Terms of Use

BEEZEE

Last updated: May 2026

Version: 1.0

These Terms of Use ("Terms", also "Regulamin" within the meaning of the Polish Act on Provision of Services by Electronic Means of 18 July 2002 — ustawa o świadczeniu usług drogą elektroniczną, "uśude") govern the relationship between you ("Customer", "Manager", or "you") and BEEZEE, operated jointly by:

(together "we", "us", or "the Provider"; both acting as joint data controllers under Article 26 GDPR), operators of the BEEZEE mobile application and platform ("the Service").

By creating an account or using the Service, you agree to these Terms in full. If you do not agree, you must not use the Service.


1. Service Description

BEEZEE is a workforce management platform that helps businesses organize daily operations. The Service provides:

The Service is available on iOS and Android via the BEEZEE mobile application.

The features available to a specific account depend on the subscription plan or written agreement in place at the time. Features labelled beta or preview are provided without warranty and may be withdrawn at any time.


2. Account and Access

2.1 Registration and Conclusion of the Contract

Business accounts are created by BEEZEE upon request from the Manager. The contract for the provision of the Service is concluded when (i) we accept the Manager's request and (ii) the Manager logs in to the account for the first time and confirms acceptance of these Terms and the Privacy Policy. The Manager becomes the primary account holder for their business upon conclusion of the contract.

Where applicable, the start of the paid subscription, any free-trial period, billing cycle and applicable fees are set out separately at the time of account creation or in a written commercial agreement; in the absence of such an agreement the Service is provided free of charge and on a best-effort basis.

2.2 Employee Accounts

The Manager creates accounts for their employees. Employees do not self-register — they are invited by the Manager and automatically associated with the Manager's business.

2.3 Age Restriction

The Service is intended for use in a professional employment context. All users must be at least 16 years old. By creating or using an account, you confirm that you are at least 16 years of age.

2.4 Account Security

You are responsible for maintaining the confidentiality of your account credentials. You must notify us immediately if you suspect unauthorized access to your account. We are not liable for any loss resulting from unauthorized use of your credentials.

2.5 Account Accuracy

You must provide accurate and complete information when creating accounts. The Manager is responsible for the accuracy of employee accounts they create.

2.6 Account Inactivity

The Manager's business account remains active for the duration of the contract. Account deactivation occurs only upon contract termination; accounts are not deactivated due to inactivity. Data handling upon termination follows Section 4.3.

2.7 Account Transfer

In the event that the Manager's employment or role ends, ownership of the business account may be transferred to another authorized representative of the Customer's business by contacting us at biznest.platform@gmail.com. We will carry out the transfer subject to reasonable verification of the new representative's authority.

2.8 Technical Requirements (art. 8 ust. 3 pkt 1 uśude — Polish Act on Provision of Electronic Services)

To use the Service you need:

You are responsible for the security of your device, including keeping your operating system and the BEEZEE app updated.

2.9 Prohibition on Unlawful Content (art. 8 ust. 3 pkt 2 lit. b uśude — Polish Act on Provision of Electronic Services)

You may not provide, upload or transmit through the Service any content of an unlawful character, including but not limited to content that infringes the rights of third parties, contains malware, or violates applicable law.


3. Acceptable Use

3.1 Legal Compliance

The Manager must comply with all applicable local, national, and EU labor laws when using the Service's monitoring and tracking features, including but not limited to laws governing:

3.2 Employee Notification

The Manager is responsible for informing their employees about workplace monitoring conducted through the Service, in accordance with applicable labor and data protection laws. This includes informing employees about what data is collected, why, and how it is used.

3.3 Fair Use

The Manager must not use the Service to:

3.4 Prohibited Activities

All users are prohibited from:

3.5 Enforcement

We reserve the right to suspend or terminate accounts that violate these Terms, with or without prior notice depending on the severity of the violation.

3.6 Manager Indemnity

To the maximum extent permitted by applicable law, the Manager (Customer) shall indemnify, defend and hold harmless the Provider against any third-party claim, regulatory fine, penalty, loss, damage or cost (including reasonable legal fees) arising out of or in connection with: (i) the Manager's failure to comply with applicable employment, working-time, employee-monitoring, health-and-safety or data-protection laws; (ii) instructions given by the Manager to the Provider as data controller; (iii) content uploaded by the Manager or the Manager's employees that infringes third-party rights or applicable law. This indemnity does not apply to the extent the claim results from the Provider's intentional misconduct or its own breach of mandatory law.


