Privacy

Privacy Policy – GDPR & CCPA compliant

We value your privacy and are committed to protecting your personal data. This notice explains how we collect, use, and share your information in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”).

1. Who is the data controller?

Vladislav Gapurov (“we”, “our”, “us”) is the entity responsible for your personal data. You can reach us at gapurov@gmail.com.

2. What data do we collect?

  1. Identification data – name, e-mail address, telephone number.
  2. Device & log data – IP address, browser user-agent, pages visited, timestamps.
  3. Account data – login credentials, authentication tokens.
  4. Usage data – feature interaction, click-stream, preferences.
  5. Marketing data – newsletter opt-in, campaign engagement.

3. Why do we process your data? (Art. 6 GDPR / §1798.100 CCPA)

  • To provide and maintain our services (performance of a contract).
  • To comply with legal obligations (e.g. tax, bookkeeping, security logs).
  • To improve our site, conduct analytics, and develop new features (legitimate interest).
  • To send you marketing material when you consent (consent / opt-in).
  • To detect, prevent, and investigate fraud or abuse (legitimate interest/legal obligation).

4. Cookies & tracking technologies

We use first-party and third-party cookies and similar technologies. You can manage your preferences at any time via the cookie banner or your browser settings.

5. Sharing & international transfers

We only share data with service providers that:

  • act on our documented instructions,
  • have signed Data Processing Agreements (DPAs), and
  • implement appropriate technical and organisational measures (Art. 28 GDPR).

When we transfer data outside the EEA or UK we rely on:

  • adequacy decisions,
  • Standard Contractual Clauses (SCCs) approved by the European Commission, and
  • additional safeguards such as encryption in transit and at rest.

We do not sell or share your personal information as defined by the CCPA (Cal. Civ. Code §1798.140 ad). We have not sold/shared personal information in the last 12 months.

6. Retention

We keep personal data only for as long as necessary to fulfil the purposes outlined in this notice or to comply with legal requirements. Back-ups are purged after 30 days.

7. Your rights

Under GDPR you have the right to access, rectify, erase, restrict, object to processing, and to data portability. Under the CCPA you have the right to know, delete, correct, and opt-out of the sale/share of personal information. To exercise any of these rights please e-mail gapurov@gmail.com. We will respond within one month (GDPR) or 45 days (CCPA).

You also have the right to lodge a complaint with your local supervisory authority (for EU residents) or with the California Attorney General (for California residents).

8. Children’s data

Our services are not directed to children under 16. We do not knowingly collect personal data from minors.

9. Security

We apply industry-standard measures including TLS 1.3 encryption, least-privilege access control, and regular penetration testing.

10. Changes to this notice

We may update this policy from time to time. The latest version is always available at /legal/privacy. Material changes will be announced via e-mail or an in-app banner.