Privacy Policy


 §.1 Preliminary provisions

1. All capitalized terms and phrases have a specific meaning assigned to them in the Regulations of providing electronic services, available at

2. Prior to using the Platform, Application and other services provided by Tecra sp.z o.o., the User is obliged to read the content of this Privacy Policy and to accept its terms.

3. The Privacy Policy applies only to the processing of personal data, the administrator of which is Tecra spółka z o.o. based in Kraków, entered in the register of entrepreneurs under KRS number: 0000752946, NIP 5993235626, with the share capital of PLN 6,000 paid in full (hereinafter referred to as: "Service Provider" or "Administrator").

4. The Administrator is not responsible for the links that allow the User to go directly to websites that are not administered by Tecra sp.z o.o.

5. The Administrator has implemented technical and organizational measures to protect Users' personal data against unauthorized access, unlawful use or disclosure.

6. The administrator does not offer services to people under 18 years of age.

7. The content of the Privacy Policy may change. After each change, a new version of the Privacy Policy will be published at and presented to the User.


§2. personal data controller

1. The Service Provider is the administrator of personal data of Users who are natural persons.

2. The Service Provider processes personal data in accordance with applicable law, including the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 ("GDPR").

3. Any questions regarding the processing of personal data by the Service Provider should be sent by e-mail to the following address: [email protected], or in writing to the address of the registered office.

§3. General rules of using the Platform

1. The Administrator provides the User with the possibility of using the services in an anonymous manner, however, in order to gain access to the Platform and its functionalities, Registration is required.

2. Providing personal data by the User is voluntary, with the proviso that failure to provide certain data may prevent Registration, and thus the use of the Platform or some of its functionalities.

3. By registering an account on the platform the user agrees to receive the newsletter to the specified e-mail address.

4. The Administrator processes data on the Users’ interaction with the administered websites, Platform and other services, including: information on the device and login, date, time of visit and the IP number of the device from which the connection was made, data on the website traffic statistics, traffic to and from individual sites, number of clicks, time spent on individual pages, type and version of the operating system, device location data.

5. The Administrator receives Users' personal data from payment service providers, i.e. entities that enable the User to make online payments for services provided by the Administrator. The Administrator receives information identifying the User, information about the transaction (amount, account number, type of service).

6. The Administrator may receive personal data from other entities operating platforms, websites, and social media, i.e. Facebook, Google or Twitter. If the User logs in via the above-mentioned platforms / websites, the administrator receives personal data such as: e-mail address, gender, user ID, date of birth, automatically generated login.

7. If an entity other than a natural person or an entrepreneur grants access to the Platform to a natural person, the Administrator may process the personal data of employees, associates, representatives, proxies who are responsible for managing the Account.

8. If an entity other than a natural person or an entrepreneur grants access to the Platform to a natural person, the Administrator may process ordinary personal data of employees, associates, representatives, proxies actually responsible for managing the Account.

§4. Purposes and legal grounds for the processing of personal data

1. The user may be asked to consent to the processing of personal data or may provide their personal data on their own and voluntarily (e.g. filling in an optional field in the form). Then the legal basis for the processing of personal data is Art. 6 sec. 1 lit. a) GDPR (i.e. User's consent). In particular, consent may be given for the purpose of sending newsletters. Expressing consent is always voluntary. The User may withdraw his consent at any time. Withdrawal of consent does not affect the lawfulness of the processing of personal data that took place before the consent was withdrawn.

2. The Administrator processes personal data due to the need to provide Services, including enabling the use of the website and the Platform. By accepting the Regulations for the provision of services, the User concludes a contract for the provision of electronic services, therefore the User's personal data to the extent necessary for the implementation of the Services indicated in the Regulations are processed on the basis of art. 6 sec. 1 lit. b) GDPR. As part of the contract, the User's personal data, in particular, such as: name, surname, e-mail address are processed.

3. Personal data may be processed on the basis of art. 6 sec. 1 lit. c) GDPR, that is due to the need to fulfill legal obligations imposed on the Administrator (e.g. tax and archiving obligations).

4. The administrator may process personal data pursuant to art. 6 sec. 1 lit. f) GDPR, i.e. when it is necessary for the purposes of the legitimate interests pursued by the administrator or by third parties. On the basis of a legitimate interest in the form of the implementation of the agreement with the represented institution, the Administrator processes the data of the User representing a legal person, entrepreneur or other organizational unit.

On the basis of a legitimate interest, the Administrator processes personal data for marketing purposes, including profiling and displaying personalized offers, advertisements and other services on own websites and on the Internet. The Administrator's legitimate interest is also to customise the marketing content in accordance to the User's interests. Based on the legitimate interest, the administrator processes personal data for the purpose of analytics, market and opinion research, including research and analysis of traffic on the Platform. It is also legitimate to improve content and services. On the basis of a legitimate interest, the administrator also processes personal data of persons actually managing the Account.

The administrator may also process personal data for the purposes of asserting rights and defending against claims as well as administrative or criminal liability, for evidence and archival purposes. On the basis of a legitimate interest, system logs and other personal data may be processed in order to ensure the security of the Services and IT systems provided, the security of sessions and the detection of abuses on the Platform.

