Privacy Policy

Effective Date: 2025-03-08. We provide notice of material updates by posting an alert on this page and, where appropriate, by email or in-product message. The updated notice applies from the effective date stated above.

This policy is aligned with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”).

1. Data Controller Details

Data controller: FileKit. Contact: info@filekit.eu.

2. Data We Process and Purposes

  • Account data (email address, password): registration, login, account administration.
  • QR content (text or URL provided by the user): QR code generation and delivery.
  • Transactional communications (email): notifications, password resets, support.
  • Usage statistics (cookie-based, aggregated): service performance and improvement.
  • Payment data: processed by Stripe; FileKit does not access card details.

3. Legal Bases

  • Contract performance: account creation, QR code generation, and service delivery.
  • Consent: optional marketing/analytics cookies and newsletters (if offered).
  • Legal obligation: accounting and compliance requirements.
  • Legitimate interests: security, abuse prevention, service quality.

4. Data Processors

We use processors that act on our instructions:

  • Stripe – payment processing.
  • Google Analytics – aggregated usage analytics.

5. Transfers Outside the EU/EEA

Some processors may handle data outside the European Economic Area. Where applicable, we rely on appropriate safeguards such as EU Standard Contractual Clauses.

6. Retention Periods

Account data is retained while your account is active. Upon deletion request, we delete or anonymize account data within 30 days unless longer retention is required by law. Payment data retention is governed by Stripe’s policies and legal obligations.

7. Data Subject Rights

  • Access to your personal data.
  • Rectification, erasure, and restriction requests.
  • Data portability.
  • Objection to processing based on legitimate interests.
  • Withdrawal of consent (where applicable).

9. Security Measures

We use HTTPS, access controls, and encrypted password storage. We apply reasonable technical and organizational measures to protect data from unauthorized access.

10. Cookie Management

We use cookies for site functionality and analytics. Non-essential cookies require consent via the cookie banner.

  • Strictly necessary cookies: core functionality and security.
  • Analytics cookies: measurement of site usage (Google Analytics).

11. Changes to This Policy

We may update this notice from time to time. We will highlight material changes on this page and, when appropriate, by email or in-product message. The updated document applies from the effective date shown above.

12. Contact

For privacy questions or to exercise your rights, contact us at: info@filekit.eu.