Privacy policy
Effective date: 17 December 2025
Last updated: 17 December 2025
This Privacy Policy explains how roelu s. r. o. (“Roelu”, “we”, “us”) collects, uses, shares, and protects personal data when you visit our website or purchase our website audit services.
1. Who we are (Controller)
Controller: roelu s. r. o.
Registered address: Staré Grunty 3546/7A, Bratislava – Karlova Ves, 841 04, Slovakia
Email: roeluweb@gmail.com
When you visit our website or purchase an audit, we act as the data controller for your personal data (e.g., your contact details).
2. What personal data we collect
A) Data you provide to us
- Contact details: Name, email address (via contact forms, checkout, or email communication).
- Audit inputs: URLs and specific instructions you submit for analysis.
- Communication: Content of messages you send us regarding your order or inquiries.
B) Payment data
- Payments are processed by secure third-party processors (e.g., Stripe or Lemon Squeezy, acting as Merchant of Record). We do not store full payment card details on our servers. These providers process your billing info securely under their own privacy policies.
C) Data we collect automatically (Cookies & Usage)
When you use our website, we may collect technical data via cookies and similar technologies:
- Device and browser information (User-Agent).
- Approximate location (derived from IP address).
- Usage data (pages viewed, clicks, session duration).
Tools we use:
- Webflow Analyze (site analytics)
- PostHog (product/usage analytics)
- Tidio (customer chat - if enabled)
We process non-essential cookies (analytics) only based on your consent (via our cookie banner). You can manage your preferences at any time.
3. How we use personal data (Purposes & Legal Basis)
We process your data for the following purposes and legal bases under GDPR:
| Purpose | Legal Basis |
|---|---|
| Processing your order & delivering the audit | Contract (Performance of a contract) |
| Billing, invoicing & accounting | Legal Obligation (Slovak tax laws) |
| Customer support & communication | Legitimate Interest (or Contract) |
| Website security & fraud prevention | Legitimate Interest |
| Website analytics & improvements | Consent (for cookies/tracking) |
4. Audit Services & AI Processing
When you purchase an audit, you provide us with URLs to analyze.
- Public Data: We analyze publicly accessible content on the provided URLs. This may include personal data visible on your site (e.g., team bios). We process this data strictly to deliver the audit report.
- AI Tools: We use third-party AI and scraping tools (e.g., Large Language Models via API) to analyze the content. These providers act as our data processors under strict confidentiality agreements. We do not use your non-public data to train their public models.
5. Sharing data with third parties (Processors)
We share data only with trusted providers who help us operate our services. They process data based on Data Processing Agreements (DPA) in compliance with GDPR:
- Hosting & Infrastructure: Webflow, Supabase.
- Payments: Stripe / Lemon Squeezy.
- Communication: Google Workspace (Gmail).
- Analytics: Webflow Analyze, PostHog.
- AI & Analysis: API providers for audit generation.
6. International Transfers
Some of our service providers (e.g., Webflow, Stripe, PostHog) are located in the USA. We ensure your data is protected by relying on the EU-US Data Privacy Framework (DPF) where applicable, or Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring a level of protection equivalent to EU standards.
7. Data Retention
We retain personal data only as long as necessary:
- Accounting/Tax records: 10 years (as required by Slovak law).
- Audit reports & Order data: Until the service is fully delivered and for a limitation period of up to 4 years to handle potential claims.
- Marketing/Analytics data: Until you withdraw consent or up to 26 months.
8. Your Rights
Under GDPR, you have the right to:
- Access, correct, or delete your personal data.
- Restrict or object to processing.
- Withdraw consent (e.g., for cookies) at any time.
- Request data portability.
To exercise these rights, contact us at roeluweb@gmail.com.
You also have the right to lodge a complaint with the supervisory authority: Úrad na ochranu osobných údajov Slovenskej republiky (dataprotection.gov.sk).
9. Security
We implement appropriate technical and organizational measures (e.g., HTTPS, access controls, reputable providers) to protect your data against unauthorized access or loss.
10. Changes to this policy
We may update this policy. The latest version will always be posted on this page with the “Last updated” date.