Privacy Policy

1. Introduction

Databeam d.o.o., a company registered in Sarajevo, Bosnia and Herzegovina ("Company", "we", "us"), operates the unslouch application and website (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

2. Data Controller

3. Information We Collect

3.1 Information You Provide

• Email address — when you join the waitlist or create an account
• Account information — name and profile data when you register
• Task and wellness data — tasks, stretch completion, and income data you enter into the app

3.2 Information Collected Automatically

• Usage data — pages visited, features used, time spent in the app
• Device information — browser type, operating system, device type
• Cookies and similar technologies — see Section 7 below
• Analytics data — collected via Google Analytics and Umami (privacy-focused analytics)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent — for marketing communications and non-essential cookies
• Contract performance — to provide the Service you have requested
• Legitimate interests — to improve our Service, prevent fraud, and ensure security
• Legal obligation — to comply with applicable laws and regulations

5. How We Use Your Information

We use the collected information to:

• Provide, maintain, and improve the Service
• Send you updates about the Service launch (waitlist members)
• Process subscriptions and payments
• Analyze usage patterns to improve user experience
• Communicate with you about your account or the Service
• Comply with legal obligations

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service providers — hosting, analytics, and email delivery services that help us operate the Service
• Legal authorities — when required by law or to protect our rights
• Business transfers — in connection with a merger, acquisition, or sale of assets

7. Cookies and Tracking Technologies

We use the following types of cookies:

You can manage your cookie preferences at any time through the cookie settings banner on our website. You can also control cookies through your browser settings.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Waitlist email addresses are retained until the Service launches and you either create an account or request deletion. Account data is retained for the duration of your account and for up to 30 days after deletion. Analytics data is retained in anonymized form.

9. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access — request a copy of your personal data
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your personal data ("right to be forgotten")
• Restriction — request restriction of processing
• Portability — receive your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests
• Withdraw consent — withdraw consent at any time without affecting prior processing

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.

10. International Data Transfers

Your data may be processed on servers located outside Bosnia and Herzegovina, including in the European Union and the United States. We ensure appropriate safeguards are in place for any international transfers, including standard contractual clauses approved by the European Commission.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: