Register

Terms and Conditions

---

1. Acceptance of Terms

By accessing and using this web application (the 'Service'), you agree to these Terms and Conditions ('Terms'). If you do not agree, you must not use the Service. These Terms form a binding agreement between you and SecureDataerase.

2. Definitions

• 'Service' refers to our web application for redacting personal data from PDFs and related compliance tools.
• 'User' or 'You' means anyone accessing or using the Service.
• 'Content' means any documents, data, or information you upload.

3. Description of Service

We provide automated tools to identify and obscure sensitive information in PDF documents, as well as GDPR/CCPA training, data subject requests handling, and breach notification support. While we strive for accuracy, we do not guarantee completeness of redaction. The Service is provided 'as-is' without warranties.

4. User Account Registration

• Account Creation: You must provide accurate information. Keep your details current.
• Account Security: You are responsible for safeguarding your login credentials.

5. Fees and Payment Terms

• Subscription Fees: Certain features require payment of recurring fees.
• Payment Processing: Handled by Stripe; we do not store payment card details.
• Billing Cycle: Fees are billed in advance per your chosen plan.
• Refund Policy: See Section 29 for details.

6. Intellectual Property Rights

All rights, title, and interest in the Service remain with SecureDataerase. You have a limited license to use the Service. You agree not to:

• Copy, modify, or create derivatives of the Service.
• Reverse engineer or decompile the Service’s code.
• Remove or alter proprietary notices.

7. IP Infringement Claims

Report alleged infringements to securify@securedataerase.com with sufficient details.

8. User Responsibilities

• Accuracy: Ensure information you provide is accurate.
• Compliance: Comply with applicable laws, including data protection regulations.
• No Unlawful Use: Do not use the Service for illegal activities.
• Uploaded Content: You assume full responsibility for legality and consequences of your uploaded content.
• Review Redacted Output: You must review redacted files to confirm sensitive data removal.
• MFA: Enable MFA for additional security (recommended).
• Customer Compliance: Your compliance with GDPR, CCPA, and other laws is your responsibility.
• Legal Basis for Data: You confirm you have the legal basis and consents for processing any personal data uploaded.

9. User-Generated Content

You grant us a non-exclusive, worldwide license to process your content solely to provide the Service. You represent you have the necessary rights to do so.

10. Privacy and Data Protection

• Data Processing: Handled per our Privacy Notice and relevant DPAs.
• Data Storage: Documents are encrypted, temporarily stored, and deleted within 72 hours after processing. Invoices and financial data retained for 8 years as required by law.
• Sub-Processors: Stripe for payments, Billingo for invoices. We ensure compliance with applicable standards.

11. Data Security

We implement industry-standard measures (encryption, secure data centers, MFA, audits) but cannot guarantee absolute security. You use the Service at your own risk.

12. Disclaimers

• Accuracy of Redaction: No guarantee all sensitive data is fully removed.
• No Legal Advice: Service not a substitute for professional legal counsel.
• Service Availability: We do not guarantee uninterrupted availability.
• Disclaimer of Warranties: All warranties are disclaimed to the fullest extent allowed by law.

13. Limitation of Liability

To the fullest extent permitted by law, we are not liable for indirect or consequential damages. Total liability is capped at amounts paid by you in the last 12 months.

14. Indemnification

You agree to indemnify SecureDataerase from claims arising from your use or violation of these Terms.

15. Termination of Service

We may suspend or terminate access at any time, without notice, for any reason.

16. Changes to the Service

We may modify or discontinue features. Fee changes announced at least 30 days in advance.

17. Changes to Terms

Material changes notified 30 days prior. Continued use after changes equals acceptance.

18. Third-Party Links and Services

We are not responsible for third-party websites or services linked within the Service.

19. Compliance with Export Laws

You must comply with applicable export and re-export control laws.

20. Governing Law & Dispute Resolution

These Terms are governed by Hungarian law. Disputes resolved by arbitration in Hungary, in Hungarian, unless otherwise agreed. You waive class actions.

21. Data Protection and Privacy Compliance

You must provide adequate privacy notices and obtain necessary consents. By using the Service, you consent to data processing per our Privacy Notice. We will assist with GDPR data subject requests as required.

22. Data Processing Agreement (DPA)

This section serves as a DPA under GDPR Article 28:

• Subject Matter & Duration: We process personal data as instructed, for the duration required to provide the Service.
• Nature & Purpose: Redaction and compliance services per your instructions.
• Data Types & Subjects: Personal data within uploaded documents. Data subjects include any individuals referenced therein.
• Obligations:
  • Process data only on your instructions.
  • Ensure personnel confidentiality.
  • Maintain appropriate security measures.
  • Assist with data subject requests and compliance.
  • Delete or return data upon termination as instructed.
  • Provide compliance evidence upon request.
• Sub-Processing: We use Stripe, Billingo, and hosting providers, all under GDPR-compliant terms.
• Record-Keeping: We maintain processing records as required by GDPR.
• Liability: Each party is liable for its own obligations.
• Survival: These obligations survive termination.

