes)

Providing the above-mentioned personal data is voluntary, but necessary in order to add an Review (the consequence of not providing them will be the inability to add an Review).

The Controller will process the above-mentioned personal data until an effective objection is raised or the purpose of processing is achieved (whichever occurs first).

 Recipients of personal data

The recipients of personal data will be the following external entities cooperating with the Controller:

  1. hosting company;
  2. providers of online payment systems;
  3. newsletter service provider;
  4. companies providing tools for analyzing activity in the Application and directing direct marketing to its users (m.in. Google Analytics);
  5. a company providing accounting services;
  6. partners/sponsors
  7. companies providing tools for error tracking and performance monitoring.

In addition, personal data may also be transferred to public or private entities, if such an obligation results from generally applicable law, a final court judgment or a final administrative decision. 

Transfer of personal data to a third country

In connection with the Controller's use of the services provided by Google LLC, your personal data may be transferred to the following third countries: Great Britain, Canada, USA, Chile, Brazil, Israel, Saudi Arabia, Qatar, India, China, South Korea, Japan, Singapore, Taiwan (Republic of China), Indonesia and Australia. The basis for the transfer of data to the above-mentioned third countries are

  • in the case of the United Kingdom, Canada, Israel and Japan - a decision of the European Commission stating an adequate level of protection of personal data in each of the above-mentioned third countries;
  • for the USA, Chile, Brazil, Saudi Arabia, Qatar, India, China, South Korea, Singapore, Taiwan (Republic of China), Indonesia and Australia, adequacy Agreementual clauses in line with the standard Agreementual clauses set out in Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard Agreementual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Counci

You can obtain from the Controller a copy of the data transferred to a third country.

Permissions

In connection with the processing of personal data, you have the following rights:

  1. the right to be informed what personal data concerning you is processed by the Controller and to receive a copy of this data (the so-called right of access). Issuing the first copy of the data is free of charge, for subsequent copies the Controller may charge a fee;
  2. if the processed data becomes outdated or incomplete (or otherwise incorrect), you have the right to request its rectification;
  3. in certain situations, you can ask the Controller to delete your personal data, e.g. when:
    1. the data will no longer be needed by the Controller for the purposes of which it has informed;
    2. you have effectively withdrawn your consent to the processing of data - unless the Controller has the right to process the data on another legal basis;
    3. the processing is unlawful;
    4. the need to delete the data results from a legal obligation to which the Controller is subject;
  4. if personal data is processed by the Controller on the basis of the consent granted to the processing or in order to perform the Agreement concluded with him, you have the right to transfer your data to another Controller;
  5. if personal data is processed by the Controller on the basis of your consent to the processing, you have the right to withdraw this consent at any time (the withdrawal of consent does not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal);
  6. if you believe that the processed personal data are incorrect, their processing is unlawful, or the Controller no longer needs certain data, you can request that for a specified period of time (e.g. checking the correctness of the data or pursuing claims) the Controller does not perform any operations on the data, but only stores them;
  7. you have the right to object to the processing of personal data based on the legitimate interest of the Controller. In the event of an effective objection, the Controller will cease to process personal data for the above-mentioned purpose;
  8. you have the right to lodge a complaint with the President of the Office for Personal Data Protection if you believe that the processing of personal data violates the provisions of the GDPR.

