feat: expand privacy policy to comprehensive 16-section GDPR-compliant format
- Updated privacy-policy page component to render all 16 sections - Expanded Croatian translations with comprehensive GDPR-compliant privacy policy - Expanded English translations with comprehensive GDPR-compliant privacy policy - Added sections covering: data controller, data collection, legal bases, cookies, hosting location, data sharing, EU transfers, security, data retention, GDPR rights, rights exercise, complaint rights, children's privacy, and policy changes - Restructured existing sections with intro paragraphs and detailed list items - Maintained proper rich text formatting for email links and emphasis 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Knee Cola
123
messages/en.json
123
messages/en.json
@@ -416,52 +416,125 @@
|
||||
}
|
||||
},
|
||||
"privacy-policy-page": {
|
||||
"title": "Application Privacy Policy for Home Utility Bills Tracking Web App",
|
||||
"title": "Privacy Policy for the Utility Bill Tracking Web App",
|
||||
"meta": {
|
||||
"effective-date": "{{EFFECTIVE_DATE}}",
|
||||
"last-updated": "{{LAST_UPDATED_DATE}}",
|
||||
"controller": {
|
||||
"name": "rezije.app",
|
||||
"address": "{{ADDRESS}}",
|
||||
"contact-email": "support@rezije.app"
|
||||
},
|
||||
"data-hosting": "EU",
|
||||
"analytics": "Self-hosted web analytics (cookie-less)",
|
||||
"backup-retention-days": 7,
|
||||
"processors": "No additional processors other than the EU infrastructure/hosting provider."
|
||||
},
|
||||
|
||||
"section-1": {
|
||||
"heading": "1. Introduction",
|
||||
"content": "Welcome to our Home Utility Bills Tracking Web Application (\"App\"). This Privacy Policy is intended to inform you about how we collect, use, and disclose your personal information through the operation of the App."
|
||||
"content": "This Privacy Policy (\"Policy\") explains how rezije.app (\"we\", \"us\", \"our\") collects, uses, and protects personal data in connection with the use of the utility bill tracking web application (the \"Application\"). This Policy applies to personal data of users of the Application."
|
||||
},
|
||||
|
||||
"section-2": {
|
||||
"heading": "2. Information We Collect",
|
||||
"item-1": "<strong>Information You Provide</strong>: This includes the billing locations, bill names, attached documents, and any other data you enter into the App.",
|
||||
"item-2": "<strong>Information from Google OAuth</strong>: When you authenticate using Google OAuth, we receive your email address and OAuth ID."
|
||||
"heading": "2. Data Controller and Contact",
|
||||
"paragraph-1": "The data controller for personal data processed in connection with the Application is rezije.app. The Application is published and maintained by a private individual (not a company).",
|
||||
"paragraph-2": "For privacy-related questions and to exercise your rights, you can contact us at <emailLink>support@rezije.app</emailLink>."
|
||||
},
|
||||
|
||||
"section-3": {
|
||||
"heading": "3. How We Use Your Information",
|
||||
"item-1": "<strong>To Provide Our Service</strong>: We use your information to operate, maintain, and provide to you the features and functionality of the App.",
|
||||
"item-2": "<strong>Communication</strong>: We may use your email address to communicate with you, for example, to send you notifications about your account or updates to our Privacy Policy."
|
||||
"heading": "3. Personal Data We Collect",
|
||||
"intro": "We may collect the following categories of data:",
|
||||
"item-1": "<strong>Account data (Google OAuth)</strong>: your email address and the identifier (OAuth ID) assigned by Google, and other basic data necessary for authentication and account management.",
|
||||
"item-2": "<strong>Data you enter in the Application</strong>: billing locations, account names, amounts, dates, notes, and any other data you voluntarily enter.",
|
||||
"item-3": "<strong>Uploaded documents</strong>: documents and files you upload (e.g., bills, PDFs, photos). Such documents may contain personal data (yours or third parties'), depending on their content.",
|
||||
"item-4": "<strong>Technical data and logs</strong>: basic technical data required for operation and security (e.g., login logs, error logs, and security event logs).",
|
||||
"item-5": "<strong>Aggregated analytics data (cookie-less)</strong>: aggregated usage data (e.g., visit counts, page views, session duration) collected via self-hosted web analytics that does not use cookies."
