Who is the Controller?
The data controller is Moja Ohana Mnich spółka jawna, ul. Bolesława Prusa 1/34, 50-319 Wrocław, KRS 0001103755, NIP 8982307499, REGON 528563786. Dedicated privacy contact: privacy@mojaohana.com. We have not appointed a Data Protection Officer (Art. 37 GDPR). (“Controller,” “we,” “us”.)
Scope of this Policy:
This document applies solely to the “MOJA OHANA” mobile application (iOS/Android) and the related infrastructure (API, hosting, backups). The Policy does not cover the online store located at https://mojaohana.com/where other digital and physical products are offered, nor does it cover the course platform.
Glossary of abbreviations and definitions:
3.1. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation).
3.2. UPK – Polish Consumer Rights Act of 30 May 2014 (Dz.U.2024.1796 consolidated text of 2024-12-06).
3.3. UŚUDE – Polish Act of 18 July 2002 on the Provision of Services by Electronic Means (Dz.U.2024.1513 consolidated text of 2024-10-14).
3.4. UGC – any data and materials entered or uploaded by the User (e.g., family-relationship data, notes, test responses, files, reflections, narratives, resource chest).
3.5. Special categories of data / “Sensitive data” – data listed in Art. 9 GDPR (e.g., data concerning health, sexuality, worldview/beliefs).
3.6. Personalisation/AI – generation of analyses, recommendations, and guidance based on the User’s data; without legal effects within the meaning of Art. 22 GDPR (see §14).
3.7. Profiling – any automated processing of personal data consisting of the use of such data to evaluate certain personal aspects of a natural person (e.g., preferences, behaviour, health). In the “Moja Ohana” App profiling is “soft” (matching educational content) and does not result in decisions producing legal effects or similarly significant impacts (more in §14).
3.8. Partner – e.g., an employer/insurer providing access to the Moja Ohana App.
3.9. Retention – the period of storing data (and how data are deleted/anonimised) for a given processing purpose.
3.10. Privacy-by-design – data protection by design and by default.
3.11. Accountability (Art. 5(2) GDPR) – the obligation to demonstrate compliance with GDPR principles (audit trails and evidence).
Where do we obtain data from?
4.1. Directly from you — registration, tests, completing the family tree, journal, narratives, reflections, files, photos (including in the resource chest), consents.
4.2. Automatically — technical logs, telemetry, crash reports (for security and maintenance).
4.3. From a Partner (if you use employee/insurance access) — only activation identifiers and statuses; no UGC and no results. We do not obtain results, tests, or UGC from the Partner, nor do we share any UGC-type data, test results, etc., with the Partner.
General processing principles
5.1. Minimisation & privacy-by-design – we process only what is necessary for modules to function. We do not combine sensitive data from the App with marketing data from the Store without your consent.
5.2. Service for 18+ users.
5.3. We process special categories of data only on the basis of a separate, explicit consent (the checkbox is not pre-ticked). You may withdraw consent at any time (this option is available in the App).
What do we store locally on the device?
Some or all UGC (e.g., journal reflections, narratives, files, photos in the resource chest, data in the genosociogram) may be stored exclusively locally on your phone. Uninstalling the app/clearing app data may lead to irreversible loss of such records — we have no technical ability to restore them (we recommend making your own copy, e.g., screenshots for personal use).
Data categories and processing purposes in the App

Purpose	Scope	Legal basis	Retention	Recipients
App account	email/external login, password/token, language, settings	Art. 6(1)(b) GDPR	until account deletion + up to 6 months for logs	hosting, auth provider
Subscription	transaction identifier, plan, status (no card data)	Art. 6(1)(b), (f) GDPR	term of contract + limitation period	Apple/Google, payment operator, accounting
Tests/questionnaires	test responses (UGC), potentially including special-category data	Art. 6(1)(b) + Art. 9(2)(a) GDPR (separate consent)	until account deletion/consent withdrawal	hosting (if you synchronise)
Genosociogram/Family tree	family relationships entered by you; we recommend pseudonymising third-party data	Art. 6(1)(b) + Art. 9(2)(a) GDPR (if you enter special-category data)	until account deletion/consent withdrawal	hosting (if you synchronise)
Journal/Narratives/Resource chest	your entries (UGC) which may reveal emotional/health state	Art. 6(1)(b) + Art. 9(2)(a) GDPR	until account deletion/consent withdrawal	hosting (if you synchronise)
Personalisation/AI	input data from tests/UGC in pseudonymised form; test result + tree data sent only after consents	Art. 6(1)(b); for special categories: Art. 9(2)(a) GDPR	until account deletion/consent withdrawal; backups rotate 30–90 days	trusted AI/hosting sub-processors (EEA/SCC)
Push notifications	device push identifier	Art. 6(1)(a) GDPR (consent)	until consent withdrawal	Apple/Google push service
Telemetry/security	event logs, fingerprinting within the law, crash reports	Art. 6(1)(f) GDPR (security)	12–24 months	hosting, anti-abuse tools

Fields such as “Nickname” may remain strictly local, even if you enter a third party’s data there. (This setting follows privacy-by-design and data minimisation.)

