Privacy Policy

1. Data Controller

TheFAQApp (“we,” “our,” or “us”) is the data controller responsible for your personal data. We are based in the Netherlands.

For any data protection inquiries, you can reach us at privacy@thefaq.app.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password. If you sign up using a third-party service (such as Google), we receive your basic profile information from that provider.

Content Data

We store the FAQ content you create, including questions, answers, categories, and any media you upload. This content belongs to you.

Usage Data

We collect analytics data about how visitors interact with your public FAQ pages, including page views, search queries, and feedback ratings. This data helps you understand your audience.

Technical Data

We automatically collect technical information such as IP addresses, browser type, device information, and cookies to ensure service security and performance.

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:

• Contract performance: Processing necessary to provide you with our services (account management, content hosting, analytics).
• Legitimate interests:Improving our service, preventing fraud, and ensuring platform security — where these interests are not overridden by your rights.
• Consent: Where you have given explicit consent, such as subscribing to marketing emails. You can withdraw consent at any time.
• Legal obligation: Where we are required to process data to comply with applicable laws.

4. How We Use Your Information

• To provide, operate, and maintain our service
• To process transactions and send related information
• To send technical notices and support messages
• To respond to your comments and questions
• To analyze usage patterns and improve our service
• To detect and prevent fraud or abuse

5. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers: Companies that help us operate our platform (hosting, analytics, payment processing). These providers are contractually bound to protect your data.
• Legal requirements: When required by law, court order, or to protect our legal rights.
• Business transfers: In connection with a merger, acquisition, or sale of assets, where your data may be transferred as part of the transaction.

6. Data Processing Agreement

When you use TheFAQApp to collect and manage data from your end users, we act as a data processor on your behalf. We offer a Data Processing Agreement (DPA) that covers our obligations under the GDPR, including sub-processor disclosures and standard contractual clauses for international data transfers.

To request a signed DPA, contact us at privacy@thefaq.app.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Specifically:

• Account data: Retained until you delete your account. Upon deletion, personal data is removed within 30 days.
• Content data: Retained until you delete it or close your account. You can export your data at any time.
• Usage analytics: Aggregated and anonymized after 24 months.
• Billing records: Retained for 7 years as required by Dutch tax law.

8. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+) and at rest, secure authentication, access controls, and regular security reviews.

9. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights regarding your personal data:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data.
• Restriction: Request that we limit processing of your data.
• Data portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests.
• Withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@thefaq.app. We will respond within 30 days.

10. Right to Lodge a Complaint

If you believe that our processing of your personal data infringes your rights under the GDPR, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

Autoriteit Persoonsgegevens
Bezuidenhoutseweg 30
2594 AV Den Haag
The Netherlands
Website: autoriteitpersoonsgegevens.nl

11. Cookies

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. You can control cookies through your browser settings. Disabling certain cookies may limit the functionality of our service.

12. International Data Transfers

Your data may be processed in countries outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

13. Children’s Privacy

Our service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or through a prominent notice in our service. Continued use of the service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at privacy@thefaq.app or visit our contact page.