Privacy Policy

Techstack sp. z o.o. is a company registered in Poland (European Union). For purposes of applicable data protection laws, Techstack sp. z o.o. acts as the data controller for personal data processed through Pigmo.

Pigmo backend systems and primary databases are hosted in Amazon Web Services (AWS) data centers located in the European Union.

• Personal data is primarily stored in the EU.
• EU-level data protection standards apply to our infrastructure.
• Cross-border transfers may occur only when necessary (e.g., certain third-party providers).

Where international transfers occur, we implement appropriate safeguards consistent with applicable data protection laws.

We collect only the data necessary to operate Pigmo.

3.1 Parent Account Information

When a parent or guardian creates an account, we may collect:

• Name
• Email address
• Authentication provider (Apple / Google / email login)
• Internal account identifier

This data is used to authenticate users and provide access to the App.

3.2 Child Profile Information

Parents may create child profiles that may include:

• First name or nickname
• Age
• Avatar or profile image
• Task history
• Virtual coin balance
• Reward history
• Activity logs

We do not require:

• Last names
• Home addresses
• Precise geolocation
• School information

Child profile data is used solely to enable task tracking, reward management, and personalization inside the App. Children cannot independently register accounts.

3.3 Photos and Media Content

Parents may upload images, including child profile photos and reward-related images. Images are stored using secure third-party infrastructure (such as Cloudinary).

Uploaded media:

• Is used solely within the account environment
• Is not publicly displayed
• Is not sold
• Is not used for advertising
• Is not used to train external AI models

Parents may delete uploaded images at any time.

3.4 Virtual Coins and In-App Balances

Pigmo tracks virtual coins and reward balances associated with child profiles. These balances:

• Exist solely within the App
• Have no real-world monetary value
• Are stored as internal account data

3.5 Push Notifications

Pigmo may send push notifications related to task completion, reward approvals, reminders, and account activity. To enable push notifications, we process:

• Device push tokens
• Notification preferences
• Associated account identifiers

Push notifications are delivered via Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM). We do not use push notifications for third-party advertising.

3.6 Usage and Device Information

We automatically collect limited technical data such as device type, operating system, app version, IP address, crash logs, and anonymous analytics events. This data helps us improve performance, fix errors, detect abuse, and enhance user experience. Analytics data is aggregated where possible.

We use personal data only for:

• Providing task and reward tracking functionality
• Maintaining accounts and child profiles
• Managing subscriptions
• Enabling media storage
• Sending service-related notifications
• Improving App performance
• Ensuring security
• Complying with legal obligations

We do not sell personal data. We do not use personal data for behavioral advertising.

Where applicable, processing is based on:

• Performance of a contract (providing the App)
• Legitimate interests (security, fraud prevention, improvement)
• Legal obligations (tax, accounting, regulatory compliance)
• User consent (where required)

Parents act as the decision-makers for creation and management of child profiles.

Pigmo is designed for use by parents and caregivers. We do not knowingly collect personal data directly from children without parental involvement.

Child profile data:

• Is entered and controlled by parents
• Is limited to minimal necessary information
• Is not used for advertising
• Is not sold
• Is not shared for marketing purposes

If you believe that we have collected child data improperly, please contact us and we will delete it promptly.

We may share limited personal data with:

• AWS (hosting infrastructure in the EU)
• Cloudinary (media storage)
• Analytics providers
• Customer support tools

All service providers are contractually bound to process personal data only for specified purposes and to maintain appropriate security safeguards. We do not sell personal data.

Because our servers are located in the European Union, personal data is primarily processed within the EU.

If data is transferred outside the EU or your country of residence, we implement appropriate safeguards such as:

• Standard Contractual Clauses
• Contractual data protection obligations
• Encryption and technical security measures

We retain personal data only as long as necessary:

• Account data: until account deletion
• Child profiles: until deleted by parent or account deletion
• Uploaded images: until deleted by user
• Virtual coin history: while account is active
• Transaction records: as required by law
• Analytics logs: limited retention period

Users may delete their account through App settings or by contacting support.

We implement industry-standard safeguards including:

• Encryption in transit (TLS)
• Encryption at rest where applicable
• Secure AWS EU infrastructure
• Access controls
• Monitoring and logging
• Restricted internal access

While no system is completely secure, we take reasonable measures to protect personal data.

Depending on your jurisdiction, you may have the right to:

• Access personal data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Lodge a complaint with a supervisory authority

To exercise your rights, contact us at the email below.

Apple and Google may independently collect data related to app downloads. Their data practices are governed by their respective privacy policies.

We may update this Privacy Policy periodically. Material updates may be communicated within the App or via our website. Continued use of the App after updates constitutes acceptance of the revised Policy.