Privacy Policy
Last updated: 5 July 2025
Welcome to frpunlocking.com (the “Site”).
This Privacy Policy explains how we collect, use, share and protect your personal data when you:
- browse our Site,
- purchase in-lab or remote unlock / repair services, or
- interact with us via email, chat, or social media.
Because our business and servers are located in Poland, we follow the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any applicable local laws.
1. Who we are
A group leaded by Pawel Potacki.
Data Controller:
Pawel Potacki
Minsk Mazowiecki County, Poland
Contact form: frpunlocking.com/contact
2. What data we collect
| Category | Examples | Collected when… | Legal basis (GDPR) |
|---|---|---|---|
| Identity & Contact | Name, email, phone, shipping address | you fill an RMA, request a quote, open a support ticket | Art. 6 (1)(b) – contract |
| Device Details | Make, model, IMEI/Serial, FRP & Bootloader lock status, OS version | you submit a device or start a remote session | Art. 6 (1)(b) |
| Diagnostic & Usage Logs | ADB/fastboot output, bootloader codes, crash logs, remote-session screen recordings (only if you grant access) | during in-lab or remote unlock/repair | Art. 6 (1)(b) & (f) |
| Payment Info | Transaction ID, paid amount (we never store full card numbers) | you pay for services | Art. 6 (1)(b) & (c) |
| Website Data | IP address, browser type, pages visited, cookies (see § 8) | you browse the Site | Art. 6 (1)(f) (legitimate interest) |
| Marketing Preferences | Newsletter opt-in, preferred channels | you give explicit consent | Art. 6 (1)(a) |
We do not collect sensitive categories of data (race, health, biometrics, etc.) and we do not knowingly collect data from children under 16.
3. How we use your data
- Service delivery – diagnose devices, perform FRP removal or unlocks (remote or in-lab), ship returns.
- Customer support – respond to tickets, warranty claims, RMA status updates.
- Payments & accounting – generate invoices, meet tax obligations.
- Security – prevent fraud, verify lawful ownership of devices.
- Site analytics – improve content, detect errors.
- Marketing – send newsletters only if you opt-in; you may unsubscribe at any time.
We do not use personal data for automated decision-making that has legal or similarly significant effects.
4. Sharing & international transfers
We share data only with:
- Service providers under data-processing agreements (e.g., payment gateways, courier companies, secure cloud hosts in the EU).
- Remote-session tools (e.g., AnyDesk, TeamViewer) only during an active session you initiate; traffic is end-to-end encrypted.
- Public authorities when required by law (police requests regarding stolen devices, tax audits, court orders).
We do not sell or rent your data.
If we transfer data outside the EEA (e.g., to a US-based support ticket system), we rely on standard contractual clauses or destinations with an EU adequacy decision.
5. Data retention
| Data type | Retention period |
|---|---|
| RMA records & invoices | 6 years (legal obligation) |
| Device diagnostic logs & screen recordings | 90 days after service completion, then securely deleted |
| Remote-session connection metadata (IP, timestamps) | 180 days |
| Marketing email list | until you withdraw consent or after 24 months of inactivity |
| Cookie identifiers | see § 8 |
Back-ups containing deleted records are purged on a 30-day rolling cycle.
6. Your rights
Under GDPR you may:
- Access – obtain a copy of your data.
- Rectify – correct inaccurate or incomplete data.
- Erase (“right to be forgotten”) – subject to legal retention limits.
- Restrict processing – while a dispute is resolved.
- Data portability – receive data in a machine-readable format.
- Object – to processing based on legitimate interest or direct marketing.
- Withdraw consent – at any time, for future processing.
- Complain – to the Polish Data Protection Authority (UODO) or your local DPA.
Contact us at frpunlocking.com/contact to exercise any right; we will respond within 30 days.
7. Security measures
- ISO-27001-grade EU data-centre hosting
- TLS 1.3 encryption for all web traffic
- Disk-level encryption on service workstations
- Role-based access; staff bound by NDAs
- Regular vulnerability scans and patch management
8. Cookies & third-party tools
We use three essential first-party cookies (session_id, csrftoken, analytics_local…). Pages that embed outside services may drop their own cookies—these are governed by each provider’s policy, not ours:
- Media: YouTube, Vimeo
- Social / login: X (Twitter), Facebook, LinkedIn, Google
- Email & push: Mailchimp
- Analytics / heat-maps: Google Analytics, Hotjar
- Maps: Mapbox
- Security: our contact form is protected by
Google reCAPTCHA (see also
Terms of Service), our comments section is protected by Akismet Anti-Spam.
Manage or delete cookies anytime in your browser:
Chrome | Firefox | Edge | Safari | Opera
All cookie exchanges rely on standard browser mechanisms and cannot read data from other sites or install malware.
9. Third-party links
The Site links to firmware mirrors, manufacturer resources, and social channels that we do not control.
When you follow those links, their own privacy policies apply.
10. Updates
We may revise this Privacy Policy from time to time.
When we post material changes, we will:
- update the “Last updated” date, and
- if the changes are significant, notify you by email (if we have it) at least 30 days in advance.
Continued use of the Site or services after the notice period means you accept the revised policy.
11. Contact us
Questions, concerns, or requests?
Messenger
Contact form: frpunlocking.com/contact
Thank you for trusting frpunlocking.com with your data.