1. Data controller
Secret Sauce OÜ, 17395646, Tallinn, Estonia. Data protection contact: privacy@dklaro.app
2. Personal data we process
- Identity & contact: name, email, phone
- Company data: registry code, VAT number, address, bank details you add
- Account & billing metadata via Stripe
- Technical logs and security records
- Content you create (invoices, clients, expenses)
3. Purposes & legal bases (GDPR Art. 6)
- Provide the Service — performance of contract
- Billing & fraud prevention — contract / legitimate interest
- Product improvement & security — legitimate interest
- Legal compliance — legal obligation
- Marketing emails — consent where required
4. Recipients & processors
We do not sell personal data.
- Supabase (hosting/database)
- Stripe, Inc. (payments)
- Email delivery providers
- Sub-processors listed on request
5. International transfers
Primary hosting: European Union (Supabase EU region where configured). Transfers outside the EEA use appropriate safeguards.
6. Retention
Data is kept while the account is active and as required for accounting, tax, and legal obligations under Estonian law.
7. Your rights
Exercise rights: privacy@dklaro.app
- Access, rectification, erasure, restriction, portability
- Object to processing based on legitimate interests
- Withdraw consent where processing is consent-based
- Lodge a complaint with the Estonian Data Protection Inspectorate (AKI)
8. Cookies
Details: /ee/en/legal/cookies