Privacy Policy
Last updated: 28.02.2026
1. Personal Data Controller
The controller of your personal data processed in connection with using the INSPIHOME service is:
Company name: Ainax Kamil Cichocki (operating as INSPIHOME)
Contact email: contact@inspihome.com
Data Protection Officer: dpo@inspihome.com
2. Purposes and Legal Bases for Data Processing
We process your personal data for the following purposes and on the following legal bases:
Providing service features (user account, access to inspirations)
We process data necessary to create and maintain an account, login, subscription management, and providing service content.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance)
Payment processing and billing
Subscription payments are handled by Paddle.com Market Limited ("Paddle"), acting as Merchant of Record. INSPIHOME does not process card data — payment data is processed exclusively by Paddle. We retain transaction records necessary for accounting and tax purposes.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance), lit. c GDPR (legal obligation - accounting)
Communication with users
We process contact data to answer questions, handle complaints, send account-related notifications.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance), lit. f GDPR (legitimate interest)
Service analysis and optimization
We use Google Analytics to analyze website traffic, user behavior, optimize functionality and content (anonymized data).
Legal basis: Art. 6 para. 1 lit. a GDPR (consent - via cookies)
Marketing and personalization
We process data to personalize displayed content, recommend inspirations, and send marketing information (after consent).
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
3. Categories of Processed Personal Data
Depending on how you use the service, we may process the following categories of data:
- Identification data: first name, last name, email address
- Login data: username, encrypted password (or Clerk data - Google, Apple, Facebook)
- Payment data: transaction information (processed by Paddle as Merchant of Record)
- Behavioral data: saved inspirations, browsing history, likes, preferences
- Technical data: IP address, browser type and version, operating system, cookies
- Subscription data: selected plan, start date, subscription status
- Correspondence data: content of messages sent via contact form or email
4. Data Recipients (Processors)
Your personal data may be transferred to the following trusted entities supporting the service operation:
Clerk (clerk.com) - User Authentication
Managing user accounts, login, authentication via Google/Apple/Facebook. Clerk acts as a data processor.
Paddle (paddle.com) - Payment Processing & Sales
Processing subscription payments, issuing invoices, handling VAT, managing payment data. Paddle acts as Merchant of Record and independent data controller for payment data.
Google Analytics - Analytics
Website traffic analysis, anonymized user behavior data for service optimization.
Hosting Provider (Vercel/AWS/other)
Data storage on servers, providing technical infrastructure for the service.
5. Data Transfers to Third Countries
Some of the tools we use (Google Analytics, Clerk, Paddle) may transfer personal data to the United States or other countries outside the European Economic Area (EEA).
Data transfers are made only with appropriate safeguards in accordance with GDPR:
- Standard contractual clauses approved by the European Commission
- EU-US Data Privacy Framework adequacy decision for certified entities
- Additional technical and organizational measures ensuring a level of protection similar to EU standards
6. Data Retention Period
We retain your personal data for the following periods:
| Data category | Retention period |
|---|---|
| User account data | Until account deletion or 3 years from last activity |
| Payment data and invoices | 5 years from the end of the fiscal year (accounting obligation) |
| Analytics data (Google Analytics) | 26 months (then automatically deleted) |
| Data for marketing purposes | Until consent withdrawal or 3 years from last interaction |
7. Your Rights Related to Personal Data Protection
According to GDPR, you have the following rights:
Right of access to data (art. 15 GDPR)
You can obtain information about what personal data concerning you we process and receive a copy of such data.
Right to rectification of data (art. 16 GDPR)
You can request correction of incorrect or completion of incomplete personal data.
Right to erasure - "right to be forgotten" (art. 17 GDPR)
You can request deletion of your data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
Right to restriction of processing (art. 18 GDPR)
In certain situations, you can request restriction of processing your personal data.
Right to data portability (art. 20 GDPR)
You can receive your data in a structured, commonly used format and transfer it to another controller.
Right to object (art. 21 GDPR)
You can object to data processing for reasons related to your particular situation, when we process data based on legitimate interest.
Right to withdraw consent
You can withdraw consent to personal data processing at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To exercise the above rights, contact us at: contact@inspihome.com or dpo@inspihome.com
8. Automated Decision-Making and Profiling
The INSPIHOME service does not use automated decision-making, including profiling, that produces legal effects or similarly significantly affects users within the meaning of art. 22 GDPR.
9. Obligation to Provide Personal Data
Providing personal data (email address) is voluntary but necessary to create an account and use the full functionality of the service. Without providing this data, it will not be possible to create an account.
Lack of consent to processing data necessary for service provision will prevent use of the service. Consent to processing data for marketing and analytical purposes is voluntary and does not affect the ability to use basic service functions.
10. Source of Personal Data
We obtain personal data from the following sources:
- Directly from you - during registration, filling out forms, using the service
- From authentication service providers (Clerk, Google, Apple, Facebook) - if you use login through these platforms
- Automatically during service use - technical data, cookies, activity history
11. Data Security
We implement appropriate technical and organizational measures to ensure personal data security:
- SSL/TLS connection encryption (HTTPS)
- Secure password storage (hashing using bcrypt)
- Regular security updates and security audits
- Restricted access to personal data only for authorized persons
- Backups and disaster recovery procedures
12. Privacy Policy Changes
We reserve the right to make changes to this Privacy Policy. We will inform users about any significant changes through an announcement on the service homepage or an email message. Changes take effect on the date indicated in the update.
13. Contact Regarding Data Protection
If you have questions about personal data processing or wish to exercise your rights, contact us:
General email: contact@inspihome.com
Data Protection Officer: dpo@inspihome.com
Contact form: Fill out the form
14. Cookies
Detailed information about the use of cookies can be found in our Cookie Policy.