Privacy Policy

Privacy Policy frpunlocking.com

Last updated: 5 July 2025

This Privacy Policy explains how we collect, use, share and protect your personal data when you:

  • browse our Site,
  • purchase in-lab or remote unlock / repair services, or
  • interact with us via email, chat, or social media.

Because our business and servers are located in Poland, we follow the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any applicable local laws.

§ 1 Definitions

  • Site / Service – the website “FRP Unlocking” operating at https://frpunlocking.com
  • External Service – websites of partners, service providers or recipients cooperating with the Administrator
  • Administrator / Data Controller – CoolTRONIC.pl Sp. z o.o., RzÄ…dza, Åšwierkowa 14, 05-304 RzÄ…dza, Poland — VAT No: 6443581559, KRS: 0000941025
  • User / Data Subject – a natural person for whom the Administrator provides electronic services through the Site
  • Device – an electronic device with software through which the User accesses the Site
  • Cookies – text data collected in the form of files placed on the User’s Device
  • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
  • Personal data – information about an identified or identifiable natural person
  • Processing – any operation or set of operations on personal data, such as collection, storage, use, disclosure, erasure, etc.
  • Profiling – automated processing of personal data to evaluate certain personal aspects of a natural person
  • Consent – freely given, specific, informed and unambiguous indication of the data subject’s wishes
  • Personal data breach – a security breach leading to accidental or unlawful destruction, loss, alteration, or unauthorised access to personal data
  • Pseudonymisation – processing personal data so it can no longer be attributed to a specific person without additional information
  • Anonymisation – an irreversible process that destroys personal data preventing identification of any individual

§ 2 Who We Are

The Site is operated by a team led by Paweł Potacki.

Data Controller: CoolTRONIC.pl Sp. z o.o.

Address: RzÄ…dza, Åšwierkowa 14, 05-304 RzÄ…dza, Minsk Mazowiecki County, Poland

VAT / NIP: 6443581559 | KRS: 0000941025

E-mail: [email protected]

Phone: +48 503 663 933

Contact form: frpunlocking.com/contact

Pursuant to Art. 37 GDPR, a Data Protection Officer has not been appointed. For all data-related matters, contact the Administrator directly.

§ 3 What Data We Collect

The Site collects data about Users. Some data is collected automatically and anonymously; some is personal data provided voluntarily by Users.

CategoryExamplesCollected when…Legal basis (GDPR)
Identity & ContactName, email, phone, shipping addressYou fill an RMA, request a quote, open a support ticketArt. 6(1)(b) – contract
Device DetailsMake, model, IMEI/Serial, FRP & Bootloader lock status, OS versionYou submit a device or start a remote sessionArt. 6(1)(b)
Diagnostic & Usage LogsADB/fastboot output, bootloader codes, crash logs, remote-session screen recordings (only if you grant access)During in-lab or remote unlock/repairArt. 6(1)(b) & (f)
Payment InfoTransaction ID, paid amount (we never store full card numbers)You pay for servicesArt. 6(1)(b) & (c)
Website DataIP address, browser type, pages visited, cookies (see § 9)You browse the SiteArt. 6(1)(f) – legitimate interest
Marketing PreferencesNewsletter opt-in, preferred channelsYou give explicit consentArt. 6(1)(a)

We do not collect sensitive categories of data (race, health, biometrics, etc.) and do not knowingly collect data from children under 16.

§ 4 How We Use Your Data

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Service delivery – diagnose devices, perform FRP removal or unlocks (remote or in-lab), ship returns.
  • Customer support – respond to tickets, warranty claims, RMA status updates.
  • Payments & accounting – generate invoices, meet tax obligations.
  • Security – prevent fraud, verify lawful ownership of devices.
  • Site analytics – improve content, detect errors.
  • Marketing – send newsletters only if you opt-in; you may unsubscribe at any time.

Data collected anonymously and automatically is also processed for:

  • Maintaining statistics
  • Remarketing
  • Serving ads tailored to User preferences
  • Handling affiliate programmes
  • Ensuring the legitimate interests of the Administrator

We do not use personal data for automated decision-making that has legal or similarly significant effects.

§ 5 Sharing & International Transfers

As a rule, the only recipient of personal data is the Administrator. Data is not sold or rented. We share data only with:

  • Service providers under data-processing agreements (e.g., payment gateways, courier companies, secure cloud hosts in the EU).
  • Remote-session tools (e.g., AnyDesk, TeamViewer) only during an active session you initiate; traffic is end-to-end encrypted.
  • Public authorities when required by law (police requests regarding stolen devices, tax audits, court orders).
  • Newsletter provider – MailChimp (https://mailchimp.com). Data in newsletter forms is processed in their external service.
  • Hosting provider – OVH (https://ovh.com). All site data is stored in OVH infrastructure; access is governed by a data-processing agreement.
  • Payment processor – PayPal (https://paypal.com). Payment data is transferred directly by the User; only transaction confirmation is passed back to the Administrator.

If we transfer data outside the EEA (e.g., to a US-based support ticket system), we rely on standard contractual clauses or destinations with an EU adequacy decision.