4. Data Ownership

4.1 Business Data

All business operational data — including tasks, shifts, schedules, templates, inventory requests, and related content — belongs to the Customer's business. We do not claim ownership of your business data.

4.2 No Data Monetization

We do not sell, share, rent, or use Customer business data for our own commercial purposes, advertising, analytics, or any purpose beyond providing the Service.

4.3 Data on Termination

Upon account termination, data is retained for 90 days from the contract expiration date to allow the Customer to request a data export or full reactivation. After 90 days without reactivation, data is permanently deleted, except for data that the Provider is required to retain on the Customer's instruction or under applicable law (in particular working-time records under Polish labour law, which may require retention by the employer-controller for up to 10 years — see the retention table in the Privacy Policy). Retention periods for individual data categories are set out in the Privacy Policy and prevail in case of doubt. "Deletion" means permanent removal from our primary systems and exclusion from future backups; data already included in existing backups at the time of deletion will be removed as those backups expire in the ordinary course, within a maximum of 90 days.

4.4 Data Export

During the retention period following termination, you may request an export of your data in a machine-readable format. Contact us at the address listed in Section 10 to make this request.


5. Data Processing Agreement (DPA)

This section constitutes the Data Processing Agreement between the Customer (data controller) and BEEZEE (data processor) as required by Article 28 of the General Data Protection Regulation (EU) 2016/679 ("GDPR").

5.1 Roles and Definitions

5.2 Subject Matter and Duration

The Processor processes personal data on behalf of the Controller for the purpose of providing the BEEZEE workforce management platform. The processing begins when the Controller creates an account and continues for the duration of the service relationship, plus any applicable retention period defined in Section 4.3.

5.3 Nature and Purpose of Processing

The Processor processes personal data to:

5.4 Types of Personal Data Processed

CategoryExamples
Identity dataFirst name, last name, email address
Authentication dataPassword hash, refresh tokens, device tokens
Employment dataBusiness association, assigned role (Manager / Employee)
Work activity dataShift start/end times, break start/end times, working time calculations
Task dataTask assignments, completion timestamps, task notes, task comments
Schedule dataPlanned shifts (date, start time, end time, notes)
PhotosTask completion proof photos, inventory request photos
Communication dataNotification messages, notification read status
Preference dataPreferred language setting
Inventory dataInventory request descriptions, item names, priority levels

5.5 Categories of Data Subjects

5.6 Obligations of the Processor

BEEZEE, as the data processor, undertakes the following obligations:

  1. Process only on Controller instructions. We process personal data only on documented instructions from the Controller, unless required to do so by EU or Member State law — in which case we will inform the Controller of that legal requirement before processing, unless the law prohibits such notification. The Controller's documented instructions are constituted by these Terms, the configuration options made available in the Service and any further written instructions accepted in writing by the Provider. Instructions given through the Service's configuration interface are treated as documented instructions for the purpose of Art. 28(3)(a) GDPR.
  2. Confidentiality. We ensure that all persons authorized to process personal data are bound by contractual or statutory obligations of confidentiality.
  3. Security measures. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including industry-standard encryption, access control, and secure infrastructure practices.
  4. Sub-processor engagement. We do not engage another processor without prior written authorization from the Controller. See Section 5.7 for the list of currently authorized sub-processors. We will inform the Controller of any intended changes to sub-processors by publishing the updated list in this document and by sending an email notice to the Manager at least 30 days before the change takes effect, giving the Controller the opportunity to object on reasonable data-protection grounds. If we cannot accommodate the objection, the Controller may terminate the affected services without penalty; in that case any prepaid fees for the unused part of the subscription period will be refunded on a pro-rata basis. The Controller must notify us of any objection within the 30-day notice period. Silence during this period constitutes acceptance of the proposed change.
  5. Data subject rights assistance. We assist the Controller in responding to data subject requests to exercise their rights under GDPR (access, rectification, erasure, restriction, portability, objection), by providing appropriate technical and organizational measures.
  6. Breach notification. We notify the Controller without undue delay after becoming aware of a personal data breach. The notification will include the nature of the breach, categories and approximate number of data subjects affected, likely consequences, and measures taken or proposed to address the breach.
  7. Data deletion or return. At the Controller's choice, we delete or return all personal data to the Controller after the end of the service relationship, and delete existing copies unless EU or Member State law requires storage of the data. See Section 4.3 for retention timelines.
  8. Audit and inspection. We make available to the Controller all information necessary to demonstrate compliance with GDPR Article 28 obligations and contribute to audits and inspections. The Controller may exercise its audit right no more than once per calendar year (and additionally following a confirmed personal data breach affecting the Controller's data), with at least 30 days' prior written notice, during normal business hours, at the Controller's cost, and subject to a reasonable confidentiality undertaking. The Provider may satisfy this obligation by providing an up-to-date independent third-party audit report (such as ISO 27001 or SOC 2) in lieu of an on-site audit, where such report reasonably covers the scope of the requested audit.
  9. Allocation of GDPR liability. Without prejudice to Article 82 GDPR, each party bears the consequences of its own non-compliance with the GDPR. The Controller indemnifies the Processor against administrative fines and damages arising from instructions, processing purposes or means determined by the Controller, or from the Controller's own breach of GDPR.

