Privacy Policy

Effective Date: July 6, 2025

Last Updated: July 6, 2025

At contrat.io (“we”, “us”, “our”), we are committed to protecting your privacy and handling your data with transparency and care. This Privacy Policy outlines how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR).

By using contrat.io, you agree to the practices described in this policy.

1. Data We Collect

When you use contrat.io, we collect the following types of data:

Billing Information for Invoicing via Stripe:

Email address
Full name
Address
Payment details (processed securely via Stripe)

Account & Usage Information:

Actions performed within the app
Login activity and logs
Subscription and payment status
Uploaded documents and files (used solely within your workspace)
Location data (for security and fraud prevention)
IP address
Device and browser information

2. How We Use Your Data

We use your personal data for the following purposes:

To create and manage your account
To deliver and operate our SaaS services
To send service-related reminders (e.g., trial expiration, payment failure)
To ensure platform security, fraud detection, and abuse prevention
To analyze usage patterns and improve our product
To comply with legal obligations (e.g., invoicing)

We do not currently send marketing emails or newsletters.

3. Legal Basis for Processing

We process your data under the following legal grounds:

Contractual necessity: For providing access to contrat.io and fulfilling our services
Legitimate interests: For service optimization, reminders, and security
Legal obligations: For complying with tax, billing, and regulatory requirements
Consent: When required (e.g., cookies)

We do not sell or rent your personal data. We only share your data with:

Stripe (payment processor)
Google Analytics (usage analytics)

These providers are GDPR-compliant and may process your data on our behalf under strict agreements.

5. Data Retention

If you delete your account, all associated data is permanently erased from our systems.

IP addresses and temporary data are retained for up to 30 days for security logging.

Invoices and billing data are retained as required by Greek and EU tax law.

6. Your Rights

As an EU resident, you have the following rights:

Access: Request a copy of your data
Portability: Export your data in a readable format
Erasure: Delete your account and personal data (“right to be forgotten”)
Rectification: Update inaccurate or incomplete data
Objection: Object to certain processing (e.g., analytics)
Restriction: Ask us to limit the processing of your data under certain conditions

7. Security Measures

We use industry-standard security practices including:

HTTPS encryption
Database encryption
Regular backups
Access control policies

We work to ensure your data is protected against unauthorized access, alteration, or loss.

8. Cookies and Analytics

We use Google Analytics to understand how users interact with our platform. This tool uses cookies that may collect anonymized usage and browser information. You can manage your cookie preferences via your browser settings.

9. Data Location and Transfers

All user data is stored and processed on servers located within the European Union. We do not transfer personal data outside the EU.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or in-app notification. Continued use of contrat.io after changes indicates your acceptance.

11. Contact

If you have questions or privacy-related requests, please contact us via our contact form.

Privacy Policy

Effective Date: July 6, 2025

Last Updated: July 6, 2025

By using contrat.io, you agree to the practices described in this policy.

1. Data We Collect

When you use contrat.io, we collect the following types of data:

Billing Information for Invoicing via Stripe:

Email address
Full name
Address
Payment details (processed securely via Stripe)

Account & Usage Information:

Actions performed within the app
Login activity and logs
Subscription and payment status
Uploaded documents and files (used solely within your workspace)
Location data (for security and fraud prevention)
IP address
Device and browser information

2. How We Use Your Data

We use your personal data for the following purposes:

To create and manage your account
To deliver and operate our SaaS services
To send service-related reminders (e.g., trial expiration, payment failure)
To ensure platform security, fraud detection, and abuse prevention
To analyze usage patterns and improve our product
To comply with legal obligations (e.g., invoicing)

We do not currently send marketing emails or newsletters.

3. Legal Basis for Processing

We process your data under the following legal grounds:

Contractual necessity: For providing access to contrat.io and fulfilling our services
Legitimate interests: For service optimization, reminders, and security
Legal obligations: For complying with tax, billing, and regulatory requirements
Consent: When required (e.g., cookies)

We do not sell or rent your personal data. We only share your data with:

Stripe (payment processor)
Google Analytics (usage analytics)

These providers are GDPR-compliant and may process your data on our behalf under strict agreements.

5. Data Retention

If you delete your account, all associated data is permanently erased from our systems.

IP addresses and temporary data are retained for up to 30 days for security logging.

Invoices and billing data are retained as required by Greek and EU tax law.

6. Your Rights

As an EU resident, you have the following rights:

Access: Request a copy of your data
Portability: Export your data in a readable format
Erasure: Delete your account and personal data (“right to be forgotten”)
Rectification: Update inaccurate or incomplete data
Objection: Object to certain processing (e.g., analytics)
Restriction: Ask us to limit the processing of your data under certain conditions

7. Security Measures

We use industry-standard security practices including:

HTTPS encryption
Database encryption
Regular backups
Access control policies

We work to ensure your data is protected against unauthorized access, alteration, or loss.

8. Cookies and Analytics

9. Data Location and Transfers

All user data is stored and processed on servers located within the European Union. We do not transfer personal data outside the EU.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or in-app notification. Continued use of contrat.io after changes indicates your acceptance.

11. Contact

If you have questions or privacy-related requests, please contact us via our contact form.

Privacy Policy

1. Data We Collect

2. How We Use Your Data

3. Legal Basis for Processing

4. Sharing of Data

5. Data Retention

6. Your Rights

7. Security Measures

8. Cookies and Analytics

9. Data Location and Transfers

10. Changes to This Policy

11. Contact

Privacy Policy

1. Data We Collect

2. How We Use Your Data

3. Legal Basis for Processing

4. Sharing of Data

5. Data Retention

6. Your Rights

7. Security Measures

8. Cookies and Analytics

9. Data Location and Transfers

10. Changes to This Policy

11. Contact