§ 6 Data Retention

Data TypeRetention Period
RMA records & invoices6 years (legal obligation)
Device diagnostic logs & screen recordings90 days after service completion, then securely deleted
Remote-session connection metadata (IP, timestamps)180 days
Personal data (account / registration)Duration of service + up to 30 days after account deletion; up to 3 years if a Terms of Service breach is suspected
Marketing email listUntil consent is withdrawn or after 24 months of inactivity
Anonymous statistical dataIndefinite (no personal data involved)
Cookie identifiersSee § 9

Back-ups containing deleted records are purged on a 30-day rolling cycle.

§ 7 Your Rights

Under GDPR you may exercise the following rights:

  • Access (Art. 15) – obtain a copy of your data.
  • Rectify (Art. 16) – correct inaccurate or incomplete data.
  • Erase / Right to be forgotten (Art. 17) – subject to legal retention limits; for user accounts, erasure means anonymisation of identifying data.
  • Restrict processing (Art. 18) – while a dispute is resolved or accuracy is contested.
  • Data portability (Art. 20) – receive your data in a structured, machine-readable format.
  • Object (Art. 21) – to processing based on legitimate interest or direct marketing.
  • Withdraw consent (Art. 7(3)) – at any time, without affecting prior lawful processing.
  • Lodge a complaint – with the Polish Data Protection Authority (UODO, https://uodo.gov.pl) or your local supervisory authority.

To exercise any right, contact us at frpunlocking.com/contact. We will respond within 30 days.

§ 8 Security Measures

The Administrator applies all possible technical and organisational measures to secure data. Implemented measures include:

  • ISO-27001-grade EU data-centre hosting
  • TLS 1.3 encryption for all web traffic
  • Disk-level encryption on service workstations
  • Role-based access; staff bound by NDAs
  • Regular vulnerability scans and patch management
  • Passwords stored in encrypted form using current standards; decryption is practically impossible

Cookie storage and reading mechanisms rely on built-in browser mechanisms and cannot retrieve data from other sites, personal data, or confidential information. Transfer of malware to the User’s Device via cookies is practically impossible.

The Administrator is not liable for interception of data caused by viruses, Trojan horses or other spyware infecting the User’s Device. Users should follow cybersecurity best practices.

§ 9 Cookies & Third-Party Tools

Types of Cookies

  • Essential / Internal cookies – required for correct operation of the Site; safe and contain no scripts that could threaten device security.
  • Session cookies – placed and read during a single browsing session.
  • Persistent cookies – stored until manually deleted.
  • External / third-party cookies – placed by partner services embedded in the Site.
  • Analytics cookies – used to analyse traffic and usage patterns.
  • Advertising cookies – used to serve ads, including personalised Google AdSense ads.

Purposes of Cookies

  • Improving and facilitating access to the Site
  • Personalisation of the Site for Users
  • Enabling login to the Site
  • Marketing and remarketing in external services
  • Delivering advertising services
  • Running affiliate programmes
  • Maintaining statistics (users, visits, etc.)
  • Delivering multimedia services
  • Providing social services

Google AdSense

The Site uses Google AdSense, an advertising service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google AdSense uses cookies and similar technologies to display ads based on a User’s previous visits to the Site or other websites.

Google and its partners may use cookies to serve ads based on the User’s visits to this and other websites. Users may opt out of personalised advertising:

• Google Ads Settings: google.com/settings/ads • About Ads: aboutads.info

Google’s privacy policy: policies.google.com/privacy

Third-Party Services and Their Cookies

The Administrator uses JavaScript and web components of partners who may place their own cookies on the User’s Device. Partner services and their applicable policies:

Services provided by third parties are outside the Administrator’s control. These entities may at any time change their terms of service, privacy policies, or cookie usage.

Managing Cookies

You may change your cookie settings, delete cookies, or block them at any time in your browser:

Chrome Firefox Edge Safari Opera

Restricting or deleting cookies may cause some features of the Site to work incorrectly. The Administrator bears no liability for malfunction caused by cookie restrictions applied by the User.

§ 10 Legal Basis for Processing

The Site collects and processes data on the basis of:

  • GDPR Art. 6(1)(a) – the data subject has given consent
  • GDPR Art. 6(1)(b) – processing is necessary for the performance of a contract
  • GDPR Art. 6(1)(f) – processing is necessary for the purposes of legitimate interests
  • Act of 10 May 2018 on the Protection of Personal Data (Poland, Journal of Laws 2018, item 1000)
  • Act of 16 July 2004 – Telecommunications Law (Poland)
  • Act of 4 February 1994 on Copyright and Related Rights (Poland)

§ 11 Third-Party Links

The Site — in articles, posts, or User comments — may contain links to external websites (firmware mirrors, manufacturer resources, social channels) with which the Administrator does not cooperate. These links and the pages or files they point to may pose risks to your Device or data. When you follow those links, their own privacy policies apply.

The Administrator bears no responsibility for content located outside the Site.

§ 12 Updates to This Policy

The Administrator reserves the right to revise this Privacy Policy at any time. When material changes are posted, the Administrator will:

  • update the “Last updated” date at the top of this page,
  • if the changes are significant, notify registered Users and Newsletter subscribers by e-mail at least 7 days in advance (30 days for major changes).

Continued use of the Site or services after the notice period means you accept the revised policy. If you do not agree with the changes, you must delete your account or unsubscribe from the Newsletter.

Changes to the use of anonymous data or cookies may be made without prior notice.

§ 13 Contact Us

For questions, concerns, or data requests:

Thank you for trusting frpunlocking.com with your data.

Download from Mega Mirror Download from Google Drive Download from OneDrive Mirror Download from Github Mirror