5.7 Authorized Sub-Processors

The Controller hereby authorizes the Provider to engage the following sub-processors for the purposes described below:

Sub-ProcessorServiceData ProcessedLocationSafeguard
Microsoft Azure Managed cloud database, object storage, compute and secrets-management services All platform data EU region Microsoft Products and Services DPA; EU-approved Standard Contractual Clauses
Apple APNs Push notifications to iOS devices Device token, notification title and body text United States Apple's Data Processing Agreement; EU–US Data Privacy Framework
Google FCM Push notifications to Android devices Device token, notification title and body text United States Google Cloud Data Processing Amendment; EU–US Data Privacy Framework; Standard Contractual Clauses

5.8 International Data Transfers

Primary platform data (databases, file storage, application services) is hosted in an EU Azure region. No primary data is transferred outside the EU/EEA.

Push notification delivery requires transferring limited data (device tokens and notification payloads) to Apple (United States) and Google (United States). These transfers are protected by:

Notification payloads contain only a title and body text. They do not contain sensitive personal data.

5.9 Data Protection Impact Assessment

Important — employee monitoring and DPIA obligation: Where the Service is used to monitor employees (including tracking shift times, break durations, task completion, and work photos), such processing may constitute "high risk" processing within the meaning of Article 35(1) GDPR and may require the Controller (Manager) to carry out a Data Protection Impact Assessment (DPIA) before beginning that processing. The obligation to carry out a DPIA where required rests with the Controller (Manager). The Manager should assess whether a DPIA is required under Article 35 GDPR and the applicable guidelines of the relevant supervisory authority before deploying the Service for employee monitoring.

Where a type of processing is likely to result in a high risk to the rights and freedoms of data subjects, the Processor will assist the Controller in carrying out a Data Protection Impact Assessment (DPIA) as required by GDPR Article 35, including by providing information about the processing activities described in Section 5.3 and the security measures described in Section 5.6(3).


6. Service Availability

6.1 Availability

We strive to maintain high availability of the Service but do not guarantee uninterrupted access. The Service is provided on a best-effort basis. We do not commit to a contractual Service Level Agreement (SLA) unless agreed separately in writing.

6.2 Maintenance

We may perform scheduled maintenance that temporarily affects Service availability. Where possible, we will schedule maintenance during low-usage hours and notify affected users in advance.

6.3 No Liability for Downtime

To the maximum extent permitted by applicable law, and subject to Sections 8.3 and 8.5, we are not liable for any losses, damages, or inconvenience caused by temporary unavailability of the Service due to maintenance, technical issues, or circumstances beyond our reasonable control.

6.4 Warranty Disclaimer

To the maximum extent permitted by applicable law, the Service is provided "as is" and "as available" without any warranty, express or implied, including without limitation any implied warranty of merchantability, fitness for a particular purpose, or non-infringement. This disclaimer does not affect any statutory warranty rights you may have under mandatory consumer protection law (including those preserved by Section 8.5).


7. Intellectual Property

7.1 Platform Ownership

The BEEZEE application, including its design, source code, architecture, documentation, trademarks, and branding, is the intellectual property of BEEZEE. These Terms do not transfer any intellectual property rights to you.

7.2 Business Data Ownership

As stated in Section 4, all business operational data created through the Service belongs to the Customer.

7.3 User-Generated Content

By uploading photos or other content to the Service, you grant us a worldwide, non-exclusive, royalty-free, sub-licensable (solely to our authorised sub-processors listed in Section 5.7) license to host, store, reproduce, transmit, process and display that content for the sole purpose of providing the Service to you, including hosting, backup, redundancy and delivery to authorised users. This license terminates when the content is deleted or the account is terminated, subject to the retention period in Section 4.3 and any applicable statutory retention.

