Privacy Policy

Last updated: 9 June 2026

1. Data Controller

The controller of personal data processed via this website (mikr.app) is:

2. What we process and why

• Billing data (name, e-mail, company, address, VAT/NIP) — provided at checkout. Purpose: issuing the licence and a VAT invoice. Legal basis: Art. 6(1)(b) and (c) GDPR (contract and legal obligation).
• Licence-delivery data (e-mail) — to send the licence key and update notifications. Legal basis: Art. 6(1)(b) GDPR.
• Technical / analytics data (IP address, browser, page usage) — collected via cookies, only with your consent. Legal basis: Art. 6(1)(a) GDPR.

MikroTik Manager is self-hosted software. Data about your routers and your network is processed entirely within your own installation — we never receive or store it.

3. Cookies

We use analytics cookies (Google Analytics 4), loaded only after your explicit consent. Umami analytics runs without cookies. See our Cookie Policy for the full list. You can change your choice anytime via “Cookie settings” in the footer, or open the settings panel now.

4. Recipients and processors

• Stripe Payments Europe, Ltd. (Ireland) — payment processing.
• Amazon Web Services (SES, eu-central-1 / Frankfurt) — transactional e-mail delivery.
• ifirma S.A. (Poland) — invoicing.
• Google LLC — only with your consent; data may be transferred outside the EEA under the European Commission’s Standard Contractual Clauses.
• State authorities — to the extent required by law (e.g. the tax office).

5. Retention

• Billing / invoice data — 5 years, in line with tax law.
• Analytics cookies — up to 2 years, or until you withdraw consent.
• E-mail correspondence — up to 3 years from the last contact.

6. Your rights

Under the GDPR you have the right to: access your data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), and withdrawal of consent at any time (without affecting the lawfulness of processing before withdrawal). You may also lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw.

To exercise any of these rights, write to ihor@hreskiv.pl.

7. Data Processing Agreement (B2B)

Enterprise customers who require a Data Processing Agreement (DPA) can request one at ihor@hreskiv.pl.

8. Changes to this policy

We may update this policy from time to time. The current version, with its date, is always available on this page.