Privacy Policy

Last Updated: January 1, 2026

eConnect ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

1. Information We Collect

1.1 Account Information

When you register, we collect:

  • Email address (required)
  • Password (encrypted, never stored in plain text)
  • Display name (optional)
  • Phone number (optional)
1.2 Billing Information

For paid subscriptions, we collect:

  • Billing address (street, city, country, postal code)
  • Account type (Business or Individual)
  • Company name and tax ID (for business accounts)
  • Payment methods are processed and stored by Stripe (our payment processor)
1.3 Content You Create

We store content you create on the Platform:

  • Restaurant menus, items, descriptions, and images
  • Link-in-bio profiles and social links
  • QR codes and URL redirects
  • Custom branding and design preferences
1.4 Analytics Data

We automatically collect analytics when visitors view your public content:

  • IP address (used to determine country location)
  • Browser type and device information
  • Date and time of access
  • Country location (derived from IP address via ip-api.com)

Analytics are provided to you in your dashboard and are not shared with third parties except as described in this policy.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process payments and manage subscriptions
  • Send transactional emails (payment confirmations, trial reminders, account notifications)
  • Provide customer support
  • Display your public content (menus, profiles) to visitors
  • Generate analytics for your dashboard
  • Comply with legal obligations
  • Marketing Communications: Send you promotional communications via email, Viber, WhatsApp, SMS, and other messaging services about new features, special offers, and product updates. By providing your phone number and email, you consent to receive calls and messages from us, our partners, and our automated systems (including AI agents) for service-related and marketing purposes.

3. Information Sharing

3.1 Stripe (Payment Processing)

Payment information is processed by Stripe, our third-party payment processor. When you subscribe, we share your email, billing address, and tax ID with Stripe. Payment methods (credit cards) are stored by Stripe, not by us. See Stripe's Privacy Policy.

3.2 ip-api.com (Geolocation)

To provide country-level analytics, we send visitor IP addresses to ip-api.com to determine geographic location. No other personal data is shared. See ip-api.com Privacy Policy.

3.3 Marketing Platform (GoHighLevel)

We use GoHighLevel, a third-party marketing automation platform, to send promotional communications. Your contact information (email, phone number) may be stored and processed by GoHighLevel for marketing purposes. GoHighLevel servers may be located outside the European Economic Area.

3.4 Team Access to Your Account

Our team members, including sales representatives and support staff, may access and manage your account on your behalf to provide support, configure features, and assist with service delivery. This access is limited to what is necessary to provide you with quality service.

3.5 Legal Requirements

We may disclose your information if required by law, court order, or government regulation.

4. Cookies

We use cookies for authentication and session management. Essential cookies are necessary for the Service to function. You can disable cookies in your browser, but this may affect Service functionality.

5. Data Retention & Deletion

5.1 Active Accounts

We retain your data as long as your account is active or as needed to provide services.

5.2 After Cancellation or Suspension

When your subscription is cancelled or suspended:

  • Cancelled accounts: 30-day archive offer period, then permanent deletion if not accepted
  • Suspended accounts: 7-day archive offer period, then permanent deletion if not accepted
5.3 What is Deleted

When data is deleted, we permanently remove:

  • All profiles, menus, links, and QR codes
  • All uploaded images and files
  • All personally identifiable analytics data (IP addresses, browser information, timestamps linked to your account)

Deletion is permanent and irreversible. Your account record and email address are retained for security and billing purposes.

5.4 Anonymized Analytics Retention

To improve our service and understand product usage, we retain anonymized, aggregated analytics data after account deletion. This data includes:

  • Country-level geographic statistics (e.g., total views from Croatia)
  • Daily aggregated view/click counts and order statistics
  • Content type statistics (menu views, profile views, orders)

What is NOT retained: IP addresses, browser information, device fingerprints, or any data that could identify individual visitors.

This anonymized data cannot be linked back to you or your visitors and is used solely for platform-wide analytics and service improvement.

5.5 Subscription Audit Records

For legal compliance and financial auditing purposes, we retain:

  • Subscription transaction records (payment history, plan changes, cancellations)
  • Email notification logs (records of emails sent, not email content)

These records contain minimal personal data and are retained permanently for accounting, tax compliance, and dispute resolution purposes.

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information via account settings
  • Deletion: Request account deletion (subject to data retention periods)
  • Portability: Export your data in machine-readable format
  • Opt-Out of Marketing: Unsubscribe from promotional emails, SMS, and messaging communications at any time by using the unsubscribe link in our messages or contacting us
  • Withdraw Consent: Cancel your subscription at any time (subject to commitment period obligations)

To exercise these rights, contact us at office@econnect.rs.

7. Data Security

We implement security measures including:

  • Encrypted passwords (never stored in plain text)
  • Secure database connections
  • HTTPS encryption for data transmission
  • Regular security updates

However, no system is completely secure. We cannot guarantee absolute security of your data.

8. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes take effect 30 days after notification via email. Continued use after the effective date constitutes acceptance.

10. Contact

For privacy questions or to exercise your rights, contact us at office@econnect.rs.