Privacy Policy

Last updated: December 16, 2025

1. Introduction

Jakobsen Digital OU ("we", "us", or "Vaerk") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our time tracking and project management service.

2. Data Controller

Jakobsen Digital OU
Registry code: 16751062
Address: Sutemetsa tee 8-10, 76916 Tiskre, Estonia
Email: privacy@vaerk.app

3. Information We Collect

We collect information you provide directly to us:

  • Account Information: Email address and password when you create an account
  • Subscription Data: Information about your subscriptions that you choose to track, including service names, costs, billing dates, and categories
  • Payment Information: If you subscribe to a paid plan, payment processing is handled by our third-party payment processor (Stripe). We do not store your full payment card details.
  • Usage Data: Information about how you interact with our service, including features used and preferences
  • Analytics Data: We use Plausible Analytics, a privacy-friendly analytics service that does not use cookies and does not collect personal data. Plausible only collects aggregated data such as page views, referral sources, and browser type. No individual visitors can be identified. Plausible is EU-based and GDPR compliant by design.

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Send you notifications about upcoming payments and trial expirations
  • Process transactions and send related information
  • Respond to your comments, questions, and support requests
  • Send you technical notices, updates, and administrative messages
  • Detect, investigate, and prevent fraudulent transactions

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on:

  • Contract: Processing necessary to perform our contract with you
  • Legitimate Interests: Processing necessary for our legitimate business interests
  • Consent: Where you have given consent for specific processing activities
  • Legal Obligation: Processing necessary to comply with legal requirements

6. Data Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist us in providing our services, including:
    • Hetzner (hosting, Germany/Finland)
    • Supabase (database, Germany)
    • Stripe (payment processing, US with EU SCCs)
    • Brevo (transactional emails, France)
    • Plausible Analytics (website analytics, EU - no personal data)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law.

8. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Request erasure of your personal data
  • Restrict processing of your personal data
  • Data portability
  • Object to processing of your personal data
  • Withdraw consent at any time

To exercise these rights, please contact us at privacy@vaerk.app.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest, regular security assessments, and access controls.

10. International Data Transfers

The majority of your personal data is processed and stored within the European Economic Area (EEA), specifically in Finland (Hetzner) and Germany (Supabase). For payment processing through Stripe, data may be transferred to the United States. Such transfers are conducted under EU-approved Standard Contractual Clauses (SCCs) to ensure your data receives an adequate level of protection as required by GDPR.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@vaerk.app
Jakobsen Digital OU
Estonia

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In Estonia, this is the Data Protection Inspectorate (Andmekaitse Inspektsioon).