Aquafy Privacy Policy

Last updated: January 22, 2026

Dear User,

We make every effort to ensure the security and confidentiality of your personal data. We respect your privacy when you use the Aquafy mobile application (the "Application"). We process personal data in accordance with applicable laws, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR").

This Privacy Policy explains how and why your personal data is processed.

1. Data Controller

The controller of personal data processed within the Aquafy Application is:

Dawid Podolak Mobi-Software
Registered office: 37-100 Łańcut, Józefa Piłsudskiego Street, Poland
NIP: 7922231556, REGON: 363042253
Email: contact@aquafy.app

By using the Application, you accept the terms of this Privacy Policy.

2. Scope of Processed Data

2.1 Data provided by the User

  • email address (account registration, login, password recovery),
  • username (login),
  • aquarium-related data (e.g. type, volume),
  • aquarium journal data (water parameters, livestock, notes, photos).

2.2 Data processed automatically

  • device information (model, operating system),
  • IP address,
  • session identifiers,
  • system logs and crash reports.

3. Purposes of Data Processing

Personal data is processed in order to:

  • create and manage the User Account,
  • provide aquarium journal functionality,
  • synchronize data between devices,
  • ensure security and stability of the Application,
  • comply with legal obligations of the Controller.

4. Legal Basis for Processing

Personal data is processed on the basis of:

  • Article 6(1)(b) GDPR – performance of a contract,
  • Article 6(1)(c) GDPR – compliance with legal obligations,
  • Article 6(1)(f) GDPR – legitimate interests of the Controller (security, error monitoring),
  • Article 6(1)(a) GDPR – User consent (where applicable).

The User has the right to withdraw consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

5. Data Recipients

Personal data may be entrusted to:

  • IT infrastructure providers (Supabase – servers located in the EU),
  • error and performance monitoring providers (Sentry),
  • public authorities, where required by law.

Personal data is not transferred outside the European Economic Area (EEA), unless an adequate level of protection is ensured.

6. Data Retention

  • account-related data is stored for the duration of the User Account,
  • after account deletion, data is permanently removed, except where retention is required by law,
  • data may be stored in backups for a maximum of 30 days.

7. User Rights

The User has the right to:

  • access personal data,
  • rectify personal data,
  • erase personal data,
  • restrict processing,
  • object to processing,
  • data portability,
  • lodge a complaint with the President of the Personal Data Protection Office (Poland).

8. Voluntary Provision of Data

Providing personal data is voluntary, but necessary to create an account and use the Application. Failure to provide data will prevent the provision of services.

9. Data Storage Technologies

The mobile Application uses data storage technologies on the user’s device (e.g. session identifiers, local storage) to ensure proper operation and security.

10. Profiling and Automated Decision-Making

Personal data is not used for profiling or automated decision-making within the meaning of the GDPR.

11. Account Deletion

The User may delete their Account directly from within the Application or by contacting the Controller.

12. Contact

Any questions regarding this Privacy Policy or personal data processing may be directed to: contact@aquafy.app