This Privacy Policy explains how TeeWiz d.o.o.("we", "us", "our") collects, uses and shares personal data when you use Srodna-dusa.com(the "Service").
1. Who we are
- Controller: TeeWiz društvo s ograničenom odgovornošću za računalno programiranje (TeeWiz d.o.o.)
- Registered seat: Prilaz Vladislava Brajkovića 11, 10020 Zagreb, Hrvatska
- Court of registration: Trgovački sud u Zagrebu
- OIB: 35789667386
- Contact: support@srodna-dusa.com
We are the controller of your personal data within the meaning of Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and the Croatian Act on the Implementation of the GDPR (Zakon o provedbi Opće uredbe o zaštiti podataka).
2. Data we collect
2.1 Information you provide
- Registration data: email address, password (hashed), language preference.
- Quiz / questionnaire answers: gender, age band, date of birth, name, partner name (optional), interest, ethnicity preference, attribute preferences and similar inputs used to generate your soulmate insights.
- Customer-support correspondence and any content you choose to send us.
- Payment metadata (transaction IDs, last-4 of card, payment status). Card details themselves are processed directly by our PCI-DSS-certified payment processor and not seen by us.
2.2 Information collected automatically
- Device and browser identifiers, OS and version, screen size, language.
- IP address (truncated where used for analytics).
- Usage events: pages visited, features used, error logs, referral source.
2.3 Information from third parties
Where you sign in via Apple or Google, we receive your name, email, and a stable identifier from that provider. We do not receive your password.
3. Why we use your data and on what legal basis
- To deliver the Service (account, soulmate generation, billing) — performance of contract (Art. 6(1)(b) GDPR).
- To comply with legal obligations (tax, accounting, fraud reporting, responses to lawful requests) — legal obligation (Art. 6(1)(c)).
- For analytics, security and product improvement in pseudonymous form — legitimate interests (Art. 6(1)(f)).
- For marketing and personalised advertising via cookies and SDKs — your consent (Art. 6(1)(a)). You can withdraw consent at any time without affecting prior processing.
- To send service emails (account events, transactional notifications) — performance of contract.
4. Sharing your data
We share data with carefully selected processors who act only on our written instructions:
- Hosting and infrastructure (e.g. Vercel, AWS).
- Payment processing (e.g. Stripe).
- Email delivery and transactional messaging.
- Analytics and product measurement (e.g. Amplitude, Google Analytics) — only where you have given cookie consent.
- Attribution and marketing (e.g. Adjust, Meta) — only where you have given cookie consent.
- Customer-support tooling.
We may also disclose data to professional advisers, law-enforcement authorities, regulators, and courts where legally required, and to a successor entity in the event of a merger, acquisition or asset sale.
5. International transfers
Some of our processors are located outside the European Economic Area, including in the United States. Where data is transferred outside the EEA we rely on Article 46 GDPR safeguards — primarily the European Commission's Standard Contractual Clauses, supplemented where appropriate by transfer-impact assessments and additional technical safeguards (encryption, pseudonymisation).
6. How long we keep your data
- Active account data: retained while your account exists.
- After account deletion or unsubscription: deleted or anonymised within 30 days, except where we must retain it longer to satisfy legal, accounting, or tax obligations (typically up to 11 years for invoicing records under Croatian tax law).
- Server logs: 90 days.
- Backups: rolling, deleted within 90 days.
7. Your rights under GDPR
You have the rights listed in Articles 15–22 GDPR:
- Access (Art. 15) — request a copy of your data.
- Rectification (Art. 16) — correct inaccurate data.
- Erasure (Art. 17) — request deletion in defined circumstances.
- Restriction (Art. 18) — ask us to limit processing.
- Portability (Art. 20) — receive your data in a machine-readable format.
- Objection (Art. 21) — object to processing based on legitimate interests, including profiling for marketing.
- Withdraw consent (Art. 7(3)) at any time.
- Complain to the supervisory authority — see §10.
To exercise any right, email support@srodna-dusa.com. We respond within one month (extendable by two further months for complex requests) and may need to verify your identity.
8. Automated decision-making
We do not make decisions producing legal or similarly significant effects on you based solely on automated processing. The Service generates profile-style content (soulmate sketch, compatibility analysis) for entertainment purposes only, on the basis of inputs you provide.
9. Children
The Service is intended for users 18 years of age or older. We do not knowingly collect personal data from children. If you believe a child has registered, email support@srodna-dusa.com and we will delete the data.
10. Supervisory authority
You have the right to lodge a complaint with the Croatian data-protection authority: AZOP — Agencija za zaštitu osobnih podataka, Selska cesta 136, 10000 Zagreb. EU residents in other member states may complain to their local supervisory authority.
11. Changes to this policy
We may update this policy from time to time. Material changes will be notified by email or in-app at least 30 days before they take effect. The current version is always available at /privacy.
12. Contact
For privacy questions or to exercise your rights: support@srodna-dusa.com.