Understand Your dreams with our interpretations.

Privacy Policy

The following Privacy Policy outlines the rules for storing and accessing data on Users’ Devices when using the Website, to enable the provision of services electronically by the Administrator, as well as the rules for collecting and processing personal data voluntarily provided by Users through tools available on the Website.

This Privacy Policy is an integral part of the Website Terms of Service, which defines the rules, rights, and obligations of Users utilizing the Website.

§1 Definitions

  • Website – the online service “DREAMORA.app”, operating at https://dreamora.app
  • External Website – websites of partners, service providers, or clients cooperating with the Administrator.
  • Website/Data Administrator – the entity responsible for the Website and personal data processing (hereinafter “Administrator”) is “ZP20 Piotr Markowski”, conducting business at Al. KEN 36 / 112B, WARSAW, with the Tax Identification Number (NIP): 9482256434, providing electronic services through the Website.
  • User – a natural person for whom the Administrator provides services electronically through the Website.
  • Device – an electronic device, along with software, through which the User accesses the Website.
  • Cookies – text data stored in the form of files placed on the User’s Device.
  • GDPRRegulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation).
  • Personal Data – information related to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be directly or indirectly identified, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more specific factors defining the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  • Processing – any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  • Processing Restriction – marking stored personal data to limit its future processing.
  • Profiling – any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
  • Consent – a voluntary, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • Personal Data Breach – a security breach leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.
  • Pseudonymization – the processing of personal data in such a way that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and is subject to technical and organizational measures ensuring its non-attribution to an identified or identifiable natural person.
  • Anonymization – an irreversible process applied to data that destroys or overwrites personal data, preventing identification or association of a specific record with a particular user or natural person.

§2 Data Protection Officer

Under Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer (DPO).

For matters related to data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

  • Internal Cookies – files placed and read from the User’s Device by the Website’s IT system.
  • External Cookies – files placed and read from the User’s Device by external service providers’ IT systems integrated into the Website via installed scripts or services.
  • Session Cookies – files stored and read only during an active session, which are deleted once the session ends.
  • Persistent Cookies – files stored and read until manually deleted by the User or when their expiration date is reached.

If the User’s Device settings automatically delete cookies after a session ends, persistent cookies will also be removed accordingly.

§4 Data Storage Security

Storage and Retrieval Mechanisms for Cookies

The mechanisms for storing, reading, and exchanging data between cookies stored on the User’s Device and the Website are executed using built-in browser functions. These mechanisms do not allow the retrieval of additional data from the User’s Device or from other websites visited by the User, including personal data or confidential information. Transmitting viruses, Trojan horses, or other malicious software is virtually impossible.

Internal Cookies

Cookies used by the Administrator are safe for User Devices and do not contain scripts, content, or information that could threaten personal data security or the security of the User’s Device.

External Cookies

The Administrator carefully selects service providers to ensure User security. However, since external partners operate independently, the Administrator cannot fully control the contents of their cookies. The Administrator is not responsible for the security of external cookies to the extent permitted by law. A list of external partners is included in the later sections of this Privacy Policy.

Cookie Control

Users can independently modify their browser settings to control the storage, deletion, and access to cookies on their devices.

Guides on disabling cookies in the most popular browsers are available at:

Users can delete all stored cookies at any time using the tools available in their browsers or devices.

User Risks and Data Security

The Administrator implements all possible technical measures to ensure the security of data stored in cookies. However, Users also play a crucial role in securing their information. The Administrator is not responsible for:

  • Data interception, session hijacking, or unauthorized access caused by User actions.
  • Data loss or corruption due to viruses, malware, spyware, or other malicious software that may have infected the User’s Device.

To enhance data security, Users should follow cybersecurity best practices when browsing the Internet.

Personal Data Storage

The Administrator ensures that all personal data voluntarily provided by Users is secure and only accessible for the intended purposes. Strict physical and organizational security measures are applied to prevent unauthorized data loss or breaches.

Password Storage

User passwords are stored in encrypted form, following the latest encryption standards. Decrypting stored passwords is virtually impossible.