Cookies

  1. The Controller informs that the Application uses "cookies" installed on your end device. These are small text files that can be read by the Controller's system, as well as by systems belonging to other entities whose services are used by the Controller (e.g. Facebook, Google).
  2. The Controller uses cookies for the following purposes:
    1. ensuring the proper operation of the Application – thanks to cookies, it is possible for the Application to operate efficiently, use its functions and conveniently move between individual subpages;
    2. increasing the comfort of using the Application – thanks to cookies, it is possible to detect errors on some subpages and constantly improve them;
    3. creating statistics – cookies are used to analyse the manner in which the Users of the Application use the Application. This makes it possible to constantly improve the Application and adapt its operation to the preferences of users;
    4. conducting marketing activities – thanks to cookies, the Controller can direct advertisements to users tailored to their preferences.
  3. Your Controller can place both permanent and temporary (session) files on your device. Session cookies are usually deleted when you close your browser, but closing your browser does not delete persistent cookies.
  4. Information about cookies used by the Controller is displayed in the panel located at the bottom of the website/footer of the Application. Depending on your decision, you can enable or disable cookies of particular categories (except for necessary cookies) and change these settings at any time.
  5. The data collected by means of cookies do not allow the Controller to identify you.
  6. The Controller uses the following cookies or tools using them:
TOOLSUPPLIERFUNCTIONS AND SCOPE OF DOWNLOADED DATADURATION
Strictly necessary cookiesControllerThe operation of these files is necessary for the proper functioning of the Application/Application website, therefore you cannot disable them. Thanks to these files (collecting, m.in, the IP number of your device), it is possible, m.in, to inform you about cookies running in the ApplicationMost of the necessary cookies are session cookies, but some remain on your end device for a period of 400 days or until they are deleted;
Google AnalyticsGoogleThis tool enables the collection of statistical data on the manner in which Users use the Application, m.in. the number of visits, the duration of visits, the search engine used, and location. The data collected helps to improve the Application and make it more user-friendlyup to 2 years or until they are removed (whichever occurs first)
Google Tag ManagerGoogleThis tool manages and deploys marketing and analytics tags (snippets of code) on the Application. It helps control various tracking codes and related code snippets that transmit data to third parties. GTM itself doesn't collect personal data, but it facilitates the deployment of other tracking tools that may collect such data.up to 2 years or until they are removed (whichever occurs first)
Google MapsGoogleThis tool provides interactive maps and location services within the Application. It collects data about user location (when permitted), search queries related to locations, and interactions with map features. This information helps provide accurate navigation, location-based services, and improve map functionality.up to 6 months or until they are removed (whichever occurs first)
Apple MapsAppleThis tool provides interactive maps and location services within the Application. It collects data about user location (when permitted), search queries related to locations, and interactions with map features to provide navigation and location-based services.up to 6 months or until they are removed (whichever occurs first)
Facebook PixelFacebookThis tool also allows us to determine that you have opened the App and to target you with advertisements displayed on Facebook and Instagram social networks and measure their effectiveness.up to 3 months or until they are removed (whichever comes first)
HotjarHotjar Ltd.This tool enables tracking user behavior through heatmaps, session recordings, and feedback tools. It collects data about how Users interact with the Application, including clicked areas, scroll depth, mouse movements, and form interactions. This information helps to understand user experience better and optimize the Application's interface. The tool does not collect or store any personally identifiable information.up to 365 days or until they are removed (whichever occurs first)
SentrySentry.io (Functional Software, Inc.)This tool enables real-time error tracking and performance monitoring of the Application. It collects technical data about application errors, crashes, and performance issues, including device information, browser type, and error stack traces. This information helps to identify, analyze and fix technical problems to ensure stable operation of the Application. The tool may collect IP addresses and user-agent strings, but does not collect personally identifiable information by default.up to 90 days or until they are removed (whichever occurs first)

7. Through most commonly used browsers, you can check whether cookies have been installed on your end device, as well as delete installed cookies and block their installation in the future by the Application. However, disabling or limiting the use of cookies may cause quite serious difficulties in using the Application, e.g. in the form of the need to log in on each subpage, longer loading period of the Application, limitations in the use of certain functionalities.

Final provisions

To the extent not regulated by the Policy, the generally applicable provisions on the protection of personal data shall apply. 

The policy is effective from 10.02.2025 r.

Ready to start
your adventure?

Embark on a journey to transform your racing skills with Vetkuro - where every lap counts and every second can be improved. Join and start optimizing your performance today!

Yes, let’s do it!
cta