Privacy Policy

Last updated: March 5, 2026

This Privacy Policy explains how Rezon.IO ("Rezon", "we", "us", "our") collects, uses, shares, stores, and otherwise processes personal data when you use our website, applications, and related services.

Our services, including account creation, may be restricted or unavailable in certain jurisdictions.

1. Who We Are

Rezon.IO is operated by Oleg Knyaginin (Олег Княгинин), established in Bulgaria.

Controller contact details

Name: Oleg Knyaginin

Address: 2 SVETI IVAN RILSKI STR., BANSKO, Bulgaria

Email: [email protected]

For the purposes of applicable data protection law, Oleg Knyaginin is the controller of the personal data described in this Privacy Policy, except where this Policy states otherwise.

2. Scope

This Privacy Policy applies to personal data processed through Rezon.IO, including when you:

  • visit or browse our website;

  • create or manage an account;

  • create, publish, administer, or analyze polls;

  • participate in a poll or voting workflow;

  • receive invitations, reminders, or other service communications;

  • purchase a subscription, package, or usage-based credits;

  • contact support or otherwise communicate with us.

This Policy applies to users, poll creators, participants, invitees, website visitors, and other individuals whose personal data is processed through the service.

3. Roles: When Rezon Is a Controller and When a Poll Creator May Be a Separate Controller

Rezon does not always play the same role for all data.

3.1 Rezon as controller

Rezon acts as a <strong>controller</strong> for personal data we process for our own business and service purposes, including for example:

  • account registration and login;

  • profile and account management;

  • website operation and security;

  • billing, subscriptions, PAYG balances, invoicing support, and transaction records;

  • fraud prevention, abuse detection, and service integrity;

  • support communications;

  • internal analytics used to operate and improve the service.

3.2 Poll creators and organizations

When a poll creator uses Rezon to organize a poll, invite participants, and define the purpose and configuration of that poll, the poll creator or the organization on whose behalf they act may be a <strong>separate controller</strong> of participant data and poll content.

3.3 Public content and platform operations

Where a poll is made public or where processing is necessary to host, secure, maintain, moderate, or present the platform and its public features, Rezon may also process relevant data for its own legitimate platform purposes.

4. Personal Data We Collect

We may collect and process the following categories of personal data.

4.1 Account and profile data

  • email address;

  • username or login identifier;

  • password hash;

  • account status;

  • timezone and language preferences;

  • optional profile information you choose to provide, such as name, phone number, avatar, bio, or similar profile details.

4.2 Authentication data

If you use social sign-in or OAuth login, we may receive identifiers and profile data from the provider you choose, such as Google, Meta/Facebook, VKontakte, or other supported providers.

4.3 Poll and participation data

  • poll titles, descriptions, instructions, candidates/options, tags, translations, uploaded files, and related poll configuration;

  • participant and invitation data, including email addresses and participant identifiers supplied by a poll creator;

  • rankings, votes, optional comments or responses, result records, timestamps, and vote-history data where that functionality is enabled;

  • data about poll visibility, sharing, reminders, links, and participation status.

4.4 Billing and transaction data

  • selected plan, package, or usage product;

  • subscription status and lifecycle data;

  • checkout metadata;

  • invoice and transaction references;

  • PAYG and usage-related balances or purchases;

  • rewards, referral, credits, score, and discount-related records where such features are offered.

4.5 Technical and usage data

  • IP address;

  • browser type and version;

  • device and operating system information;

  • session identifiers;

  • language and regional settings;

  • request logs, timestamps, and usage events;

  • security and anti-abuse signals.

4.6 Communications data

  • verification emails, password reset communications, billing notices, invitations, reminders, and service notifications;

  • support requests and correspondence with us.

4.7 Cookies and similar technologies

We use cookies and similar technologies for authentication, security, preferences, language settings, performance, and analytics. Where required by law, we ask for consent for non-essential cookies. See our Cookie Policy for more information.