§5 Purposes of Cookie Usage

Cookies are used for the following purposes:

  • Improving and facilitating access to the Website
  • Personalizing the Website for Users
  • Enabling User login to the Website
  • Marketing and remarketing on external websites
  • Advertising services
  • Affiliate services
  • Collecting statistics (number of users, visits, device types, connection data, etc.)
  • Providing multimedia services
  • Providing social networking services

§6 Purposes of Personal Data Processing

Personal data voluntarily provided by Users is processed for one of the following purposes:

Provision of electronic services:

  • User account registration and maintenance within the Website and related functionalities
  • Newsletter service (including advertising content, with User consent)
  • Commenting/liking posts on the Website without requiring registration
  • Sharing Website content on social media or other websites
  • Communication between the Administrator and Users regarding Website operations and data protection
  • Ensuring the legally justified interests of the Administrator

Anonymized and automatically collected user data is processed for:

  • Statistical analysis
  • Remarketing
  • Serving advertisements tailored to Users’ preferences
  • Managing affiliate programs
  • Ensuring the legally justified interests of the Administrator

§7 Cookies from External Services

The Website uses JavaScript scripts and web components from partners who may store their own cookies on the User’s Device.

Users can manage cookie settings in their browser to control which cookies are allowed from specific websites.

Below is a list of partners and services integrated into the Website that may store cookies:

Multimedia Services:

  • YouTube
  • Vimeo

Social Media / Integrated Services:

(Registration, login, content sharing, communication, etc.)

  • Twitter
  • Facebook
  • Google+

Newsletter Services:

  • MailChimp

Advertising & Affiliate Networks:

  • Google Adsense
  • MyLead

Statistics & Analytics:

  • Google Analytics

Services provided by third parties are beyond the control of the Administrator. These entities may modify their terms of service, privacy policies, purposes of data processing, and cookie usage policies at any time.

§8 Types of Collected Data

The Website collects User data, which can be divided into:

  1. Automatically and anonymously collected data
  2. Personal data voluntarily provided by Users when subscribing to services

Anonymized Data Collected Automatically:

  • IP address
  • Browser type
  • Screen resolution
  • Approximate location
  • Visited subpages
  • Time spent on subpages
  • Operating system type
  • Referring page address
  • Language settings
  • Internet connection speed
  • Internet service provider
  • Demographic data (age, gender)

Data Collected During Registration:

  • First name / Last name / Nickname
  • Username
  • Email address
  • Avatar / Profile picture
  • IP address (collected automatically)

Data Collected When Subscribing to the Newsletter:

  • First name / Last name / Nickname
  • Email address
  • IP address (collected automatically)

Data Collected When Adding a Comment:

  • First name / Last name / Nickname
  • Email address
  • Website URL
  • IP address (collected automatically)

Some data (excluding identifying data) may be stored in cookies. Some data (excluding identifying data) may be transferred to statistical service providers.

§9 Access to Personal Data by Third Parties

As a general rule, the only recipient of the personal data provided by Users is the Administrator.

Data collected through services provided by the Website is not sold or transferred to third parties.

However, access to personal data may be granted (most often under a Data Processing Agreement) to third-party entities responsible for maintaining the infrastructure and services necessary for Website operations, such as:

  • Hosting providers offering web hosting and related services
  • Newsletter service providers
  • Mobile payment intermediaries for purchasing goods or services on the Website (if applicable)

Entrusting Personal Data Processing – Newsletter Service

The Administrator uses a third-party provider for Newsletter services – MailChimp.

Data entered into the Newsletter subscription form is transferred, stored, and processed by this external provider.

Note: The external partner may modify its privacy policy without the Administrator’s consent.

Entrusting Personal Data Processing – Hosting, VPS, or Dedicated Server Services

The Administrator uses the external hosting provider OVH sp. z o.o. for running the Website.

All data collected and processed on the Website is stored within the provider’s infrastructure located in Poland.
There is a possibility of data access during maintenance work performed by the provider’s staff.

Data access is regulated by a contract between the Administrator and the provider.

Processing of Data for Mobile Payment

For mobile payments, all payment-related data is provided directly by the User to the payment processor:

Payments Solution Sp. z o.o.Privacy Policy

Some necessary transaction data is then transferred to the Administrator.

The transfer of data is regulated by a contract between the Administrator and the payment service provider.

§10 Personal Data Processing Methods

Personal Data Voluntarily Provided by Users:

  • Personal data will not be transferred outside the European Union, unless it is published as a result of User actions (e.g., submitting a comment or post), making it publicly accessible.
  • Personal data will not be used for automated decision-making (profiling).
  • Personal data will not be sold to third parties.

