StyleBridge Privacy Policy
Last updated: 2026-06-05 | Version: 1.0
See also: Terms of Service
1. Data Controller
The controller of your personal data is:
StyleBridge
[FILL IN: registered address]
[FILL IN: Tax ID (NIP)]
[FILL IN: Company registration (KRS) / legal form]
2. Contact Information
For all matters related to personal data processing, you can contact us:
- Email: [FILL IN: email address]
- Mailing address: [FILL IN: address]
3. What Data We Collect
3.1 Account Data (User Profile)
- First and last name (optional)
- Email address
- Language and interface preferences
3.2 Project Data
- Content created and edited in projects
- Page structure and layout
- Project metadata (names, dates, statuses)
3.3 WordPress Access Keys
- WordPress installation URL
- WordPress API Key
- Application Password
3.4 Billing Data
- Data necessary for payment processing (handled by Stripe)
- Subscription and invoice history
- Billing address (if required)
3.5 Technical Data (Logs, Sessions)
- IP address
- Browser type and version
- Operating system
- Visit time and date
- Application error data
4. Purposes and Legal Bases for Processing
| Purpose | Legal Basis |
|---|---|
| Providing the editor service | Art. 6(1)(b) GDPR (contract) |
| Managing user accounts | Art. 6(1)(b) GDPR (contract) |
| Processing payments | Art. 6(1)(b) GDPR (contract) |
| Technical and administrative notifications | Art. 6(1)(b) GDPR |
| Direct marketing of own products | Art. 6(1)(f) GDPR (legitimate interest) |
| Platform analysis and improvement | Art. 6(1)(f) GDPR |
| Fulfilling legal obligations (accounting, taxes) | Art. 6(1)(c) GDPR |
| Pursuing and defending claims | Art. 6(1)(f) GDPR |
5. Data Retention Periods
- Account data: for the duration of the contract, then for the limitation period for claims (3 years) or as required by law
- Project data: until the project is deleted by the user or the account is closed
- WordPress access keys: until access is revoked or the account is closed
- Billing data: for the period required by tax and accounting regulations (5 years from the end of the tax year)
- Technical data (logs): up to 12 months
6. Recipients of Data
Your data may be shared with the following entities:
- Stripe, Inc. — payment processing
- Supabase, Inc. — database infrastructure
- Vercel, Inc. — application hosting and infrastructure
- Brevo (Sendinblue) — transactional and marketing email delivery
- Legal and accounting service providers — in the scope of business operations
- Public authorities — as required by law
7. Data Transfers to Third Countries
Your data may be transferred to the United States in connection with the use of:
- Stripe, Supabase, Vercel, Brevo — transfer based on Standard Contractual Clauses (SCC) approved by the European Commission (Decision (EU) 2021/914)
8. Your Rights
8.1 Right of Access (Art. 15 GDPR)
You have the right to obtain confirmation whether we process your data and information about the purposes, categories, recipients, and retention period.
8.2 Right to Rectification (Art. 16 GDPR)
You have the right to request the immediate correction of inaccurate data and the completion of incomplete data.
8.3 Right to Erasure — “Right to Be Forgotten” (Art. 17 GDPR)
You may request erasure of data when it is no longer necessary for the purposes for which it was collected, or when you have withdrawn your consent.
8.4 Right to Restriction of Processing (Art. 18 GDPR)
You may request restriction of processing in the cases specified in Art. 18 GDPR (e.g., when you contest the accuracy of the data).
8.5 Right to Data Portability (Art. 20 GDPR)
You have the right to receive your data in a structured, commonly used format (JSON) and to transmit it to another controller.
8.6 Right to Object (Art. 21 GDPR)
You have the right to object to processing based on legitimate interest. In the case of direct marketing, the objection is always upheld.
9. Cookies
StyleBridge uses cookies in the following categories:
- Necessary — required for platform operation (sessions, authentication). Always active.
- Functional — remember your preferences.
- Analytics — analysis of platform usage (Vercel Analytics). Only with your consent.
- Marketing — personalisation. Only with your consent.
You can change your cookie preferences at any time — click the “Cookies” link in the page footer.
10. Data Protection Officer (DPO)
[FILL IN: DPO contact details — name, email address, phone]
11. Right to Lodge a Complaint
If you believe that the processing of your data violates GDPR, you have the right to lodge a complaint with your local supervisory authority. In Poland:
President of the Personal Data Protection Office (UODO)
ul. Stawki 2
00-193 Warsaw, Poland
12. Changes to This Privacy Policy
We will notify you of any significant changes by email (to the address associated with your account) and by updating the date and version at the top of this document. We recommend checking this page regularly.