Privacy Policy

Overview

This Privacy Policy explains how Checkiny processes personal data when you use our platform. Checkiny operates under GDPR and applies data minimization principles to contract analysis workflows.

Data Controller Information

The data controller is Twarek V.O.F. (operating as Checkiny), registered with the Dutch Chamber of Commerce (KVK) under number 42050819.

For privacy-related requests, contact us via the contact details listed on the website.

Data We Collect

Account data: name, email address, role, language settings, and company profile information.

Billing data: subscription plan metadata, Stripe customer identifiers, and invoice/payment status information (payment card data is handled by Stripe).

Contract analysis data: uploaded contract files, extracted contract text, questionnaire answers, analysis scores, findings, recommendations, and report metadata.

Data Minimization & Retention

We process only data required to provide, secure, and improve the service. We minimize the amount of personal data included in analysis outputs.

Extracted contract text is automatically deleted after 30 days. Scoring outputs and report metadata may be retained longer for auditability and reporting.

Where feasible, personally identifiable information (PII) is sanitized prior to AI processing.

Sub-processors

We use vetted sub-processors for core operations, including Supabase (hosting, database, storage), Anthropic (AI analysis), and Stripe (billing).

Our AI providers are contractually restricted from using customer inputs/outputs submitted through Checkiny to train their general foundation models.

Your GDPR Rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, or object to processing of your personal data, and the right to data portability.

You may also withdraw consent where processing is based on consent and lodge a complaint with your local supervisory authority.