Back to home

Privacy Policy

Last updated: July 15, 2026

This Policy explains what personal data wabi.school processes, why we do so, who may receive it, and the rights available to a user.

1. Who is responsible for data

The data controller for operation of the Platform is FOP Slobodskyi Oleksandr Mykolayovych, Tax ID 3432501553, 118 Kerchenska Street, Odesa, 65069, Ukraine. Privacy contact: hi@wabi.school.

A creator may separately be a controller of their students' data when using it to deliver a course, provide support, process refunds, or conduct their own marketing. The creator's policy may also apply in that case.

2. Data you provide

We may receive a name, email, phone number, profile details, avatar, links, support messages, and information needed to create an account or complete a purchase.

For creators, we also process product pages, lessons, video and files, domain settings, payment and advertising integrations, team data, and other published content.

3. Technical data and activity

When you use Wabi, we may record an IP address, browser, device, approximate location, request time, error and security logs, pages viewed, lesson progress, and video viewing duration.

For attribution analytics, we may store a referrer, UTM tags, an anonymous identifier, and advertising click IDs. Where a creator enables an advertising integration, identifiers such as _fbp or _fbc may also be used.

4. Payment data

Paddle processes Wabi plan payments, while Mono, WayForPay, or another connected provider processes payments for creator courses and events. Wabi does not store full payment-card details.

We receive a transaction or subscription identifier, amount, currency, status, date, and data needed for access, support, accounting, and fraud prevention.

5. Why we process data

We use data to create accounts, authenticate users, provide product access, process payments, deliver video, communicate, support users, analyse the service, maintain security, and meet legal obligations.

Legal bases may include performance of a contract, legitimate interests in operating and protecting the service, compliance with law, and consent where required, including for certain marketing technologies.

6. Who receives data

We use Supabase (database and authentication), Bunny Stream (video), Vercel (hosting), Resend (email), Sentry (error monitoring), Telegram (notifications), Paddle (Wabi plans), and Mono and WayForPay (creator-product payments). They receive only the data needed for the relevant service.

We may also disclose data where required by law, to protect rights and safety, or during a business reorganisation subject to appropriate safeguards.

7. Creators and advertising integrations

A creator can see data for students in their products, including name, contact, access, progress, and payment status, to deliver the course and support them.

If a creator enables Meta, TikTok, Google, or another advertising integration, visit, checkout, and purchase data may be sent to that service. The creator is responsible for a lawful setup and any required notice or consent.

If a creator connects Telegram notifications, the buyer's name and email, purchased product, amount, payment status, and attribution data may be sent to private Telegram accounts explicitly connected by the brand owner or an administrator. The creator is responsible for recipient access and for promptly disconnecting people who no longer need the messages.

8. International processing

Some providers may process data outside Ukraine or the user's country. We select providers with contractual and technical protections and use legally recognised transfer mechanisms where applicable.

9. Retention

We retain data while an account is active and it is needed for the service, then for as long as required for tax records, security, backups, disputes, and legal compliance.

The exact period depends on the data type. When data is no longer required, we delete or de-identify it unless the law requires longer retention.

10. Your rights

Depending on applicable law, you may request access, correction, deletion, restriction, or portability; object to processing; withdraw consent; or complain to a competent data-protection authority.

Send a request to hi@wabi.school. We may verify your identity and will respond within the statutory period. Some data cannot be deleted immediately because of legal duties or the rights of others.

11. Cookies and similar technologies

We use necessary cookies for authentication, sessions, security, cross-domain routing, and basic preferences. Cookies or local storage may also support attribution and creator-enabled advertising integrations.

You can control cookies in your browser. Blocking necessary cookies may prevent sign-in or other features from working.

12. Security and incidents

We use transport encryption, access controls, account data isolation, protected secret storage, backups, and monitoring. No online service can guarantee absolute security.

If an incident occurs, we will investigate it, contain its impact, and notify users or authorities where required by law.

13. Children's data

Wabi is not intended for independent use by children without a legal guardian's involvement. If you believe a child's data was collected without proper consent, contact us so we can investigate and remove it.

14. Sale of data and automated decisions

We do not sell personal data. Wabi does not make decisions about users that have legal or similarly significant effects solely by automated means.

15. Changes and contact

We may update this Policy as the product, providers, or law evolves. The current date appears above; we will communicate material changes through the Platform or by email.

Privacy contact: hi@wabi.school. Postal address: 118 Kerchenska Street, Odesa, 65069, Ukraine.