5. Sources of Personal Data

We collect personal data from the following sources:

  • <strong>directly from you</strong>, when you create an account, use the service, make a purchase, contact support, or otherwise interact with Rezon;

  • <strong>from poll creators or organizers</strong>, when they upload participant information or send invitations through Rezon;

  • <strong>from authentication providers</strong>, when you choose social sign-in;

  • <strong>automatically from your device or browser</strong>, through logs, cookies, and similar technologies;

  • <strong>from payment and fraud-prevention providers</strong>, in connection with transactions and service protection.

6. How We Use Personal Data

We use personal data for the following purposes:

  • to provide, host, maintain, and operate Rezon;

  • to create and manage accounts and authenticate users;

  • to enable poll creation, participation workflows, result calculation, sharing, and related features;

  • to send invitations, reminders, service notices, and transactional communications;

  • to process subscriptions, one-time purchases, PAYG purchases, credits, discounts, referrals, and related records;

  • to protect the security, availability, and integrity of the platform;

  • to detect, prevent, and investigate abuse, fraud, unauthorized access, and violations of our Terms;

  • to troubleshoot, monitor performance, and improve the usability and reliability of the service;

  • to maintain business records and respond to legal, regulatory, tax, accounting, or enforcement requirements;

  • to establish, exercise, or defend legal claims.

7. Legal Bases for Processing

Where the GDPR or similar laws apply, we rely on one or more of the following legal bases:

7.1 Performance of a contract

We process data where necessary to provide the service you request, including account operation, poll functionality, purchases, and related support.

7.2 Legitimate interests

We process data where necessary for our legitimate interests, including:

  • securing the service;

  • preventing fraud and abuse;

  • maintaining and improving functionality;

  • limited internal analytics and operational reporting;

  • defending legal rights and enforcing our Terms.

Where we rely on legitimate interests, we do so only where those interests are not overridden by your rights and freedoms.

7.3 Consent

We rely on consent where required, for example for certain non-essential cookies, optional communications, or other processing where consent is the appropriate legal basis.

You may withdraw consent at any time for future processing, without affecting the lawfulness of processing carried out before withdrawal.

7.4 Legal obligation

We process data where necessary to comply with legal obligations, including accounting, tax, regulatory, and lawful disclosure obligations.

8. How We Share Personal Data

We do not sell personal data.

8.1 Service providers and subprocessors

We share data with vendors and service providers that help us operate Rezon, such as providers of:

  • hosting and infrastructure;

  • email delivery and transactional messaging;

  • authentication;

  • analytics;

  • support tooling;

  • security and abuse prevention;

These providers are authorized to process personal data only as needed to provide services to us and subject to appropriate contractual and organizational safeguards.

8.2 Payment providers

We share billing and transaction-related data with payment processors such as <strong>Stripe</strong> to process payments, manage subscriptions, and support related financial operations.

8.3 Poll creators, organizers, and participants

Depending on the poll settings and visibility chosen by a poll creator, personal data and poll-related information may be visible to:

  • the poll creator or organizer;

  • authorized collaborators;

  • invited participants;

  • the public, where the poll is public.

8.4 Social login providers

If you choose to sign in with an external authentication provider, relevant data may be exchanged with that provider as necessary to enable authentication.

8.5 Legal, compliance, and safety disclosures

We may disclose personal data where reasonably necessary to:

  • comply with law, regulation, court order, or lawful request;

  • protect the rights, property, and safety of Rezon, our users, or others;

  • investigate fraud, abuse, security incidents, or Terms violations;

  • establish, exercise, or defend legal claims.

8.6 Business transactions

If Rezon is involved in a merger, acquisition, investment, reorganization, or sale of assets, personal data may be disclosed as part of that transaction, subject to appropriate safeguards and lawful handling.

9. International Data Transfers

Rezon is operated from <strong>Bulgaria</strong>. Our infrastructure and service providers may process data in other jurisdictions.

For example:

  • hosting or infrastructure providers may process data on servers located in <strong>Germany</strong> or elsewhere in the EEA;

  • payment-related data may be processed by <strong>Stripe</strong> and related providers according to the payment setup and applicable provider terms;

  • some service providers may process data outside the EEA.

Where personal data is transferred outside the EEA and an adequacy decision does not apply, we use appropriate safeguards intended to protect the data, such as standard contractual clauses or other lawful transfer mechanisms.

