Privacy Policy

1. Who We Are

Sure is operated by ySure AB, a company registered in Sweden, with its registered office at Kungsgatan 12, 111 21 Stockholm, Sweden. We are the data controller for the personal data processed via our Service and website.

If you have any questions, you can contact us at:

• Email: support@ysure.io

2. Data We Collect

We collect and process the following types of data:

a. Account Data

• Name, email, company name, job title
• Login credentials
• Subscription and billing information

b. Usage Data

• IP address, browser type, operating system
• Log files, timestamps, feature usage
• Cookies and analytics identifiers

c. Uploaded/Analyzed Content

• Documents, codebases, or other materials you upload or analyze using our AI tools

d. Support & Communication

• Emails or chats with support
• Feedback, bug reports, and survey responses

We do not intentionally collect sensitive personal data (e.g., racial origin, political opinions, health data).

3. How We Use Your Data

We process your data for the following purposes:

• To provide and maintain the Service
• To analyze and improve performance and security
• To offer customer support
• To send transactional or relevant service communications
• To comply with legal obligations

We may use aggregated or anonymized data for analytics and product development.

4. Legal Bases for Processing

We rely on the following legal bases under GDPR:

• Contractual necessity – to deliver the services you signed up for
• Legitimate interest – to improve our platform, ensure security, and prevent misuse
• Consent – where required for certain cookies or marketing
• Legal obligation – to comply with applicable laws

5. Data Sharing and Subprocessors

We do not sell your personal data. We may share data with trusted third parties that help us provide the Service, such as:

• Cloud infrastructure providers (e.g., AWS, GCP)
• Analytics tools (e.g., Matomo, Plausible, or Google Analytics)
• Payment processors (e.g., Stripe)
• Customer support platforms

All subprocessors are under contractual obligations to process data only on our instructions and with appropriate safeguards. A list of current subprocessors is available on request.

6. International Transfers

Your data may be transferred outside the European Economic Area (EEA), including to the United States. When we do this, we use:

• EU Commission-approved Standard Contractual Clauses (SCCs)
• Adequacy decisions (where applicable)

We take steps to ensure your data receives adequate protection.

7. Data Retention

We retain your personal data for as long as necessary to:

• Provide the Service
• Comply with legal obligations
• Resolve disputes and enforce agreements

Upon request or account closure, your data will be deleted or anonymized, unless we are legally required to retain it.

8. Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data ("right to be forgotten")
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a Data Protection Authority (e.g., CNIL, DPA, ICO)

To exercise your rights, contact us at support@ysure.io.

9. Cookies

We use essential and analytics cookies to operate and improve the Service. Where required, we obtain your consent via a cookie banner. You can manage cookies via your browser settings or our cookie preferences tool.

10. Security

We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, and regular audits. However, no method of transmission over the Internet is 100% secure. Please contact us if you suspect any unauthorized access.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in law, our services, or technology. We will notify you of significant changes via email or in-app notifications.

12. Contact Us

For any privacy-related questions or requests:

• Email: support@ysure.io
• Address: Kungsgatan 12, 111 21 Stockholm, Sweden