ThesisReady
Privacy Policy
GDPR information notice about personal data processing in ThesisReady.
GDPR information notice
The controller of ThesisReady is Ing. Peter Beneš - BENEXTRA, Šancová 3571/43, 831 04 Bratislava, Slovakia, Company ID (IČO): 52 815 901, Tax ID (DIČ): 1046916904, registered in the Trade Register kept by the District Office Dunajská Streda, Trade Register No. 210-416387. Privacy contact: support@thesisready.sk.
No separate Data Protection Officer (DPO) contact is currently published; GDPR requests can be sent to support@thesisready.sk.
Account, payment, credit and report data is needed to provide paid services and saved reports. Document and report data is needed to generate a report. Some technical data is needed for security, abuse prevention and daily free-limit enforcement.
Report generation may use automated technical analysis of document structure and content. It is not a legally significant automated decision, not legal advice, not CRZP, not an official originality check and not a university approval decision.
If data is later used for a materially different purpose, users will be informed where required by law.
Categories of personal data
We process account email, user ID, sign-in/session data, data needed for saved reports, report unlock entitlements, credit ledger entries, billing and payment metadata without storing card details, technical logs, security data, support emails and cookie or analytics identifiers where applicable.
For uploaded documents we process data needed to create the analysis: extracted text, technical extraction metadata, generated report payloads, saved reports and related diagnostics. Original uploaded files are processed to create the analysis and are not intentionally stored as original source files.
Document or report content may include personal data of the author, supervisor, cited persons or third parties. Upload only documents you are authorized to process and submit to ThesisReady.
Purposes, legal basis and legitimate interest
Service provision, accounts, saved reports, credit purchases and report unlocks are processed mainly on the legal basis of contract performance or pre-contract steps.
Payment and accounting records are processed to comply with legal obligations and to protect legal claims. Support emails are processed to handle requests, complaints or disputes.
Technical logs, security events, abuse prevention, fraud prevention, service protection and anonymous daily limit enforcement are processed on the basis of legitimate interest in a secure and fair service.
Analytics or marketing cookies are used only where enabled and where the relevant consent or another appropriate legal basis applies. Google Analytics may be used only after analytics consent if enabled in the current configuration.
Anonymous free daily limits
To enforce free daily limits, ThesisReady may use a technical daily identifier derived from request metadata. This identifier is used for free-limit enforcement, security and abuse prevention.
The technical daily identifier does not contain uploaded document text or raw uploaded document text or original file content. We do not overstate it as fully anonymous in every legal sense; depending on context it may be technical or pseudonymous data.
Retention
Saved reports are retained until the user deletes the report or account unless longer retention is required for law, accounting, tax, fraud prevention, legal claims or disputes.
Account data is kept until account deletion unless there is a legal reason to retain it. Payment, credit ledger and billing records are kept as needed for accounting, tax, disputes, legal claims or mandatory law.
Support emails are kept for a reasonable request and dispute period. Daily limit hashes and technical identifiers are normally kept only as long as needed for daily-limit enforcement, security and debugging. Analytics data follows provider settings and consent configuration.
Recipients, processors and transfers
The service uses these recipients and processors: Vercel for hosting, deployment and infrastructure; Supabase for database, authentication and backend storage; Stripe for payment processing, billing and checkout; Apple/iCloud Mail for support email handling; Google Analytics only if enabled and consented.
Depending on provider configuration, data may be processed outside Slovakia or outside the EU/EEA. Safeguards depend on the provider, contractual setup and current service configuration.
Data subject rights
You have rights of access, rectification, erasure, restriction, portability, objection to processing based on legitimate interest and withdrawal of consent where processing is based on consent. Send requests to support@thesisready.sk.
If you believe that processing of your personal data breaches GDPR or data protection rules, you have the right to lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov SR).