Last reviewed: 2026-05-19
Template. This document is a structural placeholder. Replace it with text reviewed by your legal counsel before launch.
Account data (email, profile), organization membership, billing metadata (held by Stripe), and security/audit logs. Strictly necessary cookies (session, CSRF) are documented and require no consent; analytics load only with consent.
Provision of the service (contract), security (legitimate interest), and analytics (consent). Detail per processing purpose goes here.
We use the vendors listed in the sub-processor list. International-transfer safeguards go here.
Access, rectification, and erasure. You can export all your data and request account deletion in-app; deletion hard-deletes personal data within 30 days and anonymizes audit records.
Audit logs are retained 2 years, application logs 30 days, soft-deleted records 30 days. Controller contact and DPO details go here.