PRIVACY POLICY
Last updated: June 22, 2025
This notice explains how Tomáš Bencko, sole proprietor registered in the Slovak Republic (“Company,” “we,” “our,” or “us”) collects, uses, discloses, and otherwise processes information about you (“you” or “user”) when you access or use the Who-Dat-Dude website located at https://whodatdude.com and any related services (collectively, the “Service”).
1. Who is the data controller?
The data controller under the EU General Data Protection Regulation (“GDPR”) is:
Tomáš Bencko – sole proprietor
Business Reg. No. (IČO): 54874599
Tax ID (DIČ): 1086791761
Stará baštová 964/6, 040 01 Košice, Slovakia
Email: [email protected]
2. What data do we collect?
- Account data – email address, username, UUID, authentication tokens (collected via Supabase Auth when you register or log in).
- Service data – graph generations, bookmarks, ratings, credit balance, credit transactions, session IDs.
- Payment data – Stripe customer ID, checkout session ID, payment intent ID, paid amounts, currency, last-4 of card, payment status (we never store full card numbers or CVC).
- Technical data – IP address, browser type, operating system, device identifiers, and similar data automatically logged by Netlify/CDN (Cloudflare) when you visit the Site.
- Analytics – page views, events, and referral information collected via Cloudflare Web Analytics or a comparable service.
We do not intentionally collect special categories of personal data (e.g., health information) and do not knowingly collect data from anyone under 16 years old.
3. Why do we process your data? (Legal bases)
| Purpose | Legal basis - GDPR Art. 6 |
|---|---|
| Create and maintain your account; let you purchase and spend credits; deliver requested graph generations | Contract (Art. 6 (1)(b)) |
| Process and reconcile payments (Stripe) | Contract; Legitimate interests (Art. 6 (1)(f)) |
| Provide customer support, communicate service changes, enforce Terms | Contract; Legitimate interests |
| Ensure security, prevent fraud, debug, and maintain performance (Netlify, Cloudflare) | Legitimate interests |
| Comply with legal obligations (tax, accounting, consumer protection) | Legal obligation (Art. 6 (1)©) |
4. With whom do we share your data?
| Recipient | Role |
|---|---|
| Supabase, Inc. | Auth, database, storage |
| Stripe, Inc. | Payment processing |
| Netlify, Inc. | Hosting/edge network |
| Cloudflare, Inc. | DNS and CDN security |
| Authorities or legal advisors | Only if required by law, to protect rights, or to defend legal claims |
We do not sell your personal data.
5. International transfers
When data moves outside the European Economic Area, we rely on the European Commission’s Standard Contractual Clauses or other lawful safeguards.
6. Retention
We keep personal data only as long as necessary for the purposes above or to meet legal obligations (e.g., payment records up to 10 years). Back-ups are erased on a rolling schedule.
7. Security
We apply appropriate technical and organisational measures, including TLS encryption, access controls, and regular back-ups. Stripe is PCI-DSS Level 1 certified; we never handle raw card details.
8. Cookies
We do not set first-party cookies for core functions. Third-party providers (Supabase, Stripe, Netlify, Cloudflare, analytics) may use essential cookies.
9. Your rights
You may request access, rectification, erasure, restriction, portability, or object to processing based on legitimate interests, and may withdraw consent at any time. To exercise rights, e-mail us at [email protected].
You also have the right to lodge a complaint with the Slovak supervisory authority (Úrad na ochranu osobných údajov) or your local EU data-protection authority.
10. Changes to this Privacy Policy
We may update this Policy from time to time. If we make material changes, we will post the revised Policy with a new “Last updated” date. Your continued use of the Service after the revised Policy becomes effective constitutes acceptance.
11. Contact
Tomáš Bencko – sole proprietor
Business Reg. No. (IČO): 54874599
Tax ID (DIČ): 1086791761
Stará baštová 964/6, 040 01 Košice, Slovakia
Email: [email protected]
By using the Service, you acknowledge that you have read and understood this Privacy Policy.