Draft — pending legal review. This page was AI-generated from the current codebase to close an obvious gap before launch. It must be reviewed by qualified counsel, and every bracketed placeholder filled in, before it is relied upon or shown to real customers.

Privacy Policy

Last updated: [DATE]

1. Who we are

[COMPANY LEGAL NAME], registered at [REGISTERED ADDRESS] ("we", "us"), operates Circla and Matterpass/Voltpass (together, the "Service"). We are the data controller for the personal data described below. Contact us at privacy@circla.eu [REPLACE WITH REAL CONTACT] for any privacy question or to exercise the rights in section 6.

2. Data we collect

  • Account data: name, email address, and — if you sign in with a password rather than Google — a bcrypt hash of your password. If you sign in with Google, we receive your name, email, and profile image from Google under OAuth.
  • Organisation & product data: the compliance and label data you enter for your products (e.g. ingredients, nutrition, business operator details), which may itself contain personal data if you name individuals as operators.
  • Payment data: we do not store card numbers. Payments are processed by Stripe; we retain the resulting transaction/customer reference IDs.
  • Audit & export logs: a record of actions taken in your account (who published/edited what, and when) and any label export files you generate.
  • Anonymous passport-view analytics: when someone views one of your public product passport pages, we record a coarse, non-identifying event — approximate country (from a CDN header or an offline GeoIP lookup, never a live third-party API call), device/browser type, referrer domain, and a same-day salted hash used only to de-duplicate unique views. We do not store IP addresses, and we do not set cookies or use any tracking script on public pages — see section 4.

3. Why we process it

To provide the Service you've signed up for (account, dashboard, label publishing, payments), to comply with our own legal obligations (e.g. invoicing), and — for the anonymous analytics in section 2 — our and your legitimate interest in understanding how published labels are viewed, without identifying any individual visitor.

4. Cookies & trackers

Public pages (marketing pages and published product passports) do not set cookies and do not load any third-party analytics or advertising script. The authenticated dashboard (/app) uses a session cookie required to keep you signed in; this is strictly necessary and is not a tracking cookie.

5. Who we share data with

We use the following processors, each bound by their own data processing terms:

  • Stripe — payment processing.
  • Resend — transactional email (magic-link sign-in).
  • Google — OAuth sign-in (if you choose it), and Gemini AI to assist with drafting label translations and extracting label data from source documents you upload.
  • [HOSTING PROVIDER, e.g. Hetzner] — hosting and object storage for the application and your uploaded product images.

We do not sell your data, and do not share it for advertising purposes.

6. Your rights

Subject to applicable law (including the GDPR if you are in the EEA/UK), you have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can export or delete your account data from your account settings, or contact us at the address in section 1.

7. Data retention

We retain account and organisation data for as long as your account is active, and audit logs for [RETENTION PERIOD, e.g. 12 months] for security and compliance purposes. Anonymous analytics events are retained in aggregate and are not linked back to an individual.

8. Changes to this policy

We may update this policy from time to time. Material changes will be notified via the dashboard or by email.