Privacy Policy

• This Privacy Policy defines the principles of processing and protection of personal data of TutLive platform users.

• The controller of your personal data is MEETZ SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (MEETZ LIMITED LIABILITY COMPANY) headquartered in Poznań (ul. Juliusza Słowackiego 55/1, 60-521 Poznań, Poland), registered in the National Court Register under number 0001051530, share capital: 8.7 thousand PLN, VAT ID: 7812055176, REGON: 526056312.

• Contact with the Controller is possible at email address: support@tutlive.com

• Identity data: name, surname, email address, age (for personalization of educational content)

• NOTE: We do NOT collect sensitive data (health, beliefs, biometric data)

• Educational data: learning level, subjects, AI session history, learning progress, educational preferences

• Technical data: IP address, browser information, cookies, device data

• Payment data: transaction information (processed by payment provider Stripe)

• AI interaction data: questions asked to AI tutor, responses, quality ratings (for algorithm improvement)

• Performance of contract - provision of AI tutoring services and personalization of educational content (art. 6 sec. 1 lit. b GDPR)

• Legitimate interest - analysis of AI service quality, platform security, algorithm development (art. 6 sec. 1 lit. f GDPR)

• Consent - marketing, Google Analytics 4 (currently disabled), non-essential cookies (art. 6 sec. 1 lit. a GDPR)

• Legal obligation - accounting, consumer protection, children's online safety (art. 6 sec. 1 lit. c GDPR)

• Provision of AI tutoring services - content personalization, difficulty level adjustment, progress tracking

• User account management, payment and subscription handling

• Communication with users, technical and educational support

• Development and improvement of AI algorithms - analysis of teaching method effectiveness in anonymous and aggregated manner (basis: legitimate interest)

• Marketing (with consent) - newsletter, educational offers, information about new features

• Google Analytics 4 (with consent) - traffic analysis, functionality optimization - CURRENTLY DISABLED

• Ensuring platform security, abuse detection, minor protection

• Account data: until account deletion or 2 years from last activity

• Educational data and AI interactions: 2 years from last session (necessary for algorithm improvement and security)

• Payment data: according to tax regulations (5 years from transaction)

• Marketing data: until consent withdrawal or 2 years from last contact

• System and security logs: 12 months (protection against abuse)

• Children data 4-12 years: full parental control, automatically deleted after 2 years of inactivity or upon request

• Youth data 13-15 years: mandatory parental supervision, maximum until 16th birthday

• Youth data 16-17 years: control by minor, parents have right to access and deletion

• Parental supervision: parents/guardians have full access and right to delete children's data until 16th birthday

• Automatic deletion: system automatically deletes expired data according to above terms

• After account deletion request: personal data deleted immediately (maximum 30 days), accounting data according to legal requirements

• Payment providers (Stripe) - transaction processing, PCI DSS compliant

• IT service providers - Google, Fly, Vercel

• AI providers - Google for tutoring functionality

• Security providers - protection against attacks, content moderation

• Government authorities - only based on legal provisions or court order

• All providers operate under GDPR-compliant data processing agreements and ensure appropriate level of protection