Brook - Dog Breeding Management

1. Introduction

Welcome to Brook ("we", "our", or "us"). We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our dog breeding management platform at brook.pet (the "Service").

This policy complies with the General Data Protection Regulation (GDPR) and Polish data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

ALIAKSANDR CHYCHAYEU

ul. Domaniewska 47A, lok. 349

02-672 Warszawa, Poland

NIP: 5252931137

REGON: 523661426

Email: support@brook.pet

3. Information We Collect

3.1 Information You Provide

Account Information: Name, email address, password (encrypted)
Profile Information: Profile picture, preferred currency
Breeding Data: Dog information, puppy records, litter details, breeding records, health records, weight records, buyer information
Payment Information: Processed by Stripe (we do not store your card details)
Uploaded Files: Photos and documents you upload to the Service

3.2 Information Collected Automatically

Usage Data: Pages visited, features used, time spent on the Service
Device Information: Browser type, operating system, IP address
Cookies: See our Cookie Policy below

4. How We Use Your Information

We use your personal data for the following purposes:

Service Provision: To provide, maintain, and improve the Brook platform
Account Management: To create and manage your account
Payment Processing: To process your subscription payments via Stripe
Communication: To send you service-related emails, updates, and support responses
Security: To protect against fraud, abuse, and security threats
Legal Compliance: To comply with legal obligations and enforce our Terms of Service

4.1 Legal Basis for Processing (GDPR)

Contract Performance: Processing necessary to provide the Service
Consent: Where you have given explicit consent (e.g., cookies)
Legitimate Interests: To improve our Service and prevent fraud
Legal Obligation: To comply with tax and accounting laws

5. Data Sharing and Third Parties

We share your data only with trusted service providers:

Supabase (Database & Authentication)

Stores your account data and breeding records. Data is stored in secure EU-based servers.

Stripe (Payment Processing)

Processes subscription payments. Stripe handles all payment card data directly.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

6. Data Storage and Security

Your data is stored on secure servers located in the European Union. We implement industry-standard security measures including:

Encryption of data in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Regular security audits and updates
Access controls and authentication
Secure password hashing (bcrypt)

While we take reasonable measures to protect your data, no method of transmission over the internet is 100% secure.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you the Service. When you delete your account:

All personal data and breeding records are permanently deleted immediately
Uploaded files (photos, documents) are permanently deleted immediately
Some data may be retained for legal or accounting purposes (e.g., invoices) for up to 7 years as required by Polish law

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Delete your account and all associated data
Right to Data Portability: Export your data in JSON format
Right to Restrict Processing: Limit how we use your data
Right to Object: Object to data processing for certain purposes
Right to Withdraw Consent: Withdraw consent at any time
Right to Lodge a Complaint: File a complaint with your local Data Protection Authority

To exercise these rights, contact us at support@brook.pet or use the data export feature in Settings.

Polish Data Protection Authority (UODO):
ul. Stawki 2, 00-193 Warszawa, Poland
Website: uodo.gov.pl

9. Cookie Policy

We use cookies and similar technologies to provide and improve our Service. You can manage your cookie preferences through our cookie consent banner.

9.1 Types of Cookies We Use

Essential Cookies (Always Active)

Required for the Service to function. These cannot be disabled:

Authentication cookies (session management)
Security cookies (CSRF protection)
Cookie consent preferences

Analytics Cookies (Optional)

Help us understand how you use the Service. Currently not implemented.

Marketing Cookies (Optional)

Used for advertising purposes. Currently not implemented.

You can change your cookie preferences at any time through the cookie settings link in our footer.

10. International Data Transfers

Your data is primarily stored in the European Union. If data is transferred outside the EU, we ensure appropriate safeguards are in place as required by GDPR (e.g., Standard Contractual Clauses).

11. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our Service. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

ALIAKSANDR CHYCHAYEU

ul. Domaniewska 47A, lok. 349, 02-672 Warszawa, Poland

Email: support@brook.pet

NIP: 5252931137 | REGON: 523661426