Back to home

Privacy Policy

Last updated: February 9, 2025

1. Data Controller

Rytov Digital Solutions, ul. Stawowa 137A/14, 31-346 Kraków, Poland (NIP: 9452287298, REGON: 52779837500000) is the data controller for your personal data. You can reach us at contact@rytov.digital .

2. Data We Collect

Depending on how you interact with our service, we may collect:

  • Account data — name, email address, organization name
  • Contact form data — name, email, and message content submitted via the website
  • Documents — invoices, receipts, and other files you upload for processing
  • Device tokens — push notification identifiers used to deliver alerts to your mobile device
  • Usage data — pages visited, features used, and timestamps for service improvement

3. Purpose of Processing

We process your personal data for the following purposes:

  • Providing and maintaining the service (contract performance)
  • Sending push notifications about document status and important updates
  • Processing and storing documents you upload
  • Extracting data from uploaded documents using AI-powered document processing
  • Responding to your contact form inquiries
  • Improving and optimizing the service

4. Legal Basis (GDPR)

We process your data based on:

  • Contract performance (Art. 6(1)(b) GDPR) — to provide the service you signed up for
  • Consent (Art. 6(1)(a) GDPR) — for push notifications and contact form submissions
  • Legitimate interest (Art. 6(1)(f) GDPR) — for service improvement and security

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. Contact form submissions are retained for up to 12 months. Documents are retained for the duration of your subscription. Upon account deletion, your personal data is removed within 30 days, except where retention is required by law (e.g., accounting records retained for 5 years under Polish tax law).

6. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data ("right to be forgotten")
  • Restrict processing of your data
  • Data portability
  • Object to processing
  • Withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at contact@rytov.digital .

7. Data Security

We implement appropriate technical and organizational measures to protect your data. All data in transit is encrypted using TLS. Data at rest is stored in encrypted databases. Access to personal data is restricted to authorized personnel on a need-to-know basis. All data is stored in EU data centers and processed on servers and services located in the European Union.

8. Third-Party Services

We use the following third-party services that may process your data:

  • Google Vertex AI (Document AI) — for processing uploaded documents (OCR, data extraction). Google does not store your documents or use them for model training. Processing occurs in the EU region.
  • DigitalOcean Spaces (S3-compatible storage) — for storing uploaded documents and files. All data is stored in EU data centers.
  • Firebase Cloud Messaging (Google) — for delivering push notifications to your device

These providers are bound by data processing agreements and comply with GDPR requirements.

9. Contact

For any questions regarding your personal data or this privacy policy, please contact us:

Rytov Digital Solutions
ul. Stawowa 137A/14, 31-346 Kraków, Poland
Email: contact@rytov.digital

10. Supervisory Authority

You have the right to lodge a complaint with the Polish Data Protection Authority:

Urząd Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa, Poland
Website: uodo.gov.pl