Privacy policy
Last updated: 26 June 2026
religo.pl is a free, public map of religious places of worship in Poland. It needs no account and is not used for marketing. Below we explain what data is processed when you use the site.
Data controller
The data controller is letsweb.biz (tax ID NIP 8641620172). Privacy contact: tomasz.kusmierczyk@letsweb.biz or the contact form.
What data we process
- Visit statistics. We use our own self-hosted analytics that does not use cookies and does not track users across sites. Only aggregated, anonymised data is collected (page views, referrer, country, device type) — without identifying individuals.
- Map. Map tiles are served by Mapbox. To display the map, your IP address and basic browser request data are sent to Mapbox’s servers.
- Location (“Locate me”). This feature runs only after you click it:
- if you grant permission in your browser, your precise location is used locally to centre the map — we do not store it or send it to our server.
- On-device storage. As a PWA (Progressive Web App — a website you can install on your device and use like a regular app), the site stores technical data in your browser (for offline use and correct display) — it stays on your device.
- Server logs. The hosting server may record your IP address and basic request data for security and diagnostics.
- Correction suggestions (optional). When you propose a correction to a place’s data, we process the content of your suggestion. If you voluntarily add a signature (name) or an email address, we process them to link your edits to a contributor profile and to contact you if needed. Providing this is entirely voluntary, and you can withdraw consent at any time by asking us to delete the data. Suggestions are stored with an external service provider acting as a data processor.
- Contact form. When you use the contact form (e.g. a general question or a GDPR request), we process the data you provide: name, email address, and message content — solely to respond to your enquiry. Messages are passed to an external service provider (a data processor) to store and deliver them to us.
- Spam protection. The forms (contact and correction suggestions) are protected by Cloudflare Turnstile. When you submit a form, your IP address and basic technical browser data are sent to Cloudflare to confirm the submission does not come from malicious software.
We do not create accounts, profile users, run marketing, or sell data.
Legal bases
We process data in accordance with the GDPR — the General Data Protection Regulation (the EU’s general regulation on personal-data protection). The legal bases are:
- Displaying the site and map — necessity to provide the service (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f)).
- Statistics, security, and logs — the controller’s legitimate interest (Art. 6(1)(f)).
- Access to precise location — your consent (Art. 6(1)(a)), which you can withdraw at any time in your browser settings.
- Data given when suggesting corrections (optional signature and email) — your consent (Art. 6(1)(a)), which you can withdraw at any time by asking us to delete it.
- Contact-form data — your consent or our legitimate interest in responding to your enquiry (Art. 6(1)(a) or (f)).
- Spam protection of the forms (Cloudflare Turnstile) — the controller’s legitimate interest in preventing abuse (Art. 6(1)(f)).
Cookies
The site does not use cookies for tracking or advertising — analytics is cookieless. For correct operation it may use technical browser storage (localStorage / app cache), which is not a cookie and is not used for profiling.
Recipients
Within the scope described above, data may be processed by: the map provider (Mapbox), an external data-storage and email service provider (for correction suggestions and the contact form), Cloudflare (form spam protection — Turnstile), and the hosting provider.
Transfers outside the European Economic Area (EEA)
Some recipients (e.g. Mapbox, Cloudflare, and external service providers) may process data outside the EEA (European Economic Area), under safeguards provided for by the GDPR (including standard contractual clauses).
Retention
Aggregated statistics are kept for as long as needed to assess how the site performs. Server logs are kept for a short, necessary period. Precise-location data is not stored. Data from correction suggestions (including the optional signature and email) is kept until the suggestion is reviewed and for as long as needed to maintain the contributor profile; we delete it on request. Contact-form messages are kept for as long as needed to handle your enquiry and any follow-up correspondence.
Your rights
You have the right to access, rectify, erase, restrict the processing of, object to the processing of, and port your data. For these matters, write to: tomasz.kusmierczyk@letsweb.biz.
Complaint
If you believe your data is processed unlawfully, you may lodge a complaint with the President of the Personal Data Protection Office (UODO, the Polish supervisory authority).
Changes
This policy may be updated. The current version is always available on this page.