|
||||
},
|
||||
|
||||
"section-4": {
|
||||
"heading": "4. How We Store Your Information",
|
||||
"content": "Your information is stored on secure servers and is only accessible to a limited number of persons who have special access rights to such systems."
|
||||
"heading": "4. How We Use Your Data and Legal Bases",
|
||||
"intro": "We process personal data only when we have a lawful basis, for the following purposes:",
|
||||
"item-1": "<strong>Providing and maintaining the Service</strong> (performance of a contract / steps prior to entering into a contract): enabling login, providing Application features, storing and displaying your data.",
|
||||
"item-2": "<strong>Security and abuse prevention</strong> (legitimate interests): protecting the Application, detecting and preventing fraud, incidents, and unauthorized access.",
|
||||
"item-3": "<strong>Improving the Application</strong> (legitimate interests): analyzing aggregated usage to improve performance and user experience.",
|
||||
"item-4": "<strong>User communications</strong> (legitimate interests and/or performance of a contract): sending account-related communications, security notices, and important updates about the Application or this Policy.",
|
||||
"item-5": "<strong>Legal obligations</strong> (legal obligation): retaining and disclosing data where necessary to comply with applicable law or lawful requests by authorities."
|
||||
},
|
||||
|
||||
"section-5": {
|
||||
"heading": "5. Sharing of Your Information",
|
||||
"content": "We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential."
|
||||
"heading": "5. Cookies and Similar Technologies",
|
||||
"paragraph-1": "The Application uses cookies and/or similar technologies that are necessary for functionality (e.g., authentication/session and security).",
|
||||
"paragraph-2": "For analytics, we use <strong>cookie-less</strong>, self-hosted web analytics. We do not use analytics for advertising purposes or to build marketing profiles of users."
|
||||
},
|
||||
|
||||
"section-6": {
|
||||
"heading": "6. Security",
|
||||
"content": "We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information."
|
||||
"heading": "6. Hosting and Processing Location (EU)",
|
||||
"content": "The Application is hosted on infrastructure located within the European Union. Data is processed and stored in the EU."
|
||||
},
|
||||
|
||||
"section-7": {
|
||||
"heading": "7. Your Choices and Rights",
|
||||
"content": "You have the right to access, update or request the deletion of your personal information. Please contact us directly to exercise these rights."
|
||||
"heading": "7. Data Sharing and Recipients",
|
||||
"intro": "We do not sell your personal data. We may share data only in the following cases:",
|
||||
"item-1": "<strong>EU infrastructure/hosting provider</strong>: we use an infrastructure/hosting provider to operate, keep available, and secure the Application. That provider may have technical access to data only to the extent necessary to deliver the service and under confidentiality obligations.",
|
||||
"item-2": "<strong>Authentication</strong>: login via Google OAuth involves exchanging data necessary for authentication with Google, in accordance with Google’s policies.",
|
||||
"item-3": "<strong>Legal requirements</strong>: where necessary to comply with law, a court order, or a lawful request by authorities, or to protect our rights and the safety of users."
|
||||
},
|
||||
|
||||
"section-8": {
|
||||
"heading": "8. Data Retention",
|
||||
"content": "We will retain your information for as long as your account is active or as needed to provide you services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements."
|
||||
"heading": "8. Transfers Outside the EU/EEA",
|
||||
"content": "As a rule, we do not transfer personal data outside the EU/EEA as part of operating the Application. However, certain processing related to Google OAuth is performed in accordance with Google’s policies and may involve transfers outside the EU/EEA. In such cases, Google’s safeguards and rules apply."
