Privacy Policy
Last updated: 2026-05-19
Controller
Tebada Insider, Madrid, Spain. Contact: privacy@tebadainsider.com.
What we collect
- Account: email, hashed password, role, tier.
- Billing: Stripe customer ID (no card data stored on our side).
- Usage: anonymised product analytics via PostHog (opt-in).
- Optional: Telegram chat ID if you link an account.
- Logs: request IDs, IP fragments, timestamps. 24-month retention.
Legal basis (GDPR Art. 6)
- Contract performance — account, billing.
- Legitimate interest — security, fraud prevention.
- Consent — marketing emails, optional analytics.
Your rights
Access, rectification, deletion, portability, restriction, objection. Exercise from your account page or via privacy@tebadainsider.com. Response within 30 days.
Subprocessors
See subprocessors.
Retention
- Account data: until deletion + 30 days backup window.
- Logs: 24 months.
- Financial records: 7 years (regulatory requirement).
- Marketing consent: until withdrawal.
International transfers
Some subprocessors are based outside the EEA. We rely on SCC and equivalent safeguards.
Complaints
You may lodge a complaint with the Spanish Data Protection Agency (AEPD) or your local supervisory authority.