KSeF mandatory from April 1, 2026 — get prepared before it's too late

Privacy Policy

Last updated: March 15, 2026

1. Data Controller

The data controller is KursKSeF, operator of kursksef.pl. Contact: kontakt@kursksef.pl.

2. Data We Collect

We collect the following data:

  • Email address — provided during account registration or newsletter signup
  • Google data — name and email when signing in via Google OAuth
  • Payment data — processed by Stripe. We do not store card details
  • Analytics data — anonymous visit statistics (Vercel Analytics)

3. Purpose of Processing

We process data to:

  • Deliver the service — access to the online course
  • Process payments
  • Send newsletters (with consent)
  • Improve the service based on anonymous statistics

4. Legal Basis

Processing is based on: contract performance (Art. 6(1)(b) GDPR), consent (Art. 6(1)(a) GDPR), and legitimate interest (Art. 6(1)(f) GDPR).

5. Data Recipients

Data may be shared with:

  • Supabase (Singapore/EU) — database hosting and authentication
  • Stripe (USA) — payment processing
  • Vercel (USA) — website hosting
  • Google (USA) — OAuth sign-in
  • Resend (USA) — email delivery

6. Retention Period

We retain data for the duration of your account. Newsletter data — until you unsubscribe. Billing data — as required by tax law (5 years).

7. Your Rights

You have the right to: access, rectification, erasure, restriction, portability, and objection. Contact: kontakt@kursksef.pl.

8. Cookies

We use essential cookies for session authentication. We do not use advertising or tracking cookies.