23. Confidential Information

You agree to keep non-public information from us confidential.

24. Entire Agreement

These Terms contain the entire agreement. No partnership, joint venture, or agency is formed.

25. Severability

If any provision is invalid, others remain in effect. Relevant obligations survive termination.

26. Compliance Disclaimer

Use of our tools does not guarantee your compliance with GDPR, CCPA, or other laws. Consult legal counsel.

27. Limitation of Service Scope

Our tools assist with data handling but are not legal compliance substitutes.

28. Force Majeure

We are not liable for delays due to events beyond our control (e.g., natural disasters, cyber-attacks).

29. Refund Policy

Refunds may be granted if a proven technical failure in the Service prevented proper use. Refund requests must be submitted within 14 days of the issue. Each request is assessed individually.

30. User Data Ownership & Retention

You own your content. Documents are deleted within days post-processing. Invoices and related data kept for 8 years due to legal requirements.

31. Class Action Waiver

You agree to individual dispute resolution, waiving class actions.

32. Third-Party Vendor Limitations

We are not responsible for performance or data handling by third-party vendors.

33. User Conduct

You must not:

• Violate others’ rights.
• Upload illegal or harmful content.
• Compromise security or disrupt the Service.
• Bypass security measures.

34. Prohibited Data

Do not upload content that violates laws or includes sensitive data without proper consent.

35. Redaction Capability Limits

We cannot guarantee complete redaction. Always verify output.

36. Third-Party Integrations

Not liable for third-party apps integrated into the Service.

37. Consent to Communications

You consent to receive necessary communications electronically. You can opt-out of marketing at any time.

38. Account Security

You must keep credentials secure. We are not liable for unauthorized access due to your negligence.

39. Subscription & Payment Terms

• Accurate Payment Info: Keep payment details current.
• Non-Refundable Fees: Except as per our refund policy, fees are non-refundable.

40. Age Restrictions

Users must be at least 16, or have parental consent if under 16.

41. Feedback

Any feedback provided may be used by us without obligation.

42. Data Breach Notification

In case of a data breach affecting your data, we will notify you and authorities as required by law.

43. Waiver

No waiver of any term is a continuing waiver of that or any other term.

44. Notices

Notices sent via email to provided addresses constitute valid notice.

45. Assignment

You cannot assign these Terms without our consent; we may assign freely.

46. DPO Contact

For data protection inquiries, contact our DPO at securify@securedataerase.com.

47. Contact Information

For questions about these Terms:

• Email: securify@securedataerase.com
• Phone: +36 30 79 333 91
• Address: Kecskemét, 6000, Katona József utca 14, Hungary

Version: 1.1

Effective Date: November 1, 2024

Privacy Notice

---

1. Introduction

At SecureDataerase, your privacy is our priority. This Privacy Notice explains how we collect, use, disclose, and safeguard your personal data when you use our web application. We comply with global privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and we endeavor to respect other jurisdictions' data protection laws where applicable.

2. Data Controller and Processor Roles

SecureDataerase acts as a Data Controller with respect to personal data collected directly from you (e.g., account details, billing information). For personal data contained in documents you upload for processing, we act as a Data Processor, processing your data strictly under your instructions.

• Company Name: SecureDataerase
• Address: Kecskemét, 6000, Katona József utca 14, Hungary
• Email: securify@securedataerase.com
• Phone Number: +36 30 79 333 91

3. What Personal Data We Collect

We collect the following categories of personal data:

• Identity Data: Name, email address, tax ID, address, phone number.
• Account Information: Username, encrypted passwords, MFA settings, and security-related data.
• Transactional Data: Payment information for subscriptions (processed through Stripe), invoice details (via Billingo).
• Technical Data: IP addresses, session logs, and usage metadata.
• Usage Data: Feature usage, pages visited, links clicked, user preferences.
• Cookie Data: Information collected through strictly necessary cookies and tracking technologies.

4. How We Collect Your Data

We obtain your personal data through:

• Direct Interactions: When you register, subscribe, use our services, or contact support.
• Automated Technologies: Server logs and essential cookies.
• Third Parties: Payment processors (Stripe), invoicing services (Billingo), and infrastructure providers (e.g., AWS).

