Privacy Policy
Table of Contents
1. Introduction & Legal Basis
This Privacy Policy (the "Policy") explains how Ievgen Mazur (the "Controller") processes personal data in connection with the website stlviewer.online (the "Service").
This Service complies with:
- RODO/GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council.
- Polish Law: The Act on the Protection of Personal Data of 10 May 2018 (Journal of Laws 2018, item 1000).
- Electronic Communications: The Polish Electronic Communications Law regarding cookie management.
2. Data Controller Information
The Administrator (Controller) of your personal data is:
- Name: Ievgen Mazur
- Address: [TBD], Poland
- General Inquiry Email: [email protected]
- Data Rights (RODO) Email: [email protected]
3. Scope and Purpose of Data Processing
We process your data only for the following purposes:
| Category of Data | Purpose of Processing | Legal Basis (RODO) |
|---|---|---|
| Email Address | Account registration, authentication, and password recovery. | Art. 6(1)(b) – Necessity for performance of a contract. |
| Uploaded Files (STL, 3MF, etc.) | Providing the viewing and sharing functionality you requested. | Art. 6(1)(b) – Necessity for performance of a contract. |
| Technical Logs (IP, User-Agent) | Ensuring website security and preventing DDoS attacks via Cloudflare. | Art. 6(1)(f) – Legitimate interest (security). |
| Usage Statistics (Anonymous) | Monitoring server load and file upload/download frequency. | Art. 6(1)(f) – Legitimate interest (optimization). |
| Payment Data (Future) | Processing subscriptions via Stripe. | Art. 6(1)(c) – Compliance with legal (tax) obligations. |
4. Data Retention Period
- Anonymous Models: Automatically deleted after the period you select (max 7 days).
- Account Data: Stored until you delete your account or withdraw your consent.
- Technical Logs: Stored for a period of up to 30 days unless a security incident requires a longer investigation.
- Financial Records: Once paid plans are active, billing data will be stored for 5 years from the end of the calendar year in which the tax payment was due, as required by Polish tax law.
5. Data Recipients
Your data is shared only with trusted service providers acting as Data Processors:
- Cloudflare: For file storage, CDN, and security (EU-based instances where available).
- Supabase: For user authentication and database management.
- Stripe (Future): For payment processing.
We do not sell, rent, or share your personal data with third parties for marketing purposes.
6. Your Rights Under RODO
You have the following rights regarding your personal data:
- Right of Access: To receive a copy of your data.
- Right to Rectification: To correct inaccurate data.
- Right to Erasure ("Right to be Forgotten"): To request deletion of your account and files.
- Right to Restriction: To limit how we process your data.
- Right to Data Portability: To receive your data in a structured, machine-readable format.
- Right to Object: To object to processing based on legitimate interest.
To exercise these rights, please email [email protected]. We will respond within 30 days.
7. Right to Lodge a Complaint
If you believe that the processing of your personal data violates RODO, you have the right to lodge a complaint with the Polish supervisory authority:
Prezes Urzędu Ochrony Danych Osobowych (PUODO)
ul. Stawki 2, 00-193 Warsaw, Poland
Website: https://uodo.gov.pl
8. Cookies and Technical Data
We use essential cookies and similar browser storage to maintain your login session, keep the service secure, and preserve essential application state.
- Requirement: These technologies are necessary for the service to function (Art. 173 paragraph 3 of the Telecommunications Act).
- Scope: We do not use optional analytics, marketing, or advertising cookies.
- Banner Function: The cookie banner is informational and records acknowledgement of this notice; it does not offer in-app controls to disable required technologies.
- CCPA Transparency: We do not sell or share personal information for cross-context behavioral advertising.
- Management: You can block cookies via your browser settings, but this may prevent sign-in and other core security functions from working properly.
9. Content Disclaimer & User Responsibility
The Service is a neutral hosting provider. The Controller does not verify the content of uploaded models. Users are strictly prohibited from uploading:
- Files containing sensitive personal data or biometrics.
- Intellectual property they do not own.
- Illegal or harmful content.
10. Age Restriction
The Service is intended for users 18 years of age and older. By creating an account, you confirm you meet this age requirement.
11. Contact
For any legal inquiries regarding these Terms, please contact:
Email: [email protected]