Last Updated: 12.01.2026
PRIVACY POLICY
This Privacy Policy (the “Policy”) explains how Ponchii OÜ, registry code 17359414, Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 5, 10145, Estonia (the “Company,” “we,” “us,” or “our”), collects, uses, stores, and discloses personal data when you access or use ponchii.com, its subdomains, and related services (the “Site” or “Services”).
This Policy is provided in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection laws.
The Company acts as the data controller for the personal data processed under this Policy.
By using the Services, you acknowledge that your personal data will be processed as described in this Policy.
1. What if I do not agree with this Privacy Policy?
If you do not agree with this Policy, you should not use the Services.
Your continued use of the Services after any updates to this Policy constitutes acceptance of the revised Policy.
If you provide personal data relating to another person, you confirm that you are authorized to do so and that you have informed them of this Policy.
2. What information do we collect?
We collect Personal Data and Anonymous / Technical Data.
2.1 Personal Data you provide directly
Depending on how you use the Services, we may collect:
- name or username
- email address
- account credentials
- profile information
- communication content (support emails, messages)
- subscription and transaction records
- creator account and monetization details
We do not collect Special Categories of Personal Data (such as health data, biometric data, political opinions, or religious beliefs).
2.2 Communications
If you contact us by email or through the Services, we collect your name, email address, and the content of your message in order to respond.
2.3 Data collected automatically
When you access the Services, we automatically collect certain technical information, including:
- IP address
- browser type and version
- operating system
- device information
- referring and exit pages
- date and time of access
- session and usage data
This data is collected through server logs, cookies, and similar technologies.
2.4 Cookies
We use cookies and similar technologies to operate and improve the Services.
Detailed information about cookie usage is provided in our Cookie Policy.
3. How do we use your information?
We process personal data only where we have a lawful basis under GDPR.
3.1 Legal bases for processing
We process your personal data based on:
- performance of a contract (to provide the Services)
- legal obligations (accounting, tax, compliance)
- legitimate interests (security, fraud prevention, platform improvement)
- consent, where required (e.g. optional communications)
3.2 Purposes of processing
We use personal data to:
- create and manage user accounts
- provide access to the Services
- process subscriptions and payments
- send administrative and transactional communications
- verify users and prevent abuse
- provide customer support
- improve platform functionality and security
- comply with legal obligations
We do not sell personal data.
4. How do we share personal data?
We may share personal data only as necessary and in accordance with this Policy.
4.1 Service providers
We share data with trusted third-party service providers that help us operate the Services, including:
- payment processors (e.g. Stripe)
- hosting and database providers (e.g. Supabase)
- email and infrastructure providers
These providers process data only on our instructions and are bound by data protection obligations.
4.2 Legal requirements
We may disclose personal data if required to:
- comply with applicable laws or regulations
- respond to lawful requests by authorities
- protect our legal rights, users, or the public
4.3 Business transfers
If the Company is involved in a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of that transaction, subject to applicable data protection laws.
5. International data transfers
Your personal data may be transferred outside the European Economic Area (EEA).
Where this occurs, we ensure appropriate safeguards are in place, including:
- EU Standard Contractual Clauses
- GDPR-compliant data processing agreements
6. How long do we store your data?
We retain personal data only for as long as necessary for the purposes described in this Policy, including:
- the duration of your account
- compliance with legal and accounting obligations
- dispute resolution and enforcement of agreements
You may request deletion of your account at any time. Certain data may be retained where legally required.
7. Your data protection rights
Under GDPR, you have the right to:
- access your personal data
- correct inaccurate data
- request erasure of your data
- restrict or object to processing
- request data portability
- withdraw consent at any time
You also have the right to lodge a complaint with a supervisory authority.
8. How to exercise your rights
You can exercise your rights by contacting us at:
Email: hello@ponchii.com
We may request verification of your identity before responding.
9. Data storage and security
Personal data is stored on secure servers operated by trusted providers, including Stripe and Supabase.
We use appropriate technical and organizational measures to protect personal data. However, no system can be guaranteed to be 100% secure.
10. Account closure
You may close your account through your account settings.
After closure, we may retain certain information as required by law or for legitimate business purposes.
11. Changes to this Privacy Policy
We may update this Policy from time to time. Material changes will be communicated via the Site or email.
Continued use of the Services constitutes acceptance of the updated Policy.
12. Contact
If you have any questions about this Privacy Policy, please contact us at:
Email: hello@ponchii.com