Privacy Policy

1. Introduction

This Privacy Policy explains how YereLaunch Studio, operated by Dmytro Yerebakan (sole trader, Sofia, Bulgaria), collects, uses, stores, and protects your personal data when you visit our website at yere.io or purchase our services.

We are committed to complying with the General Data Protection Regulation (GDPR) (EU Regulation 2016/679) and applicable Bulgarian data-protection legislation.

2. Data Controller

The data controller responsible for your personal data is:

3. Data We Collect

We may collect the following types of personal data:

• Contact Information: Full name, email address, and company name when you submit our contact or order forms.
• Payment Information: Billing details processed securely through Stripe, Inc. We do not store your full credit card number, CVV, or bank account details on our servers.
• Technical Data: IP address, browser type and version, operating system, referring URL, pages visited, and timestamps — collected automatically via server logs.
• Cookies & Analytics: See Section 7 below for details on cookies.

4. How We Use Your Data

We process your personal data for the following purposes:

• Service Delivery: To provide, manage, and support the News Feed Posting subscriptions and custom automation services you purchase.
• Communication: To respond to your inquiries, send service-related notifications, and provide customer support.
• Payment Processing: To process payments and manage your billing through our payment processor, Stripe.
• Legal Compliance: To comply with legal obligations, including tax and financial reporting requirements.
• Website Improvement: To analyze usage patterns and improve our website's performance and content.

5. Legal Basis for Processing

Under GDPR, we rely on the following legal bases:

• Contractual Necessity (Art. 6(1)(b)): Processing required to deliver the services you've purchased.
• Legitimate Interest (Art. 6(1)(f)): Improving our website and services, preventing fraud.
• Legal Obligation (Art. 6(1)(c)): Compliance with financial, tax, and regulatory requirements.
• Consent (Art. 6(1)(a)): Where applicable, for marketing communications or optional analytics cookies.

6. Third-Party Processors

We share personal data only with trusted third-party service providers who assist us in operating our business:

• Stripe, Inc. — Payment processing. Stripe's privacy policy is available at stripe.com/privacy.
• Google Fonts — Web font delivery. Google may collect your IP address. See Google's Privacy Policy.

We do not sell, rent, or trade your personal data to any third parties.

7. Cookies

Our website uses only essential cookies that are strictly necessary for the operation of the site (e.g., session management). We do not currently use marketing or advertising cookies.

If we introduce optional analytics or tracking cookies in the future, we will update this policy and implement a cookie consent mechanism before deploying them.

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

• Account & subscription data: Retained for the duration of your active subscription, plus 12 months after cancellation.
• Financial records: Retained for up to 10 years as required by Bulgarian tax law.
• Contact form submissions: Retained for up to 24 months unless you request earlier deletion.
• Server logs: Retained for up to 90 days.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data ("right to be forgotten") where applicable.
• Right to Restriction: Request limitation of processing in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at contact@yere.io. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• HTTPS encryption for all website communications.
• PCI-DSS compliant payment processing through Stripe.
• Access controls limiting data access to authorized personnel only.

11. International Data Transfers

Your data may be transferred to and processed by Stripe in the United States. Stripe participates in the EU-US Data Privacy Framework and implements Standard Contractual Clauses to ensure adequate protection.

12. Supervisory Authority

If you believe your data protection rights have been infringed, you have the right to lodge a complaint with the Commission for Personal Data Protection (CPDP) of the Republic of Bulgaria:

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: