Privacy Policy
How we collect, use, and protect personal data — for both our customers and website visitors who complete surveys powered by Selge.
1. Who we are and our role
Selge is operated by [OPERATOR_FULL_NAME], [OPERATOR_STREET_ADDRESS], [POSTAL_CODE] [CITY], Germany (“Selge”, “we”, “our”, “us”).
Selge provides an on-site survey widget service (“the Service”) that website operators (“customers”) use to collect feedback from their website visitors. This creates two distinct data processing relationships:
Selge is the data controller. We determine how and why your registration, billing, and dashboard usage data is processed.
Selge is the data processor, acting on behalf of our customer (who is the data controller). Our Data Processing Agreement governs this relationship.
2. Data we collect from customers (dashboard users)
When you create a Selge account and use the dashboard, we collect the following data:
| Data | Purpose | Legal basis |
|---|---|---|
| Email address | Account login, transactional emails (password reset, billing notices) | Art. 6(1)(b) GDPR — contract performance |
| Password (bcrypt hash — never stored in plain text) | Authentication | Art. 6(1)(b) GDPR — contract performance |
| Billing information (processed by Stripe — we never see your full card number) | Subscription management and payment | Art. 6(1)(b) GDPR — contract performance |
| Survey configuration data (questions, settings, targeting rules) | Core service functionality | Art. 6(1)(b) GDPR — contract performance |
| Dashboard usage data (pages visited, features used) | Product improvement | Art. 6(1)(f) GDPR — legitimate interest |
| Error logs and crash reports (via Sentry) | Debugging and service stability | Art. 6(1)(f) GDPR — legitimate interest |
3. Data collected via the survey widget (visitor data)
When a visitor completes a survey on a Selge-powered website, the following data is collected. This data is processed by Selge on behalf of our customer (the website operator), who is the data controller for this data.
| Data | Notes |
|---|---|
| Survey answers | Voluntarily provided by the visitor. May include personal data if the visitor discloses it in open-text fields. |
| Page URL | The URL of the page where the survey was shown. |
| Browser type and version | Used for technical compatibility and dashboard analytics. |
| Device type | Desktop or mobile — for dashboard analytics. |
| Country of origin | Derived from the visitor's IP address at submission time. The full IP address is discarded immediately and never stored. |
| Session identifier | A random ID stored in sessionStorage (not a cookie) to prevent duplicate submissions. Automatically cleared when the browser tab is closed. Cannot track visitors across sessions or sites. |
If you are a website visitor who completed a survey on a Selge-powered website and wish to exercise your GDPR rights, please contact the website operator directly. We will assist them in fulfilling your request in accordance with our DPA.
4. Legal basis for processing
- Art. 6(1)(b) GDPR — Contract performanceProcessing necessary to provide the Service you signed up for (account management, billing, core functionality).
- Art. 6(1)(f) GDPR — Legitimate interestProcessing for product improvement, security, error monitoring, and fraud prevention, where these interests are not overridden by your rights.
- Art. 6(1)(c) GDPR — Legal obligationRetention of invoicing and financial records as required by German tax law (7-year retention under Sec. 147 AO).
- Art. 28 GDPR — Processor relationshipProcessing of visitor survey data on behalf of our customers, under the terms of the Data Processing Agreement.
5. Sub-processors
We use the following third-party sub-processors to operate the Service. All are bound by appropriate data protection agreements.
| Provider | Purpose | Location | Safeguard |
|---|---|---|---|
| Supabase, Inc. | Database storage and authentication | EU (Frankfurt, Germany) | EU region — no transfer needed |
| Hetzner Online GmbH | Application hosting, server infrastructure, and widget script delivery | EU (Germany) | EU region — no transfer needed |
| Stripe, Inc. | Payment processing (customer billing only — not visitor data) | US / EU | Standard Contractual Clauses |
| Anthropic, PBC | AI analysis of open-text survey responses (only when AI summary feature is used) | US | Standard Contractual Clauses |
| Functional Software, Inc. (Sentry) | Error monitoring and crash reporting | US | Standard Contractual Clauses |
| Slack Technologies (Salesforce) | Response notification delivery (when Slack integration is enabled) | US | Standard Contractual Clauses |
We will notify customers of any changes to this sub-processor list with at least 14 days notice, giving customers the opportunity to object.
6. Data retention
| Data type | Retention period |
|---|---|
| Account data (email, settings) | Duration of active account + 30 days after deletion |
| Survey response data | 12 months by default; configurable by the customer |
| Payment and invoice records | 7 years (Sec. 147 AO German tax law) |
| Error logs (Sentry) | 90 days |
| Widget session identifiers | Browser session only (sessionStorage — auto-cleared on tab close) |
After expiry, data is permanently deleted. When you delete your Selge account, all associated data (projects, surveys, responses) is cascade-deleted within 30 days.
7. International data transfers
Our primary data storage is in the EU (Supabase Frankfurt region). Some sub-processors are located in the United States. For all US-based processors, we rely on EU Standard Contractual Clauses (“SCCs”) as the appropriate transfer mechanism pursuant to Art. 46(2)(c) GDPR.
A copy of the applicable SCCs is available on request at privacy@selge.app.
8. Your rights under GDPR
As a data subject under GDPR, you have the following rights. To exercise any of them, contact us at privacy@selge.app. We will respond within 30 days.
- Right of access (Art. 15) — Request a copy of the personal data we hold about you.
- Right to rectification (Art. 16) — Request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations.
- Right to restriction (Art. 18) — Request that we limit the processing of your data in certain circumstances.
- Right to data portability (Art. 20) — Receive your data in a structured, machine-readable format.
- Right to object (Art. 21) — Object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
9. Right to complain to a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). You may contact the supervisory authority in your EU member state of residence or the authority responsible for our place of business:
[STATE_SUPERVISORY_AUTHORITY_NAME]
[AUTHORITY_ADDRESS]
[AUTHORITY_POSTAL_CODE] [AUTHORITY_CITY]
Website: [AUTHORITY_WEBSITE]
Replace with your state authority — e.g. BayLDA for Bavaria, HmbBfDI for Hamburg, BlnBDI for Berlin. Find your authority at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
11. Changes to this privacy policy
We may update this policy from time to time. We will notify active customers of material changes by email at least 14 days before they take effect. The “Last updated” date at the top of this page always reflects the most recent version.
Continued use of the Service after the effective date constitutes acceptance of the updated policy.
12. Contact
For privacy-related enquiries, data subject rights requests, or to obtain a copy of our Standard Contractual Clauses: