English

Last updated: 09.12.2025

1. Introduction

This Privacy Policy describes how In & Out (“we”, “our”, “us”) processes the personal data of app users. We process data in accordance with GDPR and the requirements of the Apple App Store.

2. What Data We Collect

We collect only the data necessary for the app to function, authenticate users, process transactions, and personalize services.

2.1 Login Data

From login providers (Apple, Google, Facebook), we may receive:

  • full name (optional)

  • email address

  • user identifier

We do not have access to your password.

2.2 Internal Identifiers

We generate data such as:

  • user identifier (User ID)

  • device identifier (Device ID)

Used for account management and app functionality.

2.3 Location Data

With your consent, we may process precise or approximate location data in order to:

  • provide location-based features

  • increase service relevance

  • send contextual notifications

We do not share location data with third parties or use it for advertising tracking.

2.4 Payment Identifiers (Stripe)

We do not collect:

  • card numbers

  • CVV codes

  • expiration dates

  • bank account details

All sensitive data is processed by Stripe.

We process only non-sensitive payment identifiers, such as customer tokens or payment methods, for the purpose of:

  • enabling payment processing

  • verifying the ability to complete a transaction

  • billing support

These tokens do not allow card data to be recovered.

2.5 Order History

We collect order information for the purpose of:

  • fulfilling orders

  • customer support

  • personalization

2.6 Diagnostic Data

We collect error reports and technical data to improve app stability. Where possible, this data is not linked to your identity.

3. How We Use Data

3.1 App Functionality

In particular for:

  • authentication

  • order fulfillment

  • communications and notifications

  • transaction handling

  • ensuring service security

3.2 Personalization

We use data for:

  • content customization

  • recommendations

  • contextual notifications

3.3 Security and Fraud Prevention

Data may be processed in order to prevent abuse, ensure transaction security, and comply with obligations arising from laws or payment operator requirements.

4. What We Do Not Do

We do not:

  • sell data

  • share data with advertisers

  • share data with venues or shopping malls

  • use advertising SDKs

  • perform cross-app or cross-site tracking

5. Legal Basis for Processing

  • Performance of a contract

  • Legitimate interest (security and abuse prevention)

  • Consent (location and notifications)

6. Data Sharing

Data may be shared only with:

  • Stripe — payment processing

  • Apple / Google / Facebook — login

  • Infrastructure providers (e.g. AWS) — hosting

We do not share data with marketing entities, venues, or shopping malls.

7. Data Retention Period

We retain data for as long as necessary to provide services, fulfill legal obligations, and resolve disputes. You may request deletion of your data.

8. Your Rights

You have the right to:

  • access your data

  • rectification

  • erasure of data

  • data portability

  • restriction of processing

  • object

  • withdraw consent

  • lodge a complaint

Contact: support@innout.pl

9. Security

We apply industry-standard security measures, including encryption, tokenization, and abuse detection mechanisms.

10. Changes

This Policy may be updated. We will notify you of significant changes within the app.

11. Contact

📧 support@innout.pl
🏢 Inspiration Vibes Sp. z o.o.,
Aleja Powstania Warszawskiego 15,
31-539 Kraków,
Poland
NIP: 6751439343

© 2026 In & Out | Inspiration Vibes