Privacy Policy

1. Introduction

EUAuditPack, a product operated by Monk Technologies ("we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance documentation platform at euauditpack.com (the "Service").

We are an Indian company providing services to businesses selling to EU customers. We process data as a controller for our own Service operations and provide tools that help our customers generate their own compliance documentation.

2. Information We Collect

2.1 Account Information

• Email address (required for authentication)
• