Privacy Policy — FaktuPro
Effective date: March 22, 2026
Last updated: March 22, 2026
1. Data Controller
The controller of your personal data is:
(hereinafter: "Controller", "we")
2. What Data We Process
We process data necessary for the operation of the Application and the provision of services.
2.1 Account Data
- email address
- first and last name
- account settings (e.g., language, timezone)
2.2 Login and Authentication Data
- login credentials (stored in encrypted form)
- Apple Sign In data
- device tokens (push notifications)
2.3 Business and Client Data
- business activity data
- client data entered by the user
2.4 Document and Financial Data
- invoices, corrections, and other documents
- bank account data
- data necessary for issuing documents
2.5 Subscription Data
- Apple transaction identifiers
- subscription status
2.6 AI Feature Data (Smart Invoice)
- query content
- result generated by the system
2.7 Technical Data
- data necessary for system operation and security
3. Purposes and Legal Bases for Processing
We process your data for the following purposes:
- providing services and managing your account — Art. 6(1)(b) GDPR
- fulfilling legal obligations — Art. 6(1)(c) GDPR
- ensuring security and system operation — Art. 6(1)(f) GDPR
4. Who We Share Data With
Your data may be shared with:
- infrastructure providers (hosting in the EU)
- Apple (subscription and notification management)
- AI technology providers (e.g., OpenAI)
- public systems (KSeF, GUS, VAT White List)
- technical service providers (e.g., email)
5. Data Transfers Outside Europe
Some data may be transferred outside Europe.
This applies in particular to:
- AI technology providers
- Apple
Data may be transferred outside the European Economic Area (EEA), i.e., outside the countries of the European Union and associated states.
In such cases, we apply appropriate safeguards, such as standard contractual clauses.
6. How Long We Retain Data
We retain data:
- for the period of using the Application
- for the period required by law
- for the period necessary to pursue or defend claims
After account deletion, data is deleted or anonymized, except for data that must be retained in accordance with the law.
7. Data Security
We apply appropriate technical and organizational measures to protect data, including:
- data transmission security
- access control
- protection of stored data
- system operation monitoring
Detailed information can be found in the Security Policy.
8. Data on the User's Device
The Application may store data locally on the user's device to ensure its operation.
This data is protected by the device's system mechanisms.
9. What We Do Not Do
- we do not conduct user analytics
- we do not use tracking
- we do not sell personal data
- we do not use data for advertising purposes
10. Your Rights
You have the right to:
- access your data
- rectify your data
- delete your data
- restrict processing
- data portability
- object to processing
You may also file a complaint with the supervisory authority — the President of the Personal Data Protection Office (PUODO).
11. Changes to This Policy
We may update this policy.
We will notify you of material changes within the Application.
12. Contact
For matters related to personal data:
13. Effective Date
This Policy is effective as of: March 25, 2026