English · Nederlands

← Back to Subtracker

Privacy Policy

Last updated: 19 May 2026

This policy describes how Subtracker (“we”, “us”, “the service”) handles personal data when you use our website and related features. Replace the contact details below with your official business information before a public launch.

1. Who is responsible?

The data controller is the operator of Subtracker. Contact: support@subtracker.nl (update this address to your official support email).

2. What data we process

• Account data: email address and password (stored hashed) when you register or log in.
• Subscription data: services you select, prices, categories, currency, cancel-list marks, and related preferences you save to your account.
• Payment data: if you subscribe to Plus, payment is processed by Stripe. We do not store full card numbers; we receive subscription status from Stripe.
• Technical data: server logs (e.g. IP address, request time) for security and operation.
• Local storage on your device: login token and email (to keep you signed in), and cookie-consent choice. See our cookie notice on the main app.

3. Why we use your data (legal bases)

• Contract: to provide the service you signed up for (account, saved subscriptions, Plus features).
• Legitimate interests: security, fraud prevention, improving the service.
• Legal obligation: where required (e.g. tax/accounting for paid subscriptions).
• Consent: where we ask for it explicitly (e.g. non-essential cookies, if added later).

4. Third parties

• Stripe — payment processing (EU/US; Standard Contractual Clauses where applicable).
• CDN providers — scripts loaded for export features (e.g. Excel/PDF libraries) when you use those functions.
• Google Search — if you use “Search how to cancel”, you leave our site; Google’s policy applies.

We do not sell your personal data.

5. Retention

We keep account and saved subscription data until you delete your account or ask us to delete it. Logs are kept for a limited period for security. Stripe retains payment records according to its policies and legal requirements.

6. Your rights (EEA/UK)

You may have the right to access, rectify, erase, restrict, object, and port your data, and to withdraw consent where processing is based on consent. You may lodge a complaint with your local supervisory authority (e.g. the Dutch Autoriteit Persoonsgegevens). To exercise your rights, contact us at the email above.

7. Security

We use industry-standard measures (HTTPS, hashed passwords, access controls). No method of transmission over the internet is 100% secure.

8. Children

The service is not directed at children under 16. We do not knowingly collect their data.

9. Changes

We may update this policy. We will post the new version on this page with an updated date.