Skip to main content

Privacy Policy

We explain the data we process for social media service orders, payment, support and consent-based analytics.

This overview explains how we handle data when operating the service. Specific rights and obligations follow GDPR, applicable law and the terms of service.

1. Data controller

Who runs the site and where we are based.

Legal name

Byte development s.r.o.

Company ID

21661235

VAT ID

CZ21661235

Data box

hjhpcu9

Registered address

Příkop 843/4, Zábrdovice, 602 00 Brno

Email

support@koupitsledujici.cz

2. What we process

Only the data the site actually needs.

  • Email and order details for order confirmation, transactional email, billing and support.
  • Billing profile and company details only when the customer saves them or enters them in checkout.
  • Selected service, quantity and public social profile, post, video or channel URL.
  • Stripe payment metadata needed to match payment, order, refund and accounting records.
  • IP address, CSRF token and order code for fraud prevention and ownership verification.
  • Technical, analytics and marketing identifiers only after the relevant cookie consent.
  • Local storage for saved social profiles, draft cart, assistant and consent banners when used.

5. Data shared with fulfilment providers

The minimum needed to complete the ordered service.

  • Fulfilment providers receive the public profile, post, video or channel URL.
  • We share the ordered service type, platform, quantity and internal order identifier for status matching.
  • We do not share passwords, login credentials, private messages or social account access.
  • Email, billing data and payment metadata stay with us unless required for payment, accounting or support.

6. Profiles saved in the browser

Local saved profiles and cart data on your device.

  • Saved social profiles in the browser only help prefill a future order on the same device.
  • The draft cart may contain selected service, quantity and public target URL.
  • This data is stored locally in your browser and can be removed by clearing site data or saved profiles in the interface.

3. Purposes and legal bases

Purpose, legal basis and retention in one table.

PurposeLegal basisRetention
Social media service fulfilment and order managementGDPR Art. 6(1)(b)10 years for accounting records, otherwise for the order lifecycle
Invoicing and accountingGDPR Art. 6(1)(c)10 years
Fraud prevention, claims and supportGDPR Art. 6(1)(f)As long as needed for the request and security logs
Analytics and marketing measurementGDPR Art. 6(1)(a) (consent)Until consent is withdrawn / according to the tool settings

4. Processors and sharing

Who helps us run the service and accept payments.

  • Stripe for payments
  • Appwrite for database and account operations
  • SMM fulfilment providers only with public URL, service type and quantity
  • Appwrite Messaging with MailerSend SMTP for transactional email
  • Chatwoot for support if support chat is enabled
  • GA4, PostHog and Umami only after analytics consent
  • Meta, Google Ads, TikTok, Microsoft Ads and Reddit for advertising pixels, server-side conversions, attribution and remarketing – only after marketing consent
  • mPOHODA for invoicing and accounting records

7. Your rights

What you can request and through which channel.

  • Right of access, rectification, erasure, portability, objection and restriction.
  • You can also request export and deletion through the GDPR portal.
  • Accounting records are anonymized on deletion but kept for the period required by law.

Use the GDPR portal or email support@koupitsledujici.cz for export or deletion requests.

8. Cookies and browser storage

Cookies, session storage and consent logic.

  • `td_session` with Appwrite session secret for account login
  • `csrf_token` for form protection
  • `cookie_consent` for storing your choice (analytics and marketing consent are tracked separately)
  • GA4, PostHog and Umami only after analytics consent
  • Advertising pixels and server-side conversions (Meta, Google Ads, TikTok, Microsoft Ads, Reddit) for purchase attribution, remarketing and enhanced conversions; on purchase we may share hashed email and IP – only after marketing consent
  • The assistant may store conversation and session state in localStorage until you clear it

9. Contact

Last stop and service contact.

Contact: support@koupitsledujici.cz. GDPR requests can also be submitted through the GDPR portal.

Need something else? Contact support.Back to home
Privacy Policy | KoupitSledujici.cz