5. How We Use Your Personal Data

We use your personal data to:

• Account Setup and Management: Create and maintain your account.
• Security and Authentication: Implement MFA, password resets, and security features.
• Service Provision: Enable access to our redaction and compliance tools.
• Compliance Monitoring: Support GDPR, CCPA, and other compliance assessments.
• Technical Support and Improvement: Diagnose and address technical issues, enhance service efficiency.
• Legal and Regulatory Obligations: Meet financial, tax, and legal record-keeping obligations.
• Marketing Communications: Send you promotional materials if you have opted in. You may withdraw consent at any time by clicking the 'unsubscribe' link in emails, adjusting your account settings, or contacting us at securify@securedataerase.com.
• Aggregated Data: Analyze usage patterns to improve and develop our services. This data is anonymized and cannot identify you.

6. Legal Basis for Processing Personal Data

Our legal bases include:

• Contractual Necessity: To provide services as agreed with you.
• Legitimate Interests: To secure and improve our services while respecting your rights.
• Consent: For sending marketing communications, which you can withdraw anytime.
• Legal Obligation: To comply with laws (e.g., invoicing and retention requirements).

7. Data Retention

• Account Data: Retained as long as your account is active.
• Transactional Data: Invoices and related data retained for 8 years, as legally required.
• Technical Data: Stored for up to 24 months unless otherwise required.

8. Data Security

We apply industry-standard security measures:

• Encryption: Uploaded files are encrypted and deleted within 72 hours.
• MFA & Access Controls: Safeguarding sensitive accounts and data.
• Secure Data Centers: ISO 27001 certified facilities.
• Regular Audits: Periodic security assessments and penetration tests.
• Data Backups & Recovery: Regular backups and tested recovery procedures.

9. Sharing Your Data

We share your data only when necessary and with appropriate safeguards:

• Payment Processors: Stripe for handling payments.
• Invoicing Services: Billingo for invoice generation, fully compliant with EU regulations.
• Service Providers: For hosting, security, and related services.
• Legal Requirements: When obliged by law or in response to lawful requests from authorities.

10. International Data Transfers

If we transfer personal data outside the EEA, we rely on recognized transfer mechanisms such as the latest Standard Contractual Clauses (SCCs) and the EU-U.S. Data Privacy Framework (where applicable). We no longer rely on the invalidated EU-U.S. Privacy Shield. We ensure equivalent levels of data protection through appropriate safeguards.

11. Your Rights

Under GDPR and CCPA, you have the right to:

• Access: Receive a copy of your personal data.
• Rectification: Correct inaccurate or incomplete information.
• Erasure: Request deletion of your personal data when legally permissible.
• Restriction: Limit certain data processing activities.
• Data Portability: Transfer your data to another service provider.
• Object: Object to processing based on legitimate interests.
• No Sale of Personal Data: We do not sell personal data. California residents have the right to opt-out of any future 'sale' of personal information as defined by CCPA.

For California residents: You have the right to know about the personal information collected, request its deletion, and opt-out of its sale (we do not sell data). For users outside the EU and California, we respect applicable local laws and will endeavor to provide similar rights where possible.

To exercise any of these rights, contact us at securify@securedataerase.com or use the self-service tools in your account settings.

12. Cookies and Tracking Technologies

We use only strictly necessary cookies that are essential for the operation and security of our service. These do not require user consent as per the ePrivacy Directive. We provide this transparency to comply with GDPR principles and maintain your trust.

13. Third-Party Links

Our website may include links to third-party sites or services. Their privacy practices are not controlled by us. Please review their policies.

14. Children's Privacy

Our services are not intended for individuals under 16. We do not knowingly collect data from children under 16.

15. Data Breach Notification

We will notify you and, if required, regulatory authorities of any data breach within 72 hours of becoming aware, as mandated by GDPR.

16. Changes to This Privacy Notice

We may update this notice to reflect changes in our practices or legal obligations. Significant changes will be communicated at least 30 days before they take effect. The latest version is always available on our website.

17. Contact Us

For inquiries or exercising your rights:

• Email: securify@securedataerase.com
• Phone: +36 30 79 333 91
• Address: Kecskemét, 6000, Katona József utca 14, Hungary

18. Data Protection Officer

You can contact our Data Protection Officer (DPO) at securify@securedataerase.com.

19. Complaints

If you believe your rights have been violated, you can file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):

• Address: Szilágyi Erzsébet fasor 22/C, 1125 Budapest, Hungary
• Phone: +36 (1) 391-1400
• Email: ugyfelszolgalat@naih.hu

We also encourage you to contact us first to seek a resolution.

20. Automated Decision-Making

We do not use your personal data for automated decision-making or profiling.

21. Lawful Requests

We may disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

22. Consent Withdrawal

If processing is based on consent, you may withdraw it at any time by contacting us or via your account settings. Withdrawing consent does not affect the legality of prior processing.