Privacy Policy
Last updated: 2026-07-09
1. Controller
[OPERATOR LEGAL NAME], IČO [IČO], [ADDRESS], Czech Republic. Contact for privacy matters: [PRIVACY EMAIL].
2. Two roles: controller and processor
- For account and billing data (your name, email, password hash, plan, invoices, logs) we act as the data controller.
- For content you put into documents — which may include personal data of third parties — we act as your data processor and process it only on your instructions. The Data Processing Agreement (DPA) is available on request at [PRIVACY EMAIL] and forms part of the Terms for business customers.
3. What we process and why
- Account data (name, email, hashed password, language) — to provide the Service; legal basis: contract performance.
- Billing data (plan, subscription status, Stripe customer id) — payments and tax records; legal bases: contract, legal obligation. Card numbers never reach our servers; they go directly to Stripe.
- Customer Content (templates, documents, variables, generated exports) — stored and rendered to provide the Service; processed as processor.
- Technical logs (IP address, user agent, timestamps) — security, abuse prevention and diagnostics; legal basis: legitimate interest. Rotated within days.
- Transactional emails (verification, password reset, invitations) — account lifecycle; legal basis: contract performance.
We use no analytics or advertising trackers. Cookies are limited to what sign-in and language selection strictly require.
4. Sub-processors
| Sub-processor | Location | Purpose |
|---|---|---|
| Hetzner Online GmbH | DE / EU | Hosting & storage (servers, backups) |
| Stripe Payments Europe, Ltd. | IE / EU | Payment processing & invoicing |
| Resend (Plus Five Five, Inc.) | US* | Transactional email delivery |
| Google Ireland Ltd. | IE / EU | Optional Google sign-in (only if you use it) |
* Third-country transfers are covered by Standard Contractual Clauses (SCCs) / the EU-U.S. Data Privacy Framework.
5. Retention
- Account and content data: for the life of the account; deleted upon account/organization deletion (self-service in the app).
- Generated export files: deleted automatically after 30 days.
- Backups: encrypted at rest, rotated within 30 days of creation.
- Invoicing records: retained as required by tax law (up to 10 years).
6. Your rights
You have the rights of access, rectification, erasure, restriction, portability and objection under the GDPR. In the app you can directly download your data (Account → Download my data) and delete your account or organization. For anything else contact [PRIVACY EMAIL]. You may lodge a complaint with the Czech Office for Personal Data Protection (ÚOOÚ, uoou.gov.cz).
7. Security
TLS in transit, tenant isolation at the application layer, hashed passwords (bcrypt), least-privilege storage credentials, network isolation of databases, and nightly off-site backups. No system is perfectly secure; we notify affected users and authorities of breaches as the GDPR requires.
8. Changes
Material changes to this policy are announced by email or in-app at least 14 days in advance.