As part of the legitimate interest, the Administrator may also make functions offered by social networking sites (eg. "Like" buttons) available as a part of the Administrator's services and transfer selected Usage data to the operators of these sites. In this case, the legitimate interest is to increase the attractiveness of services.

5. The administrator, pursuant to art. 6 sec. 1 lit. c) GDPR processes the User's personal data in connection with the necessity to counteract money laundering and terrorist financing. Tecra Ltd. is an obligated institution in the light of the provisions on counteracting money laundering / terrorist financing, which means that to the extent necessary for Tecra Ltd. to fulfill its obligations under the Act of March 1, 2018 on counteracting money laundering and financing of terrorism, Tecra Ltd. is entitled to take the following actions:

a) identification and verification of recipients and the use of appropriate means of verifying their identity, depending on the risk assessment, to obtain data on the identity of the recipient.

b) Tecra Ltd. may also take actions aimed at determining the actual beneficiary in relation to the recipient within the meaning of the provisions on counteracting money laundering and terrorist financing, such as:

I. ongoing monitoring of business relations with the User, as well as research on the source of funds and purpose of transfer, recipients

II. obtaining information about the purpose and nature of the business relationship planned by the User,

III. conducting other activities required by the provisions on counteracting money laundering and terrorist financing,

IV. determining whether the payment to the bank account of Tecra Ltd. is made by the User via the User's bank account.

c) The User undertakes to immediately provide Tecra Ltd. with information or documents necessary for Tecra Ltd. to fulfil its obligations under the regulations.

d) In order to exercise the rights referred to above and other provisions of the Regulations, Tecra sp.z o.o. verification of the User's personal data.

e) The User's verification is necessary in order for the User to make transactions, including purchase, exchange, and sale of virtual currency.

f) Verification of a User who is a natural person requires the submission of a copy, scan or presentation of a document confirming the User's identity, as well as the following User's data:

I. first and last name,

II. citizenship,

III. address,

IV. country of birth,

V. declaration of a “politically exposed person” (PEP) status,

VI. phone number,

VII. date of birth,

VIII. PESEL (if any).

g) In the case of Users who are foreigners without a PESEL number, the equivalent of this number should be provided or a declaration of the lack of a PESEL number should be presented.

h) Verification of a User who is not a consumer requires an extract from the Register of Entrepreneurs or the National Court Register of the entity along with the following data:

I. business activity data,

II. tax identification number (NIP),

III. company registration number (REGON),

IV. number of the National Court Register (KRS)

V. and a document confirming the identity of the authorized representative, containing the following data: 

  • first name and last name,

  • citizenship,

  • address,

  • country of birth,

  • declaration of a “politically exposed person” (PEP) status,

  • date of birth,

  • PESEL (if any).

i) In the case of persons authorized to represent the User, who are foreigners without a PESEL number, the equivalent of this number should be provided or a declaration of the lack of a PESEL number should be submitted.

j) In addition, in order to carry out the verification process, the User must provide Tecra with a document confirming his identity or send a scan or photo in .jpg or .png format via the form on the website. Scan / photo of the document.

k) The identity document must meet the following conditions: data on the document must be clear, all edges of the document must be visible, none of the data may be obscured. The file must not contain any traces of digital processing (e.g. painting elements with a graphics program), it is permissible to place a watermark.

l) Confirmation of the identity of the User or the person representing the User may be based on photos in .jpg or .png format, a bill (for electricity, water, gas, etc.), an agreement with a public trust institution or an official letter on which the recipient's address details are displayed along with the name and surname and date of preparation (not older than 6 months).

§5. Data sharing

1. The Administrator, to the extent necessary for the performance of the Agreement, including the provision of services provided via the Platform, may disclose the User's personal data to other Platform Users (in particular, in the case of providing personal data to the Creator in connection with the desire to involve the Investor in the Project or to evaluate the Project. by advisers). Some information may also be publicly available to Internet users (e.g. in the case of publishing information about the Project and members of the Project development team).

2. The User's personal data may be made available at the request of public authorities or other entities authorized to such access under the law.

3. Entities providing services to the Administrator, in particular IT service providers, have access to the User's personal data. The Administrator has concluded appropriate agreements with these entities, the subject of which is to protect the User's data against access by unauthorized persons.

4. Some of the entities providing services to the Administrator may store User's data outside the European Economic Area. In such cases, the User's data may be stored in countries that provide an adequate level of personal data protection, or in countries that do not provide such a level. In the second case, the Administrator secures personal data by concluding contracts with service providers containing the so-called Standard Contractual Clauses approved by the European Commission, which guarantee adequate protection of Users' data in third countries.

5. Personal data may also be made available to other recipients, e.g. banks, law firms, obligated institutions providing virtual currency exchange services.

6. The administrator may disclose anonymous collective statements and statistical statements regarding, for example, the number of people visiting websites, using the Platform. These data, however, do not allow the identification of individual Users and do not constitute personal data.