7.4 Feedback

Any feedback, suggestions, or ideas you provide about the Service may be used by us without restriction or compensation to improve the Service.


8. Limitation of Liability

8.1 Liability Cap

To the maximum extent permitted by applicable law, our aggregate liability towards the Customer arising out of or in connection with the Service is limited to the total amount of fees paid by the Customer to us during the twelve (12) months preceding the event giving rise to the liability. Where the Service is provided free of charge, our aggregate liability is limited to PLN 1,000. The limitations in this Section 8.1 are subject to Sections 8.3 and 8.5. The warranty disclaimer in Section 6.4 forms part of the basis of the bargain between the parties and has been taken into account in setting the liability cap above.

8.2 Exclusion of Indirect Damages

To the maximum extent permitted by applicable law, and subject to Sections 8.3 and 8.5, we are not liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to:

8.3 Mandatory Liability — No Exclusion (art. 473 § 2 of the Polish Civil Code)

Nothing in Sections 8.1 or 8.2 excludes or limits our liability for:

Nothing in this Section 8 limits or affects the allocation of GDPR liability set out in Section 5.6(9).

8.4 Force Majeure

Neither party is liable for any failure or delay in performing its obligations due to circumstances beyond its reasonable control, including but not limited to natural disasters, acts of government, pandemic, war, terrorism, power failures, internet outages, or failures of third-party infrastructure not attributable to the Provider's lack of due diligence in selecting and monitoring its providers.

8.5 Consumers and Quasi-Consumers

If the Customer qualifies as a consumer within the meaning of art. 22¹ of the Polish Civil Code, or as an entrepreneur granted certain consumer protections under art. 385⁵, art. 556⁴ and art. 556⁵ of the Polish Civil Code (a sole trader concluding a contract not directly related to their professional activity), the limitations in Sections 8.1 and 8.2 apply only to the extent permitted by mandatory consumer protection law.


9. Termination

9.1 Termination by the Customer

The Customer may terminate their account at any time by contacting us at biznest.platform@gmail.com. Termination takes effect upon confirmation.

9.2 Termination by the Provider

We may terminate or suspend the Customer's account:

Where the Customer qualifies as a consumer or quasi-consumer, termination for convenience by the Provider requires an important reason (ważne powody), which we will state in the termination notice.

9.3 Effect of Termination

Upon termination:

9.4 Survival

Sections that by their nature should survive termination will remain in effect, including: Data Processing Agreement (Section 5), Limitation of Liability (Section 8), Governing Law (Section 10), and any accrued obligations.


10. Governing Law and Disputes

10.0 Complaints (art. 8 ust. 3 pkt 4 uśude)

You may submit complaints regarding the Service via email to biznest.platform@gmail.com. A complaint should describe the issue, the date it occurred, and the user's contact details. Complaints will be reviewed and responded to within 14 days from receipt. If a consumer's complaint is not handled in line with their request, the consumer may use out-of-court dispute resolution mechanisms, including: the Voivodeship Inspector of Trade Inspection (Wojewódzki Inspektor Inspekcji Handlowej), municipal or county consumer ombudsmen (rzecznik konsumentów), or an entity listed in the UOKiK register of certified ADR entities (rejestr podmiotów uprawnionych do pozasądowego rozwiązywania sporów konsumenckich), available at www.uokik.gov.pl.

10.1 Governing Law

These Terms are governed by and construed in accordance with the laws of the Republic of Poland, without regard to its conflict of law provisions. Where these Terms conflict with mandatory EU consumer protection or data protection law, or with mandatory provisions of the law of the consumer's country of habitual residence, the applicable mandatory law prevails.

10.2 Jurisdiction

For Customers who are entrepreneurs (other than quasi-consumers benefiting from consumer protections), any disputes arising out of or in connection with these Terms shall be submitted to the exclusive jurisdiction of the courts competent for the seat of the Provider in Warsaw, Poland. For Customers who are consumers or quasi-consumers, jurisdiction is determined by the generally applicable provisions of Polish and EU procedural law (in particular Regulation (EU) No 1215/2012, Brussels I bis), and this clause does not deprive consumers of any protection afforded by mandatory rules.

10.3 Language

These Terms are provided in English, Polish, and Ukrainian. For customers located in Poland, the Polish version is the governing version and shall prevail in case of any inconsistencies between language versions. For all customers outside Poland, the English version is the governing version and shall prevail in case of any inconsistencies between language versions. For Customers who are consumers or quasi-consumers under Polish law, in the event of any inconsistency between language versions, the interpretation most favourable to the consumer shall apply, and nothing in this clause deprives such Customers of any protection afforded by mandatory provisions of Polish consumer protection law.