Where a transfer is made to a country recognized by the European Commission as providing an adequate level of protection, we may rely on that adequacy decision.

10. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including to provide the service, maintain records, resolve disputes, enforce agreements, and comply with legal obligations.

Retention periods vary depending on the type of data and the reason for processing. In general:

  • <strong>account data</strong> is retained while your account remains active and for a limited period afterward as reasonably necessary for security, backup, dispute handling, or reactivation;

  • <strong>poll content and participation data</strong> is retained according to the poll configuration, account status, platform functionality, and the legitimate operational needs of the service;

  • <strong>billing and transaction records</strong> may be retained for longer periods as required by accounting, tax, and financial compliance obligations;

  • <strong>security logs and technical logs</strong> are typically retained for shorter periods, except where needed for incident investigation, abuse prevention, or legal compliance;

  • <strong>support communications</strong> may be retained as long as reasonably necessary to manage support history, disputes, and operational continuity.

Where deletion is requested, we may retain limited information where necessary to comply with law, resolve disputes, enforce agreements, or maintain security and fraud-prevention records.

11. Your Rights and Choices

Depending on applicable law, you may have the right to:

  • request access to your personal data;

  • request correction of inaccurate or incomplete data;

  • request deletion of personal data;

  • request restriction of processing;

  • object to certain processing, including processing based on legitimate interests;

  • request portability of data you provided to us, where applicable;

You may also:

  • update certain profile or account settings within your account;

  • use unsubscribe or opt-out options where available in non-essential communications;

  • control cookies through your browser settings and consent tools, where applicable.

To exercise your rights, contact us at [email protected].

We may need to verify your identity before completing certain requests.

12. Complaints

If you believe that our processing of your personal data violates applicable law, you may lodge a complaint with a supervisory authority.

If the controller is established in Bulgaria, the relevant supervisory authority is:

Commission for Personal Data Protection (CPDP)

2 Prof. Tsvetan Lazarov Blvd.

1592 Sofia, Bulgaria

content.privacy.v2.s12.authority_address3

Email: [email protected]

You may also have the right to complain to the supervisory authority in the EU/EEA country of your habitual residence, place of work, or place of the alleged infringement.

13. Public Polls, User Content, and Visibility

Rezon enables users to create and publish poll content, including public polls and shared voting workflows.

Please keep in mind:

  • information submitted to a public poll may be visible to other users or the public;

  • poll creators determine many of the visibility settings for the polls they create;

  • Rezon may preserve public poll content and related metadata as part of operating and presenting the platform;

  • you should avoid submitting sensitive or unnecessary personal data into poll titles, descriptions, options, comments, or other fields unless clearly required and lawful.

14. Children and Minors

Rezon is not designed for very young children.

Where applicable law requires parental or guardian authorization for a minor to use an online service or for certain processing activities, such authorization must be obtained before the minor uses the service.

We do not knowingly collect personal data from children in violation of applicable law. If you believe that a child has provided personal data unlawfully, please contact us and we will take appropriate action.

15. Security

We use technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and unlawful disclosure.

However, no website, application, or method of electronic storage or transmission is completely secure. For that reason, we cannot guarantee absolute security.

16. Automated Decision-Making

Rezon may use automated systems for operational purposes such as spam prevention, abuse detection, security monitoring, rate-limiting, fraud prevention, recommendation logic, and workflow automation.

Unless explicitly stated otherwise, we do not use solely automated decision-making that produces legal effects or similarly significant effects on individuals within the meaning of applicable data protection law.

17. Third-Party Sites and Services

Our services may contain links to third-party websites, integrations, or services that are not operated by us.

Their privacy practices are governed by their own terms and policies, and we are not responsible for those third-party practices.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will update the “Last updated” date and publish the revised version on this page. Where required by law, we may also provide additional notice.

19. Contact Us

If you have questions about this Privacy Policy or our data handling practices, contact:

Oleg Knyaginin (Олег Княгинин)

Address: 2 SVETI IVAN RILSKI STR., BANSKO, Bulgaria

Email: [email protected]