Privacy Policy

Last updated: 9 June 2026

This policy explains how Lirota processes data in connection with the use of our tool for anonymous, directional measurement of team mood. We care about privacy by design — participants' answers are collected in a non-identifying way and presented only in aggregate.

ContentsController What data Anonymity Purposes Recipients Your rights Cookies

1. Who is responsible for your data

The controller of the personal data processed in the service is Piotr Sobiegała, who operates Lirota at Olimpijska 15a/4 in Bytom, Poland. For any matter related to data protection or to exercise your rights, you can write to contact@lirota.com — we respond without undue delay.

2. What data we process

Decision-maker account (manager / team lead) — email address and the credentials needed to sign in, handled by our authentication provider.
Participant answers — only directional choices (better / same / worse) across four dimensions. At this step we do not collect names, email addresses or other identifying data.
Technical data — e.g. IP address, device and browser information, and cookies, to the extent needed for the service to work and to keep it secure.

3. Participant anonymity

Participants' answers are not linked to specific people and are presented to the decision-maker only in aggregated form. For very small teams we note that an aggregated distribution naturally carries more information — so we flag when a group is small enough that results should be interpreted with caution.

4. Purposes and legal bases

We process data in accordance with the GDPR (Regulation 2016/679), for the following purposes:

providing the service and managing the account — Art. 6(1)(b) (performance of a contract);
security, abuse prevention and aggregated statistics — Art. 6(1)(f) (legitimate interest);
analytics and functional cookies — Art. 6(1)(a) (your consent), which you can withdraw at any time.

5. Recipients and transfers

Data may be entrusted to trusted processors that support the service — in particular providers of infrastructure, hosting and authentication (including services from the Google Firebase family). These entities act under data-processing agreements. Some providers may process data outside the European Economic Area; in that case transfers rely on standard contractual clauses or other mechanisms provided for by the GDPR. We do not sell data.

You have the right to access your data, rectify it, erase it, restrict processing, port it, object to processing based on legitimate interest, and withdraw consent (without affecting the lawfulness of processing before withdrawal). To exercise these rights, write to contact@lirota.com. You also have the right to lodge a complaint with the relevant supervisory authority (in Poland, the President of the Personal Data Protection Office).

7. Retention

We keep account data for as long as you use the service and, afterwards, for the period needed for settlements or to defend against claims. Aggregated measurement results are kept in line with the purpose of the service, and technical data and logs for a limited time needed for security.

8. Cookies

The service uses cookies. The rules for their use and how to manage consent are described in detail in our Cookie Policy.

9. Changes to this policy

We may update this policy, e.g. due to changes in the service or the law. The current version is always available here, with the date of the last update.

This document is informational and is a template tailored to the nature of the service. We recommend having it reviewed by a lawyer before production use.