CalcHub

Privacy Policy

Effective date: May 1, 2026

This Privacy Policy explains how CalcHub (“we”, “us”) collects, uses, and shares personal data when you visit our website, sign up for an account, or use our services. CalcHub is operated by Luka Hrachov, a sole trader registered in Ukraine, acting as the data controller for the personal data described below.

1. What we collect

  • Account data: name, email address, hashed password, locale, account role, and Google OAuth identifier when you sign in with Google.
  • Billing data: subscription plan, renewal date, and Paddle customer ID. We do not store full card numbers — payment data is collected and processed by Paddle (the Merchant of Record).
  • Product data: calculators you create, settings, integrations (e.g. Odoo connection details, SMTP credentials for your bots — stored encrypted), and chat sessions with the AI builder.
  • Lead data: information end-users submit through calculators you embed (typically name, email, phone, telegram, plus the form values). You are the data controller for this data; we process it on your behalf.
  • Usage data: pages visited, calculator impressions and submissions, AI generation counts, IP address, browser, and device type. Used for analytics, abuse prevention, and rate-limiting.
  • Cookies: a session cookie (NextAuth) for authentication, and locale preference. We do not use third-party advertising cookies.

2. Why we use it (legal bases)

  • To provide the service — performance of contract (Art. 6(1)(b) GDPR).
  • To bill you — performance of contract; Paddle’s legal obligations as Merchant of Record.
  • To prevent abuse and secure the platform — legitimate interest (Art. 6(1)(f) GDPR).
  • To send transactional emails (verification, password reset, billing receipts) — performance of contract.
  • To send product updates — your consent, which you can withdraw at any time.

3. Who we share it with

  • Paddle — payment processor and Merchant of Record. Receives billing-related data when you subscribe.
  • Anthropic — provider of the AI models used by the chat-based calculator builder and bot replies. Receives the chat content you send.
  • Hosting and infrastructure providers — operators of our servers and database.
  • Email delivery — outbound transactional email is sent through SMTP servers configured by us (platform email) or by you (per-bot SMTP for your conversations).
  • Authorities — when required by law or to defend our legal rights.

We do not sell personal data to third parties.

4. International transfers

Some of our processors are located outside the European Economic Area or Ukraine. Where such transfers occur, we rely on Standard Contractual Clauses or equivalent safeguards approved by EU and Ukrainian data protection authorities.

5. Retention

  • Account data: while your account is active, plus up to 30 days after deletion.
  • Billing records: kept by Paddle in line with their tax / accounting obligations (typically 7–10 years).
  • Lead data: retained until you delete the lead or your account.
  • Usage logs: 90 days, unless flagged for fraud investigation.
  • AI chat history: kept until you delete it or close your account.

6. Your rights

If you are in the EEA, UK, or Ukraine, you have the right to:

  • Access the personal data we hold about you and receive a portable copy.
  • Correct inaccurate data.
  • Request deletion of your account and associated data.
  • Object to or restrict certain processing.
  • Withdraw consent at any time (without affecting the lawfulness of processing carried out before withdrawal).
  • Lodge a complaint with the data protection authority of your country.

To exercise any of these rights, email admincalchub@gmail.com from the address linked to your account.

7. Security

We use HTTPS/TLS for all traffic, hash passwords with bcrypt, encrypt sensitive integration credentials at rest, and apply rate-limiting on authentication endpoints. No internet service can guarantee absolute security; please notify us immediately at admincalchub@gmail.com if you suspect unauthorised access to your account.

8. Children

CalcHub is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us so we can delete it.

9. Changes

We will post any updates to this Policy on this page and update the “Effective date” above. Material changes will also be sent by email.

10. Contact

Questions or requests? admincalchub@gmail.com.