Privacy Policy

Introduction

Welcome to Speca. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our platform. It applies to all visitors and registered users of Speca.

We believe in transparency and want you to understand exactly what happens with your information. If you have any questions after reading this policy, please reach out to us using the contact details at the bottom of this page.

Last updated: June 15, 2025.

Data Controller

The data controller responsible for your personal data is:

Speca, registered in the Netherlands
Chamber of Commerce (KvK): 77096843

As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring your data is handled in compliance with the General Data Protection Regulation (GDPR).

Data We Collect

We collect the following categories of personal data:

  • Account data — your name and email address, provided when you create an account.
  • Usage data — information about how you interact with the platform, including pages visited, features used, and session duration.
  • Payment data — billing information such as your card details and billing address, processed securely through our payment provider.
  • Product links — URLs you submit for automated parsing and data extraction within the platform.

We do not collect sensitive personal data such as health information, political opinions, or biometric data.

Purpose of Processing

We use your personal data for the following purposes:

  • Providing the service — creating and maintaining your account, processing product links, and delivering the core Speca functionality.
  • Processing payments — handling subscription billing and payment transactions securely.
  • Improving the platform — analyzing usage patterns to enhance features, fix issues, and develop new functionality.
  • Communicating with you — sending service updates, security alerts, and responding to your support requests.

Third-Party Processors

We share your data with the following third-party processors who help us deliver the service. Each processor is bound by a Data Processing Agreement (DPA) and processes data only for the purposes described below.

Stripe

Stripe processes your payment data, including card details and billing address, to handle subscription payments securely. Stripe is PCI DSS Level 1 certified and stores your payment information on their servers — we never store your full card number. For more information, see Stripe's Privacy Policy.

OpenAI

OpenAI processes the product link data you submit for automated parsing and extraction. This includes the URL content and any product information extracted from those pages. OpenAI processes this data solely to provide the parsing functionality and does not use it to train their models. For more information, see OpenAI's Privacy Policy.

Google Analytics

Google Analytics collects anonymized usage analytics, including page views and session duration, to help us understand how the platform is used. IP addresses are anonymized before storage. We use this data exclusively to improve the user experience. For more information, see Google's Privacy Policy.

Cookies

We use cookies to keep the platform running smoothly and to understand how you use it. Here is what we use:

  • Essential cookies — these are required for the platform to function. They handle your session and authentication so you stay logged in as you navigate between pages. You cannot opt out of these cookies.
  • Analytics cookies — set by Google Analytics to collect anonymized usage data such as page views and session duration. These help us understand which features are popular and where users encounter issues. You can opt out of these cookies through the cookie consent banner.

We do not use marketing or advertising cookies. We do not track you across other websites.

Data Retention

We retain your data only as long as necessary for the purposes described in this policy:

  • Account data — retained while your account is active and for 30 days after you request deletion, to allow for account recovery if needed.
  • Payment records — retained for 7 years after the transaction date, as required by Dutch tax and accounting regulations.
  • Analytics data — anonymized after 26 months. After anonymization, the data can no longer be linked to you.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — you can request a copy of all personal data we hold about you.
  • Right to rectification — you can ask us to correct any inaccurate or incomplete data.
  • Right to erasure — you can request that we delete your personal data, subject to legal retention obligations.
  • Right to restriction of processing — you can ask us to temporarily stop processing your data in certain circumstances.
  • Right to data portability — you can request your data in a structured, machine-readable format to transfer to another service.
  • Right to object — you can object to processing based on legitimate interest, and we will stop unless we have compelling grounds to continue.

To exercise any of these rights, send an email to [email protected]. We will respond to your request within 30 days.

If you believe we are not handling your data correctly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Speca
Email: [email protected]