10.4 Contact

For questions, requests, or complaints related to these Terms or the Service:


11. Right of Withdrawal (Consumers and Quasi-Consumers)

If the Customer is a consumer within the meaning of art. 22¹ of the Polish Civil Code, or a quasi-consumer within the meaning of art. 385⁵ of the Polish Civil Code (a sole trader concluding a contract not directly related to their professional activity) benefiting from consumer protections under the Consumer Rights Act pursuant to art. 38a thereof, they have the right to withdraw from the contract for the Service within 14 days from its conclusion, without giving any reason, in accordance with the Polish Consumer Rights Act of 30 May 2014 (ustawa o prawach konsumenta).

To exercise this right, the Customer must inform us of their decision by an unequivocal statement (e.g. an email to biznest.platform@gmail.com) before the 14-day period expires.

Loss of the right of withdrawal. Pursuant to art. 38 of the Consumer Rights Act, the right of withdrawal does not apply to contracts for the supply of digital content or digital services not delivered on a tangible medium where performance has begun with the consumer's prior express consent and acknowledgement that they will thereby lose the right of withdrawal. By starting to use the Service before the 14-day period expires and confirming this on first login, the Customer expressly consents to immediate performance and acknowledges the loss of the right of withdrawal upon full performance.

If you validly exercise your right of withdrawal (without triggering the loss-of-right mechanism above), we will reimburse any fees paid without undue delay and in any event within 14 days of the day on which we are informed of your decision to withdraw. We will delete your account data within 14 days of the effective withdrawal date.

Model withdrawal form (use is not mandatory — you may use any unequivocal statement):

To: Ivan Melchenko and Andrei Rabeshka (BEEZEE), biznest.platform@gmail.com

I/We (*) hereby give notice of my/our (*) withdrawal from my/our (*) contract for the provision of the following service: BEEZEE workforce management platform.

Date of contract conclusion: ___________________

Name of consumer(s): ___________________

Address of consumer(s): ___________________

Signature of consumer(s) (only if this form is submitted on paper): ___________________

Date: ___________________

(*) Delete as applicable.


12. Changes to These Terms

We may update these Terms from time to time. If we make material changes, we will notify you by email or through the Service at least 30 days before the changes take effect.

For Customers who are consumers or quasi-consumers under Polish law, material changes to these Terms will require your explicit acceptance before taking effect; we will provide a clear mechanism for this in the notification of changes. Continued use of the Service by consumers or quasi-consumers will not be deemed acceptance of material changes in the absence of such explicit acceptance.

For all other Customers, continued use of the Service after the effective date of the updated Terms constitutes acceptance of the changes.

If you do not agree with the updated Terms, you may terminate your account as described in Section 9.1, without penalty, before the changes take effect.


13. General Provisions

13.1 Entire Agreement

These Terms, together with any applicable Privacy Policy and any supplementary agreements, constitute the entire agreement between you and BEEZEE regarding the use of the Service.

13.2 Severability

If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect.

13.3 No Waiver

Failure to enforce any provision of these Terms does not constitute a waiver of that provision or any other provision.

13.4 Assignment

You may not assign or transfer your rights or obligations under these Terms without our prior written consent. We may assign our rights and obligations to a successor entity in the event of a merger, acquisition, or sale of all or substantially all of our assets. Any transfer of personal data in the context of such an assignment will be carried out in accordance with the GDPR; affected data subjects will be informed where required by law.

13.5 Single Point of Contact (Digital Services Act)

For the purposes of Articles 11 and 12 of Regulation (EU) 2022/2065 (Digital Services Act), our single point of contact for users and for authorities of EU Member States, the Commission and the European Board for Digital Services is: biznest.platform@gmail.com. Communications may be sent in English or Polish. We include Sections 13.5 and 13.6 in the interest of transparency; we are monitoring our obligations under the Digital Services Act as our service evolves.

13.6 Notice and Action for Illegal Content

Any person may notify us of content available through the Service that they consider to be illegal (including alleged copyright infringement) by sending a sufficiently substantiated notice to biznest.platform@gmail.com. The notice should identify the content, its location in the Service, the legal grounds for the claim and the contact details of the notifier. We will process notices in accordance with Article 16 of the Digital Services Act and inform the notifier and, where appropriate, the affected user of the action taken.