Privacy Policy

Last updated: 2026-07-09

1. Controller

[OPERATOR LEGAL NAME], IČO [IČO], [ADDRESS], Czech Republic. Contact for privacy matters: [PRIVACY EMAIL].

2. Two roles: controller and processor

3. What we process and why

We use no analytics or advertising trackers. Cookies are limited to what sign-in and language selection strictly require.

4. Sub-processors

Sub-processorLocationPurpose
Hetzner Online GmbHDE / EUHosting & storage (servers, backups)
Stripe Payments Europe, Ltd.IE / EUPayment processing & invoicing
Resend (Plus Five Five, Inc.)US*Transactional email delivery
Google Ireland Ltd.IE / EUOptional Google sign-in (only if you use it)

* Third-country transfers are covered by Standard Contractual Clauses (SCCs) / the EU-U.S. Data Privacy Framework.

5. Retention

6. Your rights

You have the rights of access, rectification, erasure, restriction, portability and objection under the GDPR. In the app you can directly download your data (Account → Download my data) and delete your account or organization. For anything else contact [PRIVACY EMAIL]. You may lodge a complaint with the Czech Office for Personal Data Protection (ÚOOÚ, uoou.gov.cz).

7. Security

TLS in transit, tenant isolation at the application layer, hashed passwords (bcrypt), least-privilege storage credentials, network isolation of databases, and nightly off-site backups. No system is perfectly secure; we notify affected users and authorities of breaches as the GDPR requires.

8. Changes

Material changes to this policy are announced by email or in-app at least 14 days in advance.

Terms of Service