Privacy Policy & GDPR Information

1. Data Controller

FlixyDoc is committed to protecting your privacy and ensuring the security of your personal data in accordance with the General Data Protection Regulation (GDPR).

2. Data We Collect

When you use FlixyDoc, we collect only the following personal data:

2.1 Account Data

• Username: For account identification and login
• Email address: For account verification, communication, and password reset
• Password: Stored in hashed form for account security (we never store passwords in plain text)

2.2 License Data

• License key: To verify your subscription status
• Subscription type: Monthly, yearly, or trial status
• Expiration date: To manage subscription renewals

2.3 Payment Data (processed by Stripe)

• Payment information: Handled securely by Stripe (we do not store credit card details)
• Transaction records: For invoicing and tax compliance

Important: We do NOT collect or store:

• Your projects, screenshots, or session data
• Any content you create within the FlixyDoc desktop application
• Usage analytics or tracking data
• Location data or device information

All your work (projects, screenshots, documentation) is stored locally on your computer only. FlixyDoc is a desktop application that processes data locally.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract fulfillment (Art. 6 para. 1 lit. b GDPR): Processing necessary to provide the FlixyDoc service you registered for
• Consent (Art. 6 para. 1 lit. a GDPR): Where you have given explicit consent for specific processing activities
• Legitimate interests (Art. 6 para. 1 lit. f GDPR): For improving our services and fraud prevention

4. How We Use Your Data

Your personal data is used exclusively for the following purposes:

• Account management: Creating and maintaining your FlixyDoc account
• Authentication: Verifying your identity when you log into the desktop application
• License validation: Checking your subscription status and access rights
• Email notifications: Sending account verification, password reset, and subscription-related emails
• Payment processing: Managing your subscription payments through Stripe
• Customer support: Responding to your support inquiries
• Legal compliance: Meeting tax and accounting requirements

We do NOT use your data for:

• Analytics or tracking your usage behavior
• Profiling or automated decision-making
• Selling or sharing with third parties for marketing
• Any purpose other than those listed above

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data:

• All data is stored on secure servers in Austria
• Data transmission is encrypted using SSL/TLS protocols
• Passwords are hashed using industry-standard algorithms
• Regular security audits and updates
• Access controls and authentication mechanisms

6. Data Sharing

We do not share your personal data with third parties except in the following cases:

• Payment processing: Stripe payment gateway (for subscription payments)
• Email delivery: Zoho Mail service (for transactional emails)
• Legal obligations: When required by law or legal process

All third-party processors are GDPR-compliant and bound by data processing agreements.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR): Request a copy of your personal data
• Right to rectification (Art. 16 GDPR): Correct inaccurate or incomplete data
• Right to erasure (Art. 17 GDPR): Request deletion of your data ("right to be forgotten")
• Right to restriction (Art. 18 GDPR): Limit how we use your data
• Right to data portability (Art. 20 GDPR): Receive your data in a structured format
• Right to object (Art. 21 GDPR): Object to data processing for direct marketing
• Right to withdraw consent (Art. 7 GDPR): Withdraw consent at any time

To exercise any of these rights, please contact us at [email protected]

8. Data Retention

We retain your personal data only as long as necessary:

• Account data (username, email, password): Until you delete your account or request deletion
• License data: Until your subscription expires plus 30 days, or until account deletion
• Payment records: 7 years (Austrian tax law requirement - BAO §132)
• Email communications: Transactional emails are not stored; marketing emails until you unsubscribe

Note: Your projects, screenshots, and work data are stored only on your local computer. We do not retain any of your content data on our servers.

9. International Data Transfers

Your data is processed within the European Economic Area (EEA). We do not transfer personal data outside the EEA unless adequate safeguards are in place under GDPR Chapter V.

10. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.

11. Cookies and Tracking

FlixyDoc uses minimal cookies for essential functionality:

• Session cookies: To keep you logged in
• Preference cookies: To remember your settings

We do not use tracking cookies or third-party analytics.

12. Children's Privacy

FlixyDoc is not intended for users under 16 years of age. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the application.

14. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Austrian Data Protection Authority:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien, Austria
Website: www.dsb.gv.at

15. Contact Information

For any questions about this Privacy Policy or your personal data, please contact:

Email: [email protected]
Website: https://flixydoc.com

16. Data Processing Details (FlixyDoc Service)

Name of data processing: FlixyDoc

Data source: Data received directly from the data subject

Legal basis: Contract fulfillment or pre-contractual measures

Direct marketing: Yes (with consent)

Data sharing: No, data is processed only within our company in Austria

Profiling: No automated profiling

Joint controller: No

Location of processing: Austria (EU)

Data Protection Officer: Not required for our company size