Privacy
Privacy Notice
How MateRico handles site data, contact submissions, newsletter signups, and operational records.
Last updated: June 19, 2026
What this notice covers
This notice explains how MateRico handles personal data when you browse the site, create or use an account, change language or cookie settings, send feedback, upload supporting files, or join the newsletter.
The data controller for MateRico is Dominik Mędrala, conducting business as Milton Corp (Polish NIP/tax id 5521622830, REGON 384725932), operating MateRico. For privacy requests, contact hello@thematerico.com or use the contact form linked in the site.
It is written for the public website and product/catalog experience. If a future feature has a separate flow with additional terms, we will link to it directly there.
MateRico-controlled production storage for the database, uploaded feedback files, application logs, and backups runs on an OVHcloud VPS in Roubaix, France (EU). External services such as Google sign-in, Google Analytics, and MailerLite are described below because they may process data under their own service terms and data-processing safeguards.
What we may collect
We keep the data needed to run the site and answer you. Depending on what you do, this can include cookie choices, language preference, contact details you submit, uploaded images or notes, and basic technical records tied to security and troubleshooting.
- Cookie consent state and language preference when you allow preference storage
- Account data if you sign in with Google, including verified email, Google account identifier, display name, avatar URL, account settings, newsletter status, login timestamps, account deletion request dates, and API-owned session records
- Product review data if you submit a review while signed in, including review text, three ratings, optional session/context notes, locale, moderation status, and basic request metadata
- Email address, message text, and optional attachments in contact or feedback flows
- Newsletter signup details if you subscribe, including consent evidence needed for MailerLite sending
- Operational logs such as IP address, browser, timestamps, and request metadata
- Minimal technical error telemetry, such as page path without query or hash, request id, browser, timestamp, error type, and hashed IP; we do not collect cookies, request bodies, form fields, or URL query values for this telemetry
Why we use the data
We use data to operate the site, respond to submissions, protect the service, and improve catalog quality. Google sign-in is used for account access and is not treated as marketing consent. When enabled for the site, Google Analytics starts with analytics and advertising storage denied; full Google Analytics measurement is enabled only after analytics consent. Marketing cookies are not active by default.
- Deliver the pages you request and remember allowed preferences
- Review data corrections, feedback, product reviews, and moderation-related submissions
- Send newsletter emails only when you requested them
- Detect abuse, investigate errors, and keep the service secure
Legal bases
We rely on the legal basis that matches the specific feature. Account sessions and profile settings are processed to provide requested account functionality. Contact, feedback, and catalog-correction messages are processed to respond to the request and improve the catalog. Newsletter sending uses your consent. Security logs, abuse prevention, and essential session cookies rely on operating and protecting the service. Some records may also be kept when needed for legal obligations or claims.
Age
MateRico is not directed to children. Account, feedback, and newsletter features are intended for adults.
Sharing, storage, and retention
MateRico-controlled account, feedback, upload, log, and backup storage stays on the OVHcloud VPS in Roubaix, France (EU). The application database, feedback uploads, application logs, and local backups are controlled there by MateRico. Local backups are retained as 30 daily and 4 weekly recovery points, and no MateRico-controlled backup is intentionally transferred outside the EU.
Data may also be processed by infrastructure providers, Google as the account sign-in provider, Google Analytics when analytics consent is granted, or email providers such as MailerLite for newsletter delivery. We do not sell personal data or open community submissions to public indexing by default.
If a provider processes data outside the European Economic Area, the production owner must keep the provider contract, data-processing terms, adequacy decision, or standard contractual clauses aligned with the live configuration before relying on that provider.
Feedback submissions and attachments are kept until the matter is closed and then for no longer than 12 months unless a documented legal or security reason requires more time. Security event and request metadata is normally kept for up to 90 days unless an incident, troubleshooting need, legal obligation, or claim requires longer retention. Account deletion requests are kept reversible for 30 days before the account record is removed by scheduled cleanup. Newsletter records are kept until unsubscribe, withdrawal, or a valid deletion request, with minimal consent evidence kept only as long as needed for legal obligations or claims.
Your choices
You can reopen cookie preferences from the footer at any time. If you have a MateRico account, you can change your display name, choose whether to show your Google avatar or no profile photo, manage newsletter status, request account deletion, and restore the account during the 30-day grace period. Newsletter emails should always include an unsubscribe path.
You can ask for access, correction, deletion, restriction, objection, portability, or withdrawal of consent for information you submitted through MateRico by using the active contact channel shown in the site. You may also complain to the competent data protection authority.
If we materially change this notice, we will update the date on this page and publish the revised version here.