Privacy Policy
Last Updated: March 2024
Tax Free Club is committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.
1. Information We Collect
We collect information from you in several ways:
Camera Access
To scan receipts and invoices, we request camera access on your mobile device. The camera data is processed locally on your device. Images are only uploaded to our servers when you choose to verify them.
Personal Information
When you create an account and use our service, we collect: name, email address, passport number, nationality, and country of residence.
Financial Information
To process refunds, we collect your IBAN bank account number for payment purposes.
Purchase Data
We collect scanned receipts and invoice details from your shopping activities.
Authentication Data
We use Google OAuth for sign-in. We collect data associated with your Google account for authentication purposes.
Device Information
We collect device information including push notification tokens and device identifiers.
2. How We Use Your Information
We use the collected information for the following purposes: Processing and verifying your tax-free refund claims; Scanning and OCR processing of receipts; Communicating with you about your refunds and account; Providing customer support; Complying with Polish and customs regulations; Preventing fraud and abuse; Improving our services.
3. Third-Party Service Providers
We share your data with the following third-party services to provide our service:
AWS (Amazon Web Services)
Hosting, authentication, and data storage in EU region eu-central-1. Data is stored securely in the European Union.
Google OAuth
Used for secure sign-in to your account.
KSeF
Polish national e-invoice system for invoice verification and validation.
PUESC
Polish customs system for tax-free claim submission and processing.
4. Legal Basis and Compliance
Tax Free Club is GDPR compliant. We are an EU-based service with data stored exclusively in the European Union. Our legal basis for processing your data includes: Your consent (for account creation and service provision); Performance of contract (to process your refund); Legal obligation (to comply with Polish tax-free law); Legitimate interests (to prevent fraud and improve services).
5. Your Data Rights
Under GDPR, you have the right to: Access your personal data and obtain a copy; Correct inaccurate or incomplete data; Request deletion of your data (right to be forgotten); Restrict processing of your data; Object to processing; Data portability; Withdraw consent at any time.
6. Data Shared with Authorities
As part of Polish tax-free law compliance, your data may be shared with Polish tax and customs authorities. This includes invoice information, refund claims, and personal identification details required for the official tax-free refund process.
7. Camera Data Processing
Receipt and invoice scanning is performed using on-device processing technology. Your photos are processed locally on your phone and are not transmitted to our servers unless you explicitly choose to verify them. You retain full control over what data you upload.
8. Data Retention
We retain your personal data as long as necessary to provide our service and comply with legal obligations. You may request deletion of your account and associated data at any time by contacting us.
9. Security
We implement industry-standard security measures to protect your information from unauthorized access, disclosure, alteration, and destruction. Your data is encrypted in transit and at rest.
10. Contact Us
If you have questions about our Privacy Policy or how we handle your data, please contact us at: Email: contact@tfc.eu
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by updating the "Last Updated" date at the top of this policy.