Privacy Policy

1. Who We Are

zwischen.online is operated by Dmytro Piven, an Austrian sole trader (Einzelunternehmer). Registered address:Rettichgasse 14, 1140 Wien, Austria.

Contact: info@zwischen.app

We are the data controller for personal data collected through this website.

2. What Data We Collect

a) Data you provide to us

• Name and email address when you submit the contact or quote form
• Your answers to the lead qualification quiz (platform, accounting software, order volume)
• Any messages or enquiries you send us

b) Data collected automatically

• Anonymous usage analytics via Vercel Analytics (page views, referrer, country — no personal identifiers)
• Standard server logs (IP address, browser type, timestamp) retained for up to 30 days

3. How We Use Your Data

• To respond to your enquiries and provide quotes
• To provide and improve the integration service
• To understand how visitors use the website (aggregate analytics only)
• To comply with legal obligations

We do not use your data for automated decision-making or profiling. We do not sell your data to third parties.

4. Legal Basis for Processing (GDPR / UK GDPR)

• Legitimate interests — responding to enquiries, operating the website
• Contract performance — when processing data to deliver the integration service
• Legal obligation — where required by Austrian or EU law

5. Integration Data (Shopify / WooCommerce / Sage 50 / Xero)

When providing the integration service, we act as a data processor on your behalf. We access order, inventory, and financial data from your connected platforms solely to perform the sync. We do not store this data permanently on our servers — it is processed in transit and forwarded to the destination system. We never access or store your customers' payment card information.

All connections use OAuth2 authentication. No platform passwords are ever stored.

6. Data Storage & Security

• Data is processed and stored on servers located in Austria (EU)
• All data is encrypted in transit (TLS/HTTPS)
• Access to personal data is restricted to authorised personnel only

7. Third Parties

We use a limited number of third-party services:

• Vercel — website hosting and analytics (USA, EU Standard Contractual Clauses apply)
• Nodemailer / SMTP provider — to send email notifications from the contact form

We do not use Google Analytics, Facebook Pixel, or any advertising trackers.

8. Cookies

This website uses only essential cookies required for operation. Vercel Analytics uses privacy-preserving, cookieless analytics — no tracking cookies are set. You can verify this in your browser's developer tools.

9. Data Retention

• Contact form submissions: retained for up to 2 years or until you request deletion
• Server logs: 30 days
• Integration data: not retained after sync is complete

10. Your Rights

Under GDPR and UK GDPR, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Data portability
• Lodge a complaint with the Austrian Data Protection Authority (DSB) or the UK ICO

To exercise any of these rights, contact us at info@zwischen.app.