プライバシーポリシー

プライバシーポリシー

最終更新: 15 March 2026

1. Introduction

Disqua ("we", "our", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information about you when you use the Disqua platform ("Service"). We comply with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.

Data controller: Disqua, Czech Republic. For privacy inquiries: privacy@disqua.com

2. Data We Collect

Account data

When you register, we collect your email address, display name, and password (stored as a bcrypt hash). You may optionally provide a profile photo.

Usage data

We collect data about how you use the Service, including messages sent, files uploaded, channels joined, and features used. This data is used to provide and improve the Service.

Communication data

Messages and files you send through Disqua are stored on our EU-based servers. Workspace administrators may have access to workspace content depending on their plan and settings.

Technical data

We automatically collect IP addresses, browser type, device information, and access logs for security and operational purposes.

Billing data

If you subscribe to a paid plan, payment is processed by Stripe. We store your plan status and invoice history but do not store full payment card details.

3. Legal Basis for Processing

  • Contract performance: Processing necessary to provide the Service you subscribed to.
  • Legitimate interests: Security monitoring, fraud prevention, product analytics.
  • Legal obligation: Compliance with applicable laws and regulations.
  • Consent: Marketing emails (you can withdraw consent at any time).

4. Data Storage and Security

All data is stored on servers located within the European Union. We implement industry-standard security measures including encryption at rest and in transit (TLS 1.3), access controls, and regular security audits.

Your data is never sold to third parties. We do not use your content for advertising purposes.

5. Data Sharing

We share data only with:

  • Stripe — Payment processing (EU Standard Contractual Clauses)
  • Email service provider — Transactional emails only
  • Analytics — PostHog (self-hosted EU instance, no third-party cookies)
  • Law enforcement — When legally required, with appropriate legal process

6. Data Retention

Account data is retained while your account is active. Deleted messages are permanently removed within 30 days. After account deletion, we retain billing records for 7 years as required by law, and anonymised analytics data indefinitely.

7. Your Rights (GDPR)

You have the right to:

  • Access — Request a copy of your personal data
  • Rectification — Correct inaccurate data
  • Erasure — Request deletion of your data ("right to be forgotten")
  • Portability — Export your data in a machine-readable format
  • Restriction — Request restriction of processing in certain cases
  • Objection — Object to processing based on legitimate interests
  • Withdraw consent — Where processing is based on consent

To exercise any of these rights, contact privacy@disqua.com. We will respond within 30 days. You may also lodge a complaint with your national data protection authority.

8. Cookies

We use strictly necessary cookies for session management and authentication. We do not use tracking cookies or third-party advertising cookies. You can review our full Cookie Policy.

9. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes at least 14 days in advance via email or in-app notification. The current version is always available at this URL.

11. Contact

For privacy questions or to exercise your rights: privacy@disqua.com
For general inquiries: hello@disqua.com

← 利用規約