Skip In-App logo

Data Protection

Controller

Skip In-App (operated by OneGuard)
Munich, Germany
Contact: support@skip-in.app

Data We Collect

  • Account data: Name, email address, and authentication metadata needed to sign in.
  • Subscription and billing data: Plan selections, invoices, and billing address details for paid workspaces.
  • Payment data via Stripe: Payment method tokens, billing address, and tax/VAT details handled by Stripe as our payment processor.
  • Product usage: Basic log events (e.g., device/browser info, timestamps, feature usage) for reliability, abuse prevention, and product improvement.
  • Support: Messages and attachments you send to us when you request help.

Why We Process This Data

  • To provide and improve the Skip In-App service (Art. 6(1)(b) and (f) GDPR).
  • To process payments and manage subscriptions (Art. 6(1)(b) GDPR; legitimate interests for fraud prevention, Art. 6(1)(f)).
  • To communicate updates and respond to support (legitimate interests; consent where required).
  • To meet legal obligations such as accounting and tax retention (Art. 6(1)(c) GDPR).
  • To secure the service, detect abuse, and maintain reliable operation (legitimate interests).

Processors and Recipients

  • Supabase: Authentication, database, and file storage. Hosted in EU regions where available; protected by data processing agreements and Standard Contractual Clauses when needed.
  • Stripe: Payment processing and invoicing. Stripe acts as an independent controller for some payment data. Transfers outside the EU are protected by Standard Contractual Clauses.

Storage and Deletion

  • Account data remains for the life of your account and is deleted within 30 days of closure unless legal retention applies.
  • Billing and invoice records are kept for statutory retention periods (typically 6-10 years, depending on jurisdiction).
  • Security and access logs are retained for a limited time to detect abuse and ensure stability.
  • Support messages are kept only as long as needed to resolve the request or as required by law.

Security

Data is encrypted in transit and at rest. Access is restricted to authorized personnel. We review permissions regularly, apply security patches, and monitor for abuse.

Your Rights

  • Access, rectification, deletion, and restriction of processing.
  • Data portability for data you provided on the basis of consent or contract.
  • Objection to processing based on legitimate interests or direct marketing.
  • Withdrawal of consent at any time without affecting prior processing.
  • Right to lodge a complaint with your local supervisory authority.

Updates

We may update this notice when we add features or change providers. The current version is always available on this page.

Cookies and analytics

We use Google Analytics to learn how Skip is used. Accept to help us improve, or decline to disable analytics cookies.

Learn how we handle data