|
||||
},
|
||||
|
||||
"section-9": {
|
||||
"heading": "9. Changes to Our Privacy Policy",
|
||||
"content": "We may update this privacy policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this App prior to the change becoming effective."
|
||||
"heading": "9. Security",
|
||||
"content": "We implement reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, and disclosure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security."
|
||||
},
|
||||
|
||||
"section-10": {
|
||||
"heading": "10. Contact Us",
|
||||
"content": "If you have any questions about this Privacy Policy, please contact us at <emailLink>support@rezije.app</emailLink>."
|
||||
"heading": "10. Data Retention",
|
||||
"intro": "We retain data only as long as necessary for the purposes for which it was collected:",
|
||||
"item-1": "<strong>Account data</strong>: while your account is active and until the account is deleted, unless retention is required to comply with legal obligations or resolve disputes.",
|
||||
"item-2": "<strong>Data you enter and uploaded documents</strong>: until you delete them or until the account is deleted, with a reasonable period for technical removal from active systems.",
|
||||
"item-3": "<strong>Technical logs</strong>: retained for a limited time for security and diagnostics and then deleted or anonymized, unless longer retention is needed to investigate an incident or comply with legal obligations.",
|
||||
"item-4": "<strong>Backups</strong>: backups are retained for up to 7 days and then automatically overwritten or deleted. Due to the nature of backups, deleted data may remain in backups until the retention period expires."
|
||||
},
|
||||
|
||||
"section-11": {
|
||||
"heading": "11. Consent",
|
||||
"content": "By using our App, you consent to our privacy policy."
|
||||
"heading": "11. Your Rights (GDPR)",
|
||||
"intro": "Depending on applicable law, you may have the following rights:",
|
||||
"item-1": "<strong>Right of access</strong>: request confirmation whether we process your data and obtain a copy.",
|
||||
"item-2": "<strong>Right to rectification</strong>: request correction of inaccurate data or completion of incomplete data.",
|
||||
"item-3": "<strong>Right to erasure</strong> (\"right to be forgotten\"): request deletion of your data where the conditions are met.",
|
||||
"item-4": "<strong>Right to restriction</strong>: request restriction of processing in certain cases.",
|
||||
"item-5": "<strong>Right to data portability</strong>: request your data in a structured, commonly used, machine-readable format, where applicable.",
|
||||
"item-6": "<strong>Right to object</strong>: object to processing based on legitimate interests, including analytics, where applicable.",
|
||||
"item-7": "<strong>Right to withdraw consent</strong>: if processing is based on consent, you may withdraw it at any time (withdrawal does not affect the lawfulness of processing before withdrawal)."
|
||||
},
|
||||
|
||||
"section-12": {
|
||||
"heading": "12. How to Exercise Your Rights",
|
||||
"content": "To exercise your rights, contact us at <emailLink>support@rezije.app</emailLink>. To protect personal data, we may request additional information to verify your identity before responding to your request."
|
||||
},
|
||||
|
||||
"section-13": {
|
||||
"heading": "13. Right to Lodge a Complaint",
|
||||
"content": "If you believe that the processing of your personal data violates applicable law, you have the right to lodge a complaint with a supervisory authority. In the Republic of Croatia, the supervisory authority is the Croatian Personal Data Protection Agency (AZOP)."
|
||||
},
|
||||
|
||||
"section-14": {
|
||||
"heading": "14. Children’s Privacy",
|
||||
"content": "The Application is not intended for persons under 18 years of age, and we do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us so we can take appropriate measures."
|
||||
},
|
||||
|
||||
"section-15": {
|
||||
"heading": "15. Changes to This Policy",
|
||||
"content": "We may update this Policy from time to time to reflect changes in our practices or to comply with law. If we make material changes, we will notify you via a notice in the Application and/or by email (sent to the address associated with your account) before the changes take effect."
|
||||
},
|
||||
|
||||
"section-16": {
|
||||
"heading": "16. Contact",
|
||||
"content": "If you have any questions about this Privacy Policy, please contact us at <emailLink>support@rezije.app</emailLink>."
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user