Privacy Policy
Privacy Policy
Last Updated: October 26, 2023
This Privacy Policy describes how Ollcee s.r.o. ("we," "us," or "our") collects, uses, and shares personal data when you use our website detekcegpt.cz (the "Sites") and its AI detection services. We are committed to protecting your privacy and handling your data in an open and transparent manner.
1. Data Controller
Ollcee s.r.o.
Příčná 1892/4, Nové Město (Praha 1)
110 00 Praha, Czech Republic
Email: [email protected]
Ollcee s.r.o. is the controller of personal data processed through the Sites.
2. What Personal Data We Process
We process different types of personal data depending on how you interact with our Sites:
Context Data Source
Free AI Detection Service Text you submit for analysis, IP address, server-generated request identifiers. Provided directly by you when you use the service. IP address and request identifiers are collected automatically.
Pro Account Registration & Use Name, email address, billing country, Stripe transaction IDs, login credentials (hashed password). Provided directly by you during registration or purchase. Stripe transaction IDs are received from Stripe as part of payment processing.
User Login (Cookies) Session identifiers stored in cookies. Automatically set by our server when you log into your Pro account.
Server Security Logs IP address, user-agent, timestamps, requested URLs. Automatically collected by our server when you access the Sites.
3. Purpose & Legal Basis for Processing
We process your personal data for the following purposes and based on the following legal grounds under the General Data Protection Regulation (GDPR):
Purpose Legal Basis (Art. 6 GDPR) Data Categories Involved
To provide the AI detection service (analyze text and deliver results). Performance of a contract (Art. 6(1)(b) GDPR) – your use of the service forms an agreement. Text submitted, IP address, request identifiers.
To create and manage your Pro account, including subscription and features. Performance of a contract (Art. 6(1)(b) GDPR) – your registration for a Pro account. Name, email, billing country, login credentials.
To process payments for Pro subscriptions via Stripe. Performance of a contract (Art. 6(1)(b) GDPR); Legitimate interest in secure and efficient payment processing (Art. 6(1)(f) GDPR). Name, email, billing country, Stripe transaction IDs.
To maintain user login sessions for Pro accounts (via essential cookies). Legitimate interest (Art. 6(1)(f) GDPR) to provide a functional and secure logged-in experience. Session identifiers (cookies).
To ensure the security of our Sites, prevent fraud, and troubleshoot issues. Legitimate interest (Art. 6(1)(f) GDPR) in protecting our services and users. IP address, user-agent, timestamps, request identifiers, account data (if relevant).
To comply with legal obligations (e.g., tax, accounting). Legal obligation (Art. 6(1)(c) GDPR). Name, email, billing country, Stripe transaction IDs, billing records.
4. Data Retention Periods
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Data Category Retention Period
Text submitted for analysis Deleted automatically from our active systems within 24 hours after the detection result is delivered to you.
Pro Account data For the duration your account is active, and for a further 2 years after account deletion for support purposes.
Billing records (invoices) 10 years from the end of the tax period, as required by Czech accounting and tax laws.
Server Security logs Up to 12 months, then anonymized or deleted.
Login session cookies Expire when you close your browser (session cookies) or after a set period (e.g., 30 days for persistent login).
5. Recipients & Data Processors
We may share your personal data with third-party service providers (data processors) who assist us in operating our Sites and providing our services. These include:
Stripe Payments Europe, Ltd. (Ireland): For processing card payments and fraud screening. Stripe acts as an independent controller for some of its processing.
Contabo GmbH (Germany): For hosting our website and its infrastructure (EU-based).
All our data processors are carefully selected and are bound by Data Processing Agreements (DPAs) where required, ensuring they process your data only on our documented instructions and implement appropriate security measures.
We do not sell your personal data to third parties.
6. International Transfers
Personal data processed for card payments by Stripe may be transferred to Stripe, Inc. in the United States. Stripe relies on the EU Commission’s Standard Contractual Clauses (SCCs) and other supplementary measures to ensure an adequate level of data protection for such transfers.
Our hosting provider, Contabo GmbH, processes data within the European Union.
Other than the payment processing described above, we do not transfer your personal data outside the European Economic Area (EEA).
7. Your Rights under GDPR
As a data subject, you have the following rights regarding your personal data:
Right of Access (Art. 15 GDPR): You can request a copy of the personal data we hold about you.
Right to Rectification (Art. 16 GDPR): You can request correction of inaccurate or incomplete data.
Right to Erasure ('Right to be Forgotten') (Art. 17 GDPR): You can request deletion of your personal data, under certain conditions.
Right to Restriction of Processing (Art. 18 GDPR): You can request that we limit the processing of your personal data, under certain conditions.
Right to Data Portability (Art. 20 GDPR): You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller, under certain conditions.
Right to Object (Art. 21 GDPR): You can object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent (Art. 7(3) GDPR): If processing is based on consent, you can withdraw it at any time (though this does not apply to our current processing activities which are based on other legal grounds).
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement. The Czech supervisory authority is:
Úřad pro ochranu osobních údajů (UOOU)
Pplk. Sochora 27
170 00 Praha 7
Czech Republic
Website: https://www.uoou.cz
8. Cookies
Our Sites use a limited number of cookies. Cookies are small text files stored on your device when you visit a website.
Essential/Strictly Necessary Cookies: We use cookies that are essential for the operation of our Sites, specifically to manage your login session if you have a Pro account. These cookies allow us to remember that you are logged in as you navigate the site, providing access to your Pro account features.
Purpose: To maintain your authenticated session.
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) in providing a functional and secure service explicitly requested by you (access to your Pro account).
Duration: These are typically session cookies (expire when you close your browser) or persistent cookies that last for a limited time (e.g., to keep you logged in if you select such an option).
We do not use cookies for analytics, advertising, or any other third-party marketing tracking purposes.
You can manage or delete cookies through your browser settings. However, please note that disabling essential login cookies may prevent you from using Pro account features or logging into the Sites.
9. Security Measures
We are committed to protecting your personal data. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
HTTPS/TLS encryption for data transmitted to and from our Sites.
Firewalling and server hardening.
Regular security updates and patching.
Role-based access controls to production systems.
Hashing of passwords.
While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet, or method of electronic storage is 100% secure.
10. Children's Privacy
Our Sites and services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes.
12. Contact Us
If you have any questions about this Privacy Policy or our data protection practices, please contact us:
Ollcee s.r.o.
Email: [email protected]
Address: Příčná 1892/4, Nové Město (Praha 1), 110 00 Praha, Czech Republic
