GDPR Compliance
How we protect and handle your data
1. Data Collection
ExportCompta collects only the minimum data necessary: email, name, and hashed password for authentication. When you connect Stripe via OAuth, we receive read-only access to transaction data. We do not collect credit card numbers.
2. Storage & Encryption
All data is stored on European servers (German VPS). Communication encrypted via SSL/TLS. Passwords hashed with bcrypt (12 rounds). Stripe OAuth tokens stored encrypted.
3. Automatic Deletion
Generated ZIP files are automatically deleted after 45 days. You can request account deletion at any time. All personal data, packs, and records are permanently removed.
4. Data Portability
Per GDPR Article 20, export all your data anytime. Packs available in CSV, Excel, PDF. Request a complete data export via email.
5. Right to Erasure
Request complete deletion at legal.service@onemarket-ltd.com. Processed within 30 days. Includes account data, packs, history, and Stripe tokens.
6. Sub-processors
Stripe (payment processing, USA with EU data processing), Resend (transactional emails, USA), PostgreSQL on German VPS within EU.
7. Data Controller
ONE MARKET LTD, UK company #11161336. Contact: legal.service@onemarket-ltd.com
Contact our Data Protection Team
legal.service@onemarket-ltd.comONE MARKET LTD - UK Company #11161336