§6. User rights

1. In terms of the processing of personal data, the User has the following rights:

a) the right to access the User's personal data;

b) the right to request the rectification of incorrect personal data and supplementing of incomplete personal data;

c) the right to request the restriction of personal data processing;

d) the right to request the transfer of personal data;

e) the right to withdraw consent to the processing of personal data (which does not affect the processing of personal data before the consent is withdrawn);

f) the right to request the deletion of personal data;

g) the right to object to the processing of personal data.

2. The User has the right to lodge a complaint with the President of the Personal Data Protection Office.

3. In order to exercise the rights it User should contact the Service Provider via [email protected]

§7. Personal data storage limitation

1. The administrator stores personal data for the time necessary to achieve the purposes for which the personal data was collected. After this period, the data is deleted or anonymized in such a way that makes it impossible to determine the User's identity. Personal data may be stored longer if such an obligation results from legal provisions or it is necessary for the defense or pursuit of claims or defense against claims, including administrative or criminal liability.

2. Personal data collected in order to perform the contract will be processed for the duration of the contract and until the expiry of the limitation period for claims under the agreement.

3. Personal data processed on the basis of consent is stored until the consent is withdrawn.

4. If personal data is processed in order to implement a legitimate interest, the data is stored until the legitimate interest is fulfilled or until the objection raised by the User is accepted.

5. The Administrator does not process the User's personal data for a longer period than is necessary to achieve the specific purpose for which the personal data was obtained. 

§8. Cookie policy

1. The administrator uses "cookie" mechanisms. Cookies are text files saved on the User's end device, they are used to identify the User's browser. They are used to provide the administrator with statistical information on User traffic, Users' preferences and activities, and the manner in which the Website and Platform are used.

2. Thanks to "cookies", it is possible to adjust the content of the Website and services to the User's preferences. Information enabling direct identification of the User, i.e. name and surname, home address, e-mail address or telephone number, is not collected via "cookies".

3. Most of the "cookies" are so-called session cookies, which are automatically deleted from the hard drive after the end of the session (i.e. after logging out or closing the browser window). Some of the "cookies" enable recognition of the User's terminal equipment when visiting the Website again - they are not deleted automatically, they are saved on the terminal equipment. In the case of mobile devices, as in the case of stationary devices, the mechanism of accepting "cookies" has been used, which allows storing information related to a given User.

4. The administrator uses "cookies" in order to:

a) User authentication and enabling logging into the Account;

b) adjusting the services to the User's preferences;

c) conducting analyzes and research on the performance of the Website / Platform and methods of using the Website;

d)ensuring the security of the Website / Platform;

e) conducting marketing activities and providing the User with advertisements tailored to the preferences.

5. Some "cookies” in browsers are used for marketing purposes. The administrator may use "cookies" for statistical purposes by measuring the display of advertisements appearing on the Website, on the Platform and the number of clicks in the content.

6. Cookies enable profiling of Users, that is, creating a profile, including understanding what content the User may be interested in and displaying advertisements based on these interests.

7. The administrator uses "cookies", plugins and other social tools provided by social networking sites such as: Facebook, Twitter, Instagram and Google. When using the Administrator's Website, the User's browser will establish a direct connection with the servers of social network administrators (service providers), thanks to which they receive information that the User uses the Administrator's Website, even if he or she does not have a profile with a given service provider or is not currently logged in. This information, along with the IP address of the User's device, is transferred to the server of a given service provider and stored there. It should be emphasized that some servers are located outside the European Economic Area, e.g. in the USA. In this case, personal data is transferred to third countries where there are possibilities to exercise the rights of data subjects and effective legal remedies, where the administrator and the service provider ensure adequate security of personal data through the application of binding corporate rules or approved standard data protection clauses.

8. The use of the "Like" or "Share" buttons by the User will result in sending relevant information directly to the given service provider, which may lead to their publication on the given social network.

9. With regard to the transfer of personal data to service providers, the administrator and service providers jointly administer the User's personal data, whereby the User should exercise their rights directly in relation to the appropriate service provider. The purpose and scope of data collection and their further processing and use by service providers, as well as the possibility of contact and the User's rights in this regard and the possibility of making settings to protect the User's privacy are described in the privacy policy of individual service providers:



10. The User has the option of disabling cookies in their browser. This may cause difficulties in handling the services provided through the Website. Saved cookies can be deleted by using the appropriate features of the web browser, programs or tools available as part of the operating system used by the User.

11. Lack of changes to the browser settings will result in the "cookie" files being automatically placed on the User's terminal equipment. Failure to make changes to the browser settings resulting in disabling the acceptance of "cookies" and the simultaneous use of the Website / Platform entails the User's consent to placing and reading cookies and consent to the use of similar technologies by the Administrator in accordance to the terms described in the Privacy Policy.

12. Due to the variety of browsers and applications used to operate websites, the management of "cookies" may differ depending on the browser used, therefore, before using the Website/Platform, it is recommended to familiarise oneself with the methods of managing the privacy/security functions:

Mobile devices:

13. To clear data from mobile applications, depending on the system installed on the mobile device, one is required to:

  • In the case of the Android operating system: go to Settings, go to Application, search for the application, select Memory and select "Clear data".

  • In the case of iOS: it is not possible to clear application data. The only solution is to remove and reinstall the application.