Privacy Policy

1. Data Controller Information

IdenticAPI is the data controller responsible for processing your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Types of Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Account Information

• Name and email address
• Organization name (if provided)
• Password (encrypted)
• Account creation date and last login

2.2 Service Usage Data

• Reminders and associated information (titles, descriptions, due dates)
• Uploaded documents and extracted dates
• User preferences and settings
• Language preferences

2.3 Technical Data

• IP address and browser information
• Device type and operating system
• Usage patterns and feature interactions
• Error logs and performance data

2.4 Communication Data

• Email communications and support requests
• Feedback and survey responses
• Marketing preferences

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

3.1 Consent (Article 6(1)(a) GDPR)

We process your data based on your explicit consent for:

• Marketing communications and newsletters
• Non-essential cookies and analytics
• Optional features and beta testing

3.2 Contract Performance (Article 6(1)(b) GDPR)

We process your data to fulfill our contractual obligations:

• Account creation and management
• Service delivery and functionality
• Customer support and communication
• Billing and payment processing

3.3 Legitimate Interests (Article 6(1)(f) GDPR)

We process your data based on legitimate interests for:

• Service improvement and development
• Security monitoring and fraud prevention
• Analytics and performance optimization
• Business operations and administration

3.4 Legal Compliance (Article 6(1)(c) GDPR)

We process your data to comply with legal obligations such as:

• Tax and accounting requirements
• Data retention obligations
• Regulatory compliance

4. Purposes of Data Processing

We process your personal data for the following purposes:

• Providing and maintaining the ReminderMate service
• Processing reminders and document uploads
• Sending email notifications and alerts
• Managing user accounts and authentication
• Providing customer support and technical assistance
• Improving service quality and developing new features
• Ensuring security and preventing fraud
• Complying with legal and regulatory requirements
• Marketing and promotional activities (with consent)

5. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

5.1 Service Providers

• Supabase - Database hosting and management
• Mailgun - Email delivery services
• Fly.io - Application hosting and infrastructure
• OpenAI - AI processing for document analysis

5.2 Legal Requirements

We may disclose your data when required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety
• Prevent fraud or illegal activities
• Enforce our Terms of Service

5.3 Business Transfers

In case of merger, acquisition, or sale of assets, your data may be transferred to the new entity with appropriate safeguards.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes and codes of conduct

7. Data Retention

We retain your personal data for the following periods:

8. Your Rights Under GDPR

As a data subject, you have the following rights:

To exercise any of these rights, please contact us at privacy@identicapi.com. We will respond within 30 days of receiving your request.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against:

• Unauthorized access, use, or disclosure
• Accidental loss or destruction
• Malicious attacks and security breaches
• Data corruption and integrity issues

Our security measures include:

• Encryption of data in transit and at rest
• Regular security audits and assessments
• Access controls and authentication systems
• Employee training on data protection
• Incident response and breach notification procedures

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Essential Cookies

Required for basic functionality and security. These cannot be disabled.

Analytics Cookies

Help us understand how you use our service to improve performance.

Preference Cookies

Remember your settings and preferences for a better experience.

You can manage cookie preferences through your browser settings or our cookie consent banner.

11. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Email notification to your registered email address
• Notice on our website or through the Service
• Updated "Last updated" date at the top of this policy

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights. The relevant authority depends on your location:

• Slovakia: Úrad na ochranu osobných údajov Slovenskej republiky
• EU: Your local data protection authority
• UK: Information Commissioner's Office (ICO)

14. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: