EN

Privacy Policy

Privacy information for visitors and customers using Deffe.com.

This Privacy Policy explains how Deffe.com processes personal data when you use our websites, services, tools, AI features, hosting services, support channels, and related functionality.

Deffe.com is operated by WebFinance Digital i Sverige AB, company registration number 5591620900, with registered address Bygdevägen 1, 646 32 Gnesta ("Deffe", "we", "us", or "our"). We are the data controller for the processing of personal data described in this Privacy Policy unless otherwise expressly stated.

1. personal data we collect

We may collect and process the following categories of personal data:

  • Account and identity data, such as name, company name, username, email address, phone number, and login credentials.
  • Payment and subscription data, such as billing address, VAT details, subscription plan, transaction history, and payment status. We generally do not store full payment card details ourselves; such data is normally handled by our payment providers.
  • Project and content data, such as prompts, instructions, text, code, images, files, website content, design selections, domain details, and other information you or your users upload, create, or store through the service.
  • Technical data and logs, such as IP address, device information, browser type, operating system, language, time zone, error reports, usage data, API calls, session data, and system logs.
  • Communications, such as the content of support requests, emails, chats, feedback, bug reports, and other correspondence with us.
  • Cookie and analytics data, to the extent that we use cookies or similar technologies to operate the service, improve user experience, measure traffic, or protect the service.

2. how we use personal data

We process personal data for the following purposes:

  • to create and manage accounts, identify users, and provide access to the service,
  • to provide AI features, website creation tools, hosting, storage, publishing, support, and other service functionality,
  • to process payments, issue invoices, manage subscriptions, and perform our contractual obligations,
  • to maintain, secure, troubleshoot, improve, and develop the service,
  • to communicate with you about operations, support, security, updates, and changes to the service or these policies,
  • to prevent abuse, fraud, unauthorized access, spam, malicious activity, and other improper use,
  • to comply with legal obligations, such as accounting, tax, security, and regulatory requirements,
  • to establish, exercise, or defend legal claims.

3. legal basis for processing

We process personal data based on one or more of the following legal grounds:

  • Contract – where processing is necessary to provide the service to you or to perform our obligations under a contract.
  • Legitimate interests – for example for operations, security, development, support, analytics, abuse prevention, and service-related communication, where our legitimate interests are not overridden by the data subject’s interests or fundamental rights and freedoms.
  • Legal obligation – where we are required to process data to comply with law, legal process, or regulatory requirements.
  • Consent – where consent is required, for example for certain cookies or optional processing activities. Any consent given may be withdrawn at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. AI features and user-generated content

When you use our AI features, we may process prompts, instructions, code, text, images, uploaded files, project data, and other content required to generate, edit, analyze, host, or otherwise provide the service.

You are responsible for ensuring that you have the right to use and upload the content you submit to the service. You should not upload sensitive personal data or other specially protected information unless it is necessary and lawful, and only if you are responsible for ensuring that such processing is permitted.

We may use automated systems, including AI models and external providers, to process such content in order to deliver the service, improve quality, detect abuse, troubleshoot issues, or maintain security.

5. recipients of personal data

We may share personal data with the following categories of recipients where necessary:

  • providers of hosting, infrastructure, storage, CDN, security, logging, monitoring, and backup services,
  • payment providers, billing systems, and financial service providers,
  • providers of AI models, language models, image generation, or similar technologies used to perform the service,
  • providers of domain, DNS, email, or communication services,
  • professional advisers such as lawyers, auditors, and insurers,
  • public authorities or other recipients where we are required by law or where necessary to protect our rights or the security of the service.

Where an external provider processes personal data on our behalf, it will normally do so as a data processor under contract and subject to our instructions.

6. international transfers

Some of our providers or technical solutions may involve personal data being processed outside the EU/EEA. If personal data is transferred outside the EU/EEA, we will implement reasonable and appropriate safeguards in accordance with applicable data protection law, such as standard contractual clauses or another approved transfer mechanism.

7. how long we keep personal data

We retain personal data for as long as necessary for the purposes described in this Privacy Policy, for as long as you maintain an active account or project with us, for as long as necessary to perform contracts or comply with legal obligations, or for as long as necessary to handle disputes, security issues, abuse prevention, or legal claims.

When personal data is no longer needed, we will delete or anonymize it unless continued retention is required by law or justified by legitimate and documented reasons.

8. security

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, and unauthorized disclosure. However, no internet-based service or storage method is completely secure, and we therefore cannot guarantee absolute security.

9. your rights

To the extent provided by applicable law, you may have the right to:

  • request access to your personal data,
  • request correction of inaccurate or incomplete data,
  • request deletion of your data,
  • request restriction of processing,
  • object to certain processing,
  • request data portability,
  • withdraw consent where processing is based on consent,
  • lodge a complaint with a competent supervisory authority.

If you wish to exercise any of your rights, you may contact us using the contact details provided at the end of this Privacy Policy.

10. cookies and similar technologies

We may use cookies, local storage, pixels, and similar technologies to make the service function, for security, login, preferences, statistics, and improvements. Where consent is required, we will obtain such consent before the relevant processing takes place.

11. children

The service is not intended for children who are not legally able to enter into binding agreements under applicable law. We do not knowingly collect personal data from children in violation of applicable law.

12. changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page. If the changes are material, we may also notify you by email, through the service, or by other appropriate means.

13. contact

If you have questions about this Privacy Policy or our processing of personal data, you may contact:

WebFinance Digital i Sverige AB
Company Registration Number: 5591620900
Address: Bygdevägen 1, 646 32 Gnesta
Email: [email protected] Contact Person / Privacy Contact: Richard Andersson

If you believe that our processing of personal data violates applicable law, you also have the right to lodge a complaint with the relevant supervisory authority.