PRIVACY POLICY OF THE SOURCE OF WISDOM (SOW) APPLICATION

Your data is safe with us. We care about making sure you know what happens to it and why. That’s why we’ve written this Policy in a simple and transparent way – just like the Terms of Use of the Source of Wisdom Application, which (we hope) you’ve already read.

This Privacy Policy is a document linked to the Terms of Use available at http://sow.game/rules?language=en_US. Definitions of terms used in the Privacy Policy are included in the Terms of Use, so we won’t repeat them here. The provisions of the Terms of Use apply accordingly.

This Policy is informational in nature and fulfills the obligations arising from the GDPR (Regulation 2016/679, General Data Protection Regulation).

1. DATA CONTROLLER AND DATA PROTECTION OFFICER

Who is behind the Application and your data?

It’s us – Getloyalty spółka z ograniczoną odpowiedzialnością, headquartered at Rogoźniczka 25A (21-560), registered under KRS number: 0000865949, REGON: 387349381, NIP: 5372655645, with share capital of PLN 30,000.

How can you contact us?

You can contact us by email (kontakt@sow.game), by phone (514 861 770), or via the form in the Application.

2. SCOPE, PURPOSES, LEGAL BASES AND RETENTION PERIODS

First of all, remember that providing personal data within the Application is voluntary, but failure to do so may prevent us from contacting you or creating your Account.

How do we process your data?

Below we list the main data operations. At any time, you can ask us for more details (e.g. specific legal bases, retention periods, categories of recipients) – see the section How to exercise your rights.

Providing access to the Application

Data: IP address.

Legal basis: necessity for the performance of a contract (Art. 6(1)(b) GDPR).

Retention: until the expiration of claims related to access to the Application; if further processing is not needed – deletion no later than 3 months after obtaining the IP address.

Creating an Account (User)

Data: username, email, avatar, Google/Apple identifiers, age range.

Legal basis: Art. 6(1)(b) GDPR.

Retention: until the expiration of claims; if further processing is not needed – deletion immediately after account removal.

Child-dedicated Account (subaccount)

Data: username, avatar, email, Google/Apple identifiers, age range.

Legal basis: Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (our legitimate interest – providing the Application to the Child according to the parent/guardian’s instruction).

Retention: same as above – until the expiration of claims; if not needed – deletion immediately after account removal.

Managing Accounts (Users and Children)

Data: username, avatar, age range and other voluntary data provided in the Application.

Legal basis: Art. 6(1)(b) GDPR.

Retention: until the User deletes the Account and the expiration of claims; if not needed – deletion no later than 1 month after account removal.

Technical support

Data: IP address, Account data, contact details.

Legal basis: Art. 6(1)(f) GDPR (our legitimate interest – providing support).

Retention: for the duration of support expected by the User.

Newsletter

Data: email address.

Legal basis: Art. 6(1)(f) GDPR (our legitimate interest – communication about the Application and offers, according to User preferences/consents).

Retention: until consent is withdrawn, newsletter unsubscribed, or effective objection; after unsubscribing, you can still use the Application.

Contact and inquiry handling

Data: first name, email, phone number, other voluntarily provided data in the form.

Legal basis: Art. 6(1)(f) GDPR (our legitimate interest – correspondence handling).

Retention: until the end of correspondence or effective objection.

Analytics and cookies

Data: IP address, online identifiers, cookies, according to your selection in the cookie banner.

Legal basis: Art. 6(1)(a) GDPR (consent).

Retention: until consent is withdrawn or data becomes obsolete.

Note: details (categories, providers, durations) can be found in the cookie banner.

Personalized ads

Data: IP address, cookies accepted in the banner.

Legal basis: Art. 6(1)(a) GDPR (consent).

Retention: until consent is withdrawn or data becomes obsolete.

Accounting (invoices/receipts)

Data: first name, last name, address, tax ID (NIP) and other data required by law.

Legal basis: Art. 6(1)(c) GDPR in connection with tax law provisions.

Retention: 5 years from the end of the year in which the document was issued.

Claim pursuit or defense

Data: first name, last name, address, phone number, email and other data necessary to establish or defend claims.

Legal basis: Art. 6(1)(f) GDPR (our legitimate interest – protection or pursuit of claims).

Retention: until the expiration of limitation periods.

Note: personal data will be processed only if there is an actual need to protect or pursue claims. Otherwise, it will be deleted within the standard periods mentioned above.

Managing our social media

Data: first name, last name, username, your image.

Legal basis: Art. 6(1)(f) GDPR (our legitimate interest – promoting our activity and building our brand, as well as maintaining contact with our audience).

Retention: until the data becomes obsolete or until interaction within the social media channel ends.

3. CATEGORIES OF DATA RECIPIENTS AND TRANSFER OUTSIDE THE EEA

Who may receive personal data?

Our trusted partners:

  • IT providers (hosting, maintenance, technical support),
  • entities providing traffic analysis and marketing solutions,
  • payment providers,
  • communication tool providers (e.g. newsletter/notification delivery),
  • accounting office,
  • entities supporting us in fulfilling legal obligations,
  • public authorities – when required by law.

These entities process data only on our instruction or as independent controllers within the scope defined by law.

Your data does not leave the EEA.

If data is transferred outside the EEA, we will apply appropriate safeguards (e.g. standard contractual clauses or participation in the Data Privacy Framework). We will inform you in advance about such transfer.

4. SECURITY OF YOUR DATA AND YOUR RIGHTS

What rights do you have regarding your data?

  • access to your personal data and rectification,
  • erasure (“right to be forgotten”),
  • restriction of processing,
  • data portability,
  • objection to processing (including direct marketing),
  • withdrawal of consent at any time (without affecting the lawfulness of processing before withdrawal),
  • filing a complaint with the supervisory authority.

You can file a complaint with the President of the Personal Data Protection Office (uodo.gov.pl). For all other matters, just contact us using the details in section 1 of this Policy.

What about the security of your data?

We apply technical and organizational measures to ensure confidentiality, integrity, and accountability of data, including SSL certificates. The personal data set is stored on a secured server. Our internal procedures and information security policies also protect your data.

5. OTHER DATA AND COOKIES

What other data do we collect and process?

When you use our Application, server logs are recorded in the background. These are technical details generated automatically with each visit. They may include: your device’s IP address, date and time of connection, referring page address, browser information, and any system errors.

What are cookies?

We use two types of cookies:

  • session cookies – disappear after closing the browser,
  • persistent cookies – remain on the device until deleted.

Cookies are safe and do not identify you or collect personal data. They do not contain viruses or give access to your device.

6. POLICY CHANGES

When we update the Policy, we will inform you in the Application, and if you have an Account – also by email, indicating the scope of changes.

Version date: October 15, 2025

Discord Privacy Policy Platform Rules
Copyright 2025 © Back In My Day

To see more, get our application...