Additional legal bases:
8.1. Contract – provision of App functions (account, subscription, tests, app modules) – Art. 6(1)(b) GDPR.
8.2. Consent – push notifications, modules that may include Art. 9 data (tests, tree, journal, narratives, resource chest), external marketing analytics – Art. 6(1)(a) and Art. 9(2)(a) GDPR.
8.3. Legitimate interests – security, telemetry, defence of claims – Art. 6(1)(f) GDPR.
8.4. Legal obligation – accounting/taxes – Art. 6(1)(c) GDPR.
“Modular” consents and their withdrawal
9.1. Consent for special-category data (Art. 9) – granted before launching modules that may reveal such data (tests, journal, narratives, resource chest, genosociogram). Withdrawal disables the modules going forward and does not affect the lawfulness of processing before withdrawal.
9.2. Consent for personalisation/AI – granted before sending the test result and tree data. It may be a one-time consent for the “personalisation” category and cover subsequent sessions until withdrawn.
Data recipients / processors
Data may be entrusted to vetted providers: hosting (EEA), backups, CDN, authentication, payment operators (Apple/Google), email/SMS (upon consent), push (Apple/Google), telemetry/crash reports, law firms, helpdesk — solely under data processing agreements and after assessing security measures (TOMs).
Transfers outside the EEA/UK
Where processing occurs outside the EEA (e.g., the USA), we use Standard Contractual Clauses / the EU-US Data Privacy Framework (where applicable) and supplementary measures (encryption, minimisation, retention). We inform about categories of providers in the register of processors available upon request.
Retention (how long we keep data).
12.1. Account: until deletion + up to 6 months for logs.
12.2. Subscriptions and settlements: term of contract + limitation period; accounting documents – 5 years.
12.3. UGC/App: until account deletion/consent withdrawal; backups rotate every 30–90 days.
12.4. Telemetry/security: 12–24 months.
Your rights (Arts. 15–22 GDPR).
You have the right of access, copy, rectification, erasure (“right to be forgotten”), restriction, portability (for data you provided), objection (Art. 6(1)(f)), withdrawal of consents at any time, and to lodge a complaint with the President of the Polish DPA (PUODO). Please send requests to privacy@mojaohana.com; we respond without undue delay, no later than within 1 month (may be extended up to 2 months for complex requests).
AI, Personalisation, and no automated decision-making (Art. 22 GDPR).
We process data you enter in the app (including, upon your explicit consent, information about health/psychological state and your test result) to tailor educational materials (e.g., meditations, guidance, etc.). For this we use an external content-processing service acting as our processor. Data sharing for model training is disabled. We apply data minimisation, in-transit encryption, and retention limited to what is necessary. If processing occurs outside the EEA (e.g., the USA), we use SCCs and/or the EU-US DPF and supplementary measures. Personalisation may constitute profiling within the meaning of the GDPR, but it does not lead to decisions producing legal effects or similarly significantly affecting you (Art. 22 GDPR does not apply).
Consents:
15.1. Special-category data (Art. 9 GDPR) — explicit consent prior to starting the test;
15.2. Personalisation/content generation — separate consent prior to sending the test result and tree data. You may withdraw consents at any time. This will disable functions that require such consents. The “Nickname” field is used solely within the app and is not transmitted to external content-processing services.
Minimisation and pseudonymisation
We encourage pseudonymising third parties in the tree (initials, approximate dates). Data may be aggregated/anonimised for statistics and algorithm development in a manner that prevents identification (after proper anonymisation). Third-party data are entered by the User. If you create a genosociogram, you are required to pseudonymise third-party data. Do not enter special-category data of third parties together with their personal identifiers.
Security
TLS in transit, encryption at rest (where applicable), access controls and restrictions, event logging, updates and reviews, privacy-by-design/default. Incidents are handled by the privacy team; where required, we will notify the Polish DPA (PUODO) of a breach and inform affected individuals.
Push notifications and device identifiers.
We send them only upon your consent; you can withdraw consent in the system settings or within the App. We process the device push identifier and your preference settings.
The App may be purchased solely via the App Store or Google Play.
For purchases made in these stores, the respective Apple/Google platform rules apply with regard to settlements/invoicing/refunds/right of withdrawal, etc. We receive only the data necessary to verify the subscription status (e.g., transaction identifier, validity status); we do not have access to card data.
Changes to the Policy.
We may update the Policy for important legal/organizational/technological reasons; for material changes affecting ongoing services, we will notify you at least 14 days in advance on a durable medium (email/Account). Archived versions are available upon request.
Reviews.
We inform whether and how we verify that reviews originate from customers who have made a purchase. If no verification is performed, we display an appropriate notice.
What rights do you have in connection with the processing of your personal data?
The GDPR grants you the following potential rights in relation to the processing of your personal data:
a. the right of access to your data and to obtain a copy thereof;
b. the right to rectification (correction) of your data;
c. the right to erasure (if, in your view, there is no basis for us to process your data, you may request that we delete it);
d. the right to restriction of processing (you may request that we limit processing exclusively to storage or to actions agreed with you if, in your opinion, we hold inaccurate data or process it without a proper basis);
e. the right to object to the processing of data;
f. the right to data portability;
g. the right to withdraw consent to the processing of personal data if you have previously given such consent;
h. the right to lodge a complaint with a supervisory authority (if you find that we process data unlawfully, you may lodge a complaint with the President of the Personal Data Protection Office or another competent supervisory authority).
. Cookies and similar technologies in the App.
The mobile App does not use browser cookies. However, we use similar technologies (SDKs/device identifiers, in-app storage) for the following purposes:
a. Strictly necessary: login and session maintenance (tokens in the Keychain/Keystore), security, verification of purchases in the App Store/Google Play, handling push notifications;
b. Analytics and diagnostics (with your consent or in a configuration strictly necessary for security): stability statistics, errors, performance;
c. Marketing (only if you give consent; iOS: additionally ATT).
You can manage your preferences in Settings → Privacy. We do not combine security tokens with advertising identifiers. Push content does not contain special-category data.
Tokens and security.
We store authentication tokens and session identifiers locally (Keychain/Keystore) solely to ensure account access and security. Tokens are encrypted (stored in the Keychain/Keystore and transmitted over an encrypted channel (TLS)) and are not shared with advertising entities.