Privacy Policy
Last updated:December 29, 2025
1. Data Controller
PolicyTracker.eu
Email: hello@policytracker.eu
2. Data We Collect
- Website URL (for scanning)
- Email address (for report delivery)
- Payment data (via Stripe, if purchasing)
- Technical logs (IP, browser, timestamps)
3. Purpose of Processing and Legal Basis
We use your data only for the specific purposes described below. We collect your data for the following purposes, each with a corresponding legal basis under GDPR Art. 6:
| Purpose | Data | Legal Basis |
|---|---|---|
| Send audit report | URL, email | Contract performance (Art. 6(1)(b)) |
| Product updates (opt-in) | Consent (Art. 6(1)(a)) | |
| Payments | Payment data | Contract performance (Art. 6(1)(b)) |
| Security & analytics | Technical logs | Legitimate interest (Art. 6(1)(f)) |
4. Data Retention
- Audit reports: 12 months
- Emails: until unsubscribe or 3 years
- Payment data: 7 years (accounting requirements)
- Technical logs: 30 days
5. Third Parties (Processors)
| Processor | Purpose | Location | Safeguards |
|---|---|---|---|
| Stripe | Payment processing | EU/US | SCCs + DPA |
| Resend | Transactional email delivery | US | SCCs + DPA |
| Hetzner | Server infrastructure & hosting | EU (Germany) | GDPR compliant |
SCCs = Standard Contractual Clauses. DPA = Data Processing Agreement.
All processors are contractually bound to protect your data and process it only for specified purposes.
International transfers: Stripe and Resend are based in the United States. Data transfers outside the EEA are protected by Standard Contractual Clauses (SCCs) as approved by the European Commission under GDPR Art. 46(2)(c).
6. Your Rights
Email hello@policytracker.eu to:
- Access your data
- Correct your data
- Delete your data
- Object to processing
- Restrict processing
- Data portability
We will respond within 1 month.
Right to complain: You may lodge a complaint with the Polish supervisory authority: UODO (Urząd Ochrony Danych Osobowych)
7. Security
We implement appropriate technical and organizational measures to protect your personal data:
- HTTPS encryption for all data in transit
- Access controls and authentication
- Regular security audits
- Data encryption at rest
8. Cookies
We use cookies for essential functionality and analytics (with your consent). See our Cookie Policy for details.
9. Testimonials
We publish customer testimonials (names, roles, companies) only with explicit written consent.
To update or remove your testimonial, email hello@policytracker.eu.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last updated" date.