Privacy
Privacy Policy
We take your privacy seriously. This page explains what we collect, why we use it, and how we protect it.
Last updated: December 2024
Looking for the browser extension privacy policy? Read it here.
What data we collect
- Account information such as email address, encrypted password, and workspace details.
- Guide content such as steps, images, videos, annotations, project metadata, and published guide settings.
- Usage analytics such as feature usage, published guide views, and performance metrics used to improve the service.
Legal basis for processing
- Contractual necessity under GDPR Art. 6(1)(b) to provide the stpwise service.
- Legitimate interests under GDPR Art. 6(1)(f) to improve the service, ensure security, and prevent fraud.
- Legal obligations under GDPR Art. 6(1)(c), including tax and accounting requirements.
- Consent under GDPR Art. 6(1)(a) for optional features such as marketing communications.
How we use your data
- Provide core stpwise functionality and securely store your guides.
- Send important service, security, and account updates.
- Analyze usage patterns to improve features and user experience.
- Support users with technical issues and account management.
- Detect and prevent unauthorized access, abuse, or fraud.
Data retention
- Account data is retained while your account is active and for 30 days after deletion for account recovery.
- Guide content is retained while your account is active and permanently deleted 30 days after account deletion.
- Usage analytics may be anonymized and retained for up to 2 years.
- Billing records are retained for 10 years as required by German tax law.
- Support communications may be retained for 3 years for follow-up inquiries.
How we protect your data
- Workspace content is private by default. Only guides you explicitly publish are publicly accessible.
- Data is encrypted in transit and at rest using industry-standard security controls.
- Role-based permissions help ensure only authorized users can access workspace content.
- Each workspace is isolated to prevent cross-tenant access.
Data sharing
- We do not sell your personal data.
- Published guides are viewable only when you explicitly publish them.
- Trusted service providers may process data to help operate stpwise, such as hosting, analytics, and support.
- We may disclose information when required by law or to protect users and the platform.
Your GDPR rights
- Right of access, rectification, erasure, restriction, objection, and data portability.
- Right to withdraw consent at any time for processing based on consent.
- Right to lodge a complaint with your local data protection authority.
- To exercise your rights, contact info@stpwise.com. We respond within 30 days as required by GDPR.
Cookies and tracking
- Essential cookies are required for authentication, security, and user preferences.
- Analytics cookies are optional and used only with consent to improve the service.
- Cookie preferences can be managed through the cookie preferences link in the footer.
International data transfers
- stpwise is operated from Germany. Some providers may process data outside the EEA.
- Where data is transferred outside the EEA, we use appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
Contact us
Questions about this Privacy Policy or data protection? Contact us:
Responsible for data processing:
Ayesha Ali
Gerauer Str. 59
60528 Frankfurt am Main
Germany
Email: info@stpwise.com
For legal notice, visit /impressum.