Privacy Policy & Terms of Use
Last updated: 2026-05-09
Who we are
Dom Bohaterów (House of Heroes) is a family chore app. The data controller is the app owner (house.of.heroes.support@gmail.com).
What data we collect
Your family token, optional family nickname, member display names and avatars, encrypted PINs, your duties and rewards, and optional photos used as proof of duty completion.
Why we collect it
Solely to make the app work: remember your duties, track points, deliver notifications. We don't sell data and we don't show ads. We use two lightweight technical tools — Vercel Analytics (anonymous traffic stats, no cookies) and Sentry (error reports, no personal data) — both GDPR-compliant and only used to fix bugs faster.
Legal basis for processing
We process family-member data on the basis of GDPR Art. 6(1)(b) (performance of the service contract — without this data the app cannot work). Anonymous traffic stats and error reports (Vercel Analytics, Sentry) rely on Art. 6(1)(f) (legitimate interest — service security and quality). We don't run marketing and don't ask for separate consent.
Where we store it
Data lives on Supabase + Vercel infrastructure in the European region (Frankfurt). Sentry (error reports) and Vercel Analytics (traffic stats) are two additional data processors that only receive anonymised technical information. All connections use HTTPS.
Processors and recipients
We use the following processors: Supabase (database and files, EU-Frankfurt region), Vercel (hosting and CDN, EU-Frankfurt + cookieless analytics), Sentry (error reports, EU region), RevenueCat (IAP receipt validation — only for parents who buy Premium), Apple App Store and Google Play (in-app payments), Google reCAPTCHA (form bot protection). Push notifications go directly from our server (VAPID) — no third-party push service.
International transfers
The main database and files don't leave the EU. RevenueCat, Google reCAPTCHA, Apple and Google process some data in the US — we rely on those providers' Standard Contractual Clauses (SCCs) and Data Privacy Framework (DPF) certifications. Full list of recipients is in the section above.
Cookies and browser storage
We only use strictly-necessary cookies: dom_bohaterow_session (encrypted session, HttpOnly, 30 days), fam (pins the device to a family), fam_lang (chosen UI language). No marketing or tracking cookies — that's why you don't see a consent banner.
How long we keep it
Duty proof photos are auto-deleted after 7 days. Inactive families (60 days without login) are deleted in full. Accounts deleted on request are removed within 24 hours (GDPR Art. 17 — right to be forgotten).
Your rights
You have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and to object (Art. 21) to legitimate-interest processing. To exercise any of these rights, email house.of.heroes.support@gmail.com — we reply within 30 days. We don't make automated decisions about you and don't profile users.
Complaint to a supervisory authority
If you believe we're processing your data unlawfully, you can lodge a complaint with the Polish supervisory authority — President of the Personal Data Protection Office (UODO, ul. Stawki 2, 00-193 Warsaw, uodo.gov.pl) — or with the supervisory authority in your EU country of residence.
Children's data
The app is designed for family use under a parent's supervision. The parent creates the family account, accepts this policy, and enters their children's data acting on the children's behalf (GDPR Recital 38 — special protection for children's data). We don't collect data directly from children, and children don't have standalone accounts. A parent can remove a child's profile from the Panel at any time, or delete the whole family by emailing house.of.heroes.support@gmail.com.
Security and breach notification
PINs are stored as bcrypt hashes, all connections use TLS, and photos sit in storage scoped to your family. In the event of a personal data breach we'll notify the supervisory authority within 72 hours (GDPR Art. 33) and you, without undue delay, when the risk to you is high.
Data Protection Officer
The app is run by a solo developer, so under GDPR Art. 37 we are not required to appoint a Data Protection Officer. All privacy matters go directly to the controller — email house.of.heroes.support@gmail.com.
Contact
Questions? Email house.of.heroes.support@gmail.com.
Terms of Use
App provided "as is"
House of Heroes is a hobbyist family app provided "as is" and "as available," without warranty of any kind, express or implied — including merchantability, fitness for a particular purpose, accuracy of insights or recommendations, and non-infringement. The author makes no promise that the app will meet your needs, be uninterrupted, secure, free of bugs, or always behave as expected. You use the app at your own risk.
Service availability
The author may modify, suspend, or discontinue any part of the app — including paid features (lifetime premium unlock, AI Recommendations reports) — at any time. We will try to give at least 30 days' notice (via in-app banner or email to the support address) before permanently shutting down the service, but cannot guarantee that this will always be possible. Downtime, bugs, or unavailability of third-party services (Supabase, Google Gemini, Apple App Store, Google Play, Vercel, etc.) are outside the author's control and do not entitle the user to compensation.
AI reports — for reflection, not advice
AI reports (the "AI Recommendations" feature) are produced by Google Gemini using anonymised aggregate data. They are informational and reflective in nature — not professional parenting, psychological, medical, legal, or any other expert advice. Treat them as conversation starters or inspiration, not prescriptions. AI may make mistakes, exhibit biases, or hallucinate content that doesn't match reality. We make no guarantee that the report's recommendations are accurate, suitable, or safe to follow.
Limitation of liability
To the fullest extent permitted by applicable law, the author shall not be liable for any direct, indirect, incidental, consequential, or special damages arising from your use of (or inability to use) the app — including loss of data, lost profits, business interruption, or emotional distress — even if the author has been informed of the possibility of such damages. The author's total cumulative liability for any claim relating to the app shall not exceed the amount you paid in the app in the 12 months preceding the claim (for free users: zero). This clause does not limit consumer rights that cannot be waived under mandatory applicable law.
Payments and refunds
All in-app purchases (lifetime premium unlock, individual AI Recommendations reports) are processed by Apple App Store or Google Play. Refunds are governed by their respective policies and must be requested directly through them — the author has no technical means to issue refunds. Prices are set within Apple/Google's published tiers and may change; previously-completed purchases are not affected by future price changes.
Ending your use
You may stop using the app at any time. You can permanently delete your family's data via Panel → "Delete Family." The author may suspend or terminate access to your family's data if you violate these terms or applicable law, if there is suspected fraud, or if continued operation poses a security risk to the system. We will try to give at least 30 days' notice except in cases of suspected fraud, security threat, or government request.
Governing law
These terms and your use of the app are governed by Polish law. Disputes that cannot be resolved informally are subject to the jurisdiction of the Polish courts having jurisdiction over the author's place of residence. If you are a consumer habitually resident outside Poland (especially in the EU), you may benefit from additional rights under your local consumer-protection laws — this clause does not waive or limit those rights.
Changes to these terms
These terms may change. We will announce material updates via in-app banner or email to the support address. Continued use of the app after the changes take effect constitutes acceptance of the revised terms. If you disagree with the updated terms, stop using the app and optionally delete your family's data.