Privacy Policy
Last updated: April 6, 2026
This Privacy Policy explains how MyLibrary ("we", "us", or "our") collects, uses, and protects your personal information when you use our services.
1. Data Controller
The controller of your personal data is:
- MyLibrary Sp. z o.o.
- Email: CONTACT_EMAIL_PLACEHOLDER
Data Protection Officer
DPO Contact: CONTACT_EMAIL_PLACEHOLDER
2. Data We Collect
We may collect the following types of information:
| Data Type | Examples |
|---|---|
| Account Information | Name, email, password (hashed), birth date |
| Usage Data | IP address, browser type, pages visited, reading progress |
| Payment Information | Processed by our payment processors (we don't store full card details) |
| Content Data | Books downloaded, reading preferences, bookmarks |
| Communication Data | Emails, support tickets, survey responses |
3. Purposes of Processing
We process your data for:
| Service Provision | To provide and maintain our services |
| Account Management | To manage your user account |
| Communication | To contact you with important notices |
| Improvements | To improve our services and develop new features |
| Security | To prevent fraud and ensure system security |
| Legal Compliance | To comply with legal obligations |
4. Legal Basis for Processing
Under GDPR, we process data based on:
| Consent | For marketing communications and cookies (where required) |
| Contract | To fulfill our service agreement with you |
| Legal Obligation | For tax and accounting purposes |
| Legitimate Interest | For service improvements and security |
5. Data Sharing and Transfers
We may share your data with:
| Service Providers | Payment processors, hosting providers, analytics services |
| Legal Authorities | When required by law or to protect our rights |
| Business Transfers | In case of merger, acquisition, or asset sale |
Some partners may be outside the EU. We ensure adequate protections through Standard Contractual Clauses or other approved mechanisms.
6. Data Retention
We retain your data:
| Account Data | Until account deletion (plus 3 years for legal compliance) |
| Usage Data | 26 months from collection |
| Payment Records | 10 years for accounting purposes |
| Communication Data | 5 years from last contact |
7. Your Rights
Under GDPR, you have the right to:
| Access | Request a copy of your personal data |
| Rectification | Correct inaccurate or incomplete data |
| Erasure | Request deletion under certain conditions |
| Restriction | Limit processing of your data |
| Portability | Receive your data in a structured format |
| Object | Object to certain types of processing |
| Withdraw Consent | Withdraw previously given consent |
To exercise these rights, please contact us at CONTACT_EMAIL_PLACEHOLDER. We will respond within 30 days.
8. Cookies and Tracking
We use cookies and similar technologies to:
| Essential | For core functionality (always active) |
| Preferences | To remember your settings |
| Analytics | To understand how users interact with our service |
| Marketing | To show relevant ads (with your consent) |
You can manage cookies through your browser settings or our cookie consent tool.
9. Security Measures
We implement appropriate technical and organizational measures including:
| Encryption | Data in transit and at rest |
| Access Controls | Strict access limitations |
| Regular Audits | Security assessments and testing |
| Staff Training | Data protection awareness programs |
10. Children's Privacy
Our service is not directed to children under 16. We do not knowingly collect data from children without parental consent.
11. Policy Changes
We may update this policy. Significant changes will be notified via email or service announcement.
12. Contact Us
For privacy-related inquiries:
- Email: CONTACT_EMAIL_PLACEHOLDER