Polityka Prywatności (Privacy Policy)

Ostatnia aktualizacja: 16 stycznia 2026

1. Data Controller (Administrator Danych)

Name: JobStack / KobeeCloud
Business Type: Jednoosobowa Działalność Gospodarcza (JDG)
Address: [Your business address]
NIP: [Your tax ID]
Email: privacy@jobstack.pl

2. What Data We Collect

2.1 Account Information

When you create an account, we collect:

• Email address (required)
• Password (hashed, never stored in plain text)
• User role (candidate or employer)
• Full name (optional for candidates, required for employers)
• Company information (for employers only)

Legal Basis: Contract (Article 6(1)(b) GDPR) - necessary to provide the service

2.2 Profile Information

Candidates may optionally provide:

• Resume/CV
• Skills
• Work experience
• Location preferences

Legal Basis: Consent (Article 6(1)(a) GDPR)

2.3 Automatically Collected Data

We automatically collect:

• IP address (for security and analytics)
• Browser type and version
• Device information
• Pages visited
• Time spent on site
• Referral source

Legal Basis: Legitimate Interest (Article 6(1)(f) GDPR) - to improve service and prevent abuse

2.4 Cookies

We use cookies for authentication, preferences, and analytics. See our Cookie Policy for details.

3. How We Use Your Data

4. Data Sharing & Recipients

We share data with:

Supabase (Database & Authentication)

• Purpose: Data storage and authentication
• Location: EU (Frankfurt, Germany)
• GDPR Compliant: Yes
• Privacy Policy: https://supabase.com/privacy

Vercel (Hosting)

• Purpose: Website hosting
• Location: EU (Frankfurt, Germany)
• GDPR Compliant: Yes
• Privacy Policy: https://vercel.com/legal/privacy-policy

Google OAuth (Optional Login)

• Purpose: Authentication
• Data: Email, name (only if you choose Google login)
• Privacy Policy: https://policies.google.com/privacy

5. Data Retention

6. Your Rights Under RODO/GDPR

You have the following rights:

Right of Access (Article 15 GDPR)

Request a copy of all data we hold about you.

How: Email privacy@jobstack.pl with subject "RODO: Access Request"

Timeline: We respond within 30 days

Right to Rectification (Article 16 GDPR)

Correct inaccurate or incomplete data.

How: Update in your account settings or email us

Right to Erasure / "Right to be Forgotten" (Article 17 GDPR)

Request deletion of your data.

How: Delete your account or email privacy@jobstack.pl

Right to Data Portability (Article 20 GDPR)

Receive your data in a structured, machine-readable format (JSON, CSV).

Right to Lodge a Complaint

If you believe we violated RODO, you can complain to:

Polish Supervisory Authority (PUODO):
Urząd Ochrony Danych Osobowych
ul. Stawki 2, 00-193 Warszawa
Phone: +48 22 531 03 00
Email: kancelaria@uodo.gov.pl
Website: https://uodo.gov.pl

7. Data Security

We protect your data with:

• ✅ Encryption in transit (HTTPS/TLS)
• ✅ Encryption at rest (database encryption)
• ✅ Password hashing (bcrypt)
• ✅ API authentication (API keys, sessions)
• ✅ Row-Level Security (RLS) in database

Note: No method is 100% secure. We cannot guarantee absolute security.

8. Children's Privacy

JobStack is NOT intended for children under 16.

We do NOT knowingly collect data from children. If you believe we have data from a child, contact us immediately.

9. Contact Us

For privacy questions or to exercise your rights:

Email: privacy@jobstack.pl
Subject: Start with "RODO:" for faster processing
Response time: 30 days

By using JobStack, you acknowledge that you have read and understood this Privacy Policy.

Last Updated: January 16, 2026
Version: 1.0