Anonymized Data (Without Personal Identifiers) Collected Automatically:

  • Anonymized data may be transferred outside the European Union.
  • Anonymized data will not be used for automated decision-making (profiling).
  • Anonymized data will not be sold to third parties.

§11 Legal Basis for Processing Personal Data

The Website collects and processes User data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation – GDPR)
    • Article 6(1)(a):
      The data subject has given consent to the processing of their personal data for one or more specific purposes.
    • Article 6(1)(b):
      Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
    • Article 6(1)(f):
      Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.
  • The Personal Data Protection Act of May 10, 2018 (Journal of Laws 2018, item 1000)
  • The Telecommunications Law of July 16, 2004 (Journal of Laws 2004, No. 171, item 1800)
  • The Copyright and Related Rights Act of February 4, 1994 (Journal of Laws 1994, No. 24, item 83)

§12 Retention Period for Personal Data

Personal data voluntarily provided by Users:

As a general rule, personal data is stored only for the duration of the service provided by the Administrator through the Website. Data is deleted or anonymized within 30 days after the service is terminated (e.g., account deletion, newsletter unsubscription, etc.).

An exception applies if the Administrator has a legitimate legal interest in continuing to process the data. In such cases, the Administrator may retain the data for a maximum of 3 years from the time of the User’s deletion request if there is a suspected violation of the Website’s Terms of Service by the User.

Anonymized data (without personal identifiers) collected automatically:

Anonymous statistical data that does not constitute personal data is stored by the Administrator for statistical purposes for an indefinite period.

§13 User Rights Regarding Personal Data Processing

Users have the following rights regarding their personal data:

Right of Access to Personal Data

Users have the right to access their personal data. This can be done through:

  • The User panel, available after logging in
  • Tools allowing account recovery in case of a forgotten password

Right to Rectification of Personal Data

Users have the right to request immediate correction of inaccurate or incomplete personal data.
This right can be exercised by submitting a request to the Administrator.

Right to Erasure of Personal Data (“Right to Be Forgotten”)

Users have the right to request the immediate deletion of their personal data.

  • For user accounts, deletion consists of anonymizing any identifying data.
  • The Administrator reserves the right to delay the deletion request to protect legitimate interests (e.g., if the User violated the Terms of Service or if data was obtained through correspondence).
  • For the Newsletter service, Users can unsubscribe and delete their data by clicking the unsubscribe link included in every email.

Right to Restriction of Processing

Users have the right to request processing restrictions under Article 18 of the GDPR, such as when disputing the accuracy of personal data.
This right can be exercised by submitting a request to the Administrator.

Right to Data Portability

Users have the right to obtain their personal data in a structured, commonly used, and machine-readable format.
This right can be exercised by submitting a request to the Administrator.

Right to Object to Data Processing

Users have the right to object to the processing of their personal data in cases specified in Article 21 of the GDPR.
This right can be exercised by submitting a request to the Administrator.

Right to Lodge a Complaint

Users have the right to lodge a complaint with a supervisory authority for data protection.

§14 Contacting the Administrato

The Administrator can be contacted using one of the following methods:

  • Postal Address – ZP20 Piotr Markowski, Al. KEN 36 / 112B, WARSAW
  • Email Addressoffice@zp20.pl
  • Phone Call – +48 733 644 002
  • Contact Form – Available at: /contact

§15 Website Requirements

Restricting the ability to store and access cookies on the User’s Device may result in the Website not functioning properly.

The Administrator is not responsible for Website malfunctions caused by User-imposed restrictions on cookies.

§16 External Links

The Website, including articles, posts, user comments, and other content, may contain links to external websites that are not affiliated with the Website’s Administrator.

Such external links, as well as the content or files they lead to, may pose security risks for your Device or personal data.

The Administrator is not responsible for any content or security risks associated with external websites.

§17 Changes to the Privacy Policy

The Administrator reserves the right to modify this Privacy Policy at any time without notifying Users when changes relate to:

  • Anonymous data processing
  • The use of cookies

When changes involve Personal Data Processing, the Administrator will:

  • Notify registered Users and Newsletter subscribers via email within 7 days of the update.
  • Continued use of the Website after receiving the notification constitutes acceptance of the updated Privacy Policy.
  • Users who do not agree with the changes must delete their account or unsubscribe from the Newsletter.

Changes to the Privacy Policy will be published on this webpage.
The updated policy takes effect immediately upon publication.