SpotCopy

🔒 Privacy policy

Last updated: 2026 · Controller: KueTech Digital e.U., Am Tabor 9, 1020 Wien, Österreich · Contact: hello@spot-copy.com

1. Overview

We process personal data only as needed to operate SpotCopy (spot-copy.com) — account, billing, and technical operation.

2. Data we process

  • Registration: email, password (hashed), optional name/company, language
  • Usage: generated copy and form inputs stored in your account
  • Payments: Stripe processes payment data; we store Stripe customer and subscription IDs
  • Technical: IP address, timestamps, session cookie (HttpOnly)

3. Legal bases (GDPR)

Contract performance (Art. 6(1)(b)), legitimate interest in secure operation (f), consent where required (a).

4. Cookies & analytics

We use a strictly necessary session cookie for login. No third-party tracking cookies. Cookie banner choice is stored locally (localStorage).

For anonymous traffic statistics we run our own cookieless analytics on our EU server. We store no IP address and no full user-agent. To count returning visitors within a single day we derive a daily-rotating, irreversible hash that cannot be linked across days or traced back to a person. No data is sent to any third party (e.g. Google Analytics); no consent is required for this.

5. Processors

  • Hosting: IONOS Cloud, EU data centre (no public server IP disclosed)
  • Payments: Stripe Payments Europe Ltd. (PCI-DSS)

6. Retention

Account data until deletion; statutory invoice retention periods apply separately.

7. Your rights

Access, rectification, erasure, restriction, portability, objection, complaint to a supervisory authority. Contact hello@spot-copy.com.

8. No third-party AI APIs

Copy is generated via templates on our servers — your inputs are not sent to OpenAI or similar providers.