Privacy Policy

Last updated: August 16, 2025

DropTidy Privacy Policy

Last Updated: August 16, 2025

This Privacy Policy explains how Velurai OÜ ("DropTidy", "we", "us", or "our") collects, uses, and protects your information. We are committed to ensuring that your privacy is protected in accordance with the EU General Data Protection Regulation (GDPR).

1. Who We Are

DropTidy is a registered trademark and operating name of Velurai OÜ, a private limited company registered in Estonia under registry code 17355279, with a principal office at Järvevana tee 9, 11314 Tallinn, Estonia.

2. What Data We Collect

  • Account Information: email address and password (hashed and salted)
  • Usage Information: logs of actions taken (e.g., file processed, credits used)
  • Technical Data: IP address, browser type, device type, and operating system
  • Payment Data: managed and processed securely by Stripe (we do not store credit card numbers)

3. Legal Basis for Processing

  • We process your data based on your consent, contractual necessity, and legal obligations under EU law.

4. How We Use Your Information

  • To provide and improve our service
  • To process payments (via Stripe)
  • To manage your account
  • To comply with legal obligations
  • To analyze service usage and detect abuse

5. Data Retention

  • Uploaded files are deleted automatically within 24 hours
  • Processed (cleaned) files are deleted within 7 days
  • Account and usage data are retained as long as your account is active or required by law

6. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Request correction or deletion
  • Object to or restrict processing
  • Withdraw consent at any time
  • Port your data to another provider

You can exercise these rights by contacting us at legal@droptidy.com.

7. Third-Party Services

We use the following third-party providers:

  • Supabase – authentication, database, and file storage infrastructure
  • Stripe – secure payment processing
  • Analytics tools – for performance and diagnostics (with IP anonymization)

These providers may process limited data on our behalf under strict data processing agreements.

8. International Transfers

All data is stored in the European Union. If data is transferred outside the EU, we ensure that adequate safeguards are in place in accordance with GDPR (e.g. Standard Contractual Clauses).

9. Data Security

We implement industry-standard encryption, secure infrastructure, and access controls to protect your data from unauthorized access or disclosure.

10. Cookies

We use strictly necessary cookies to support login sessions and performance metrics. You can control cookie settings in your browser.

11. Children's Privacy

DropTidy is not intended for children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this Privacy Policy. Users will be notified via email or app notice. Continued use implies acceptance.

13. Contact Us

If you have questions or concerns about this Privacy Policy or your personal data, contact us at:

Velurai OÜ (DropTidy)
Järvevana tee 9, 11314 Tallinn, Estonia
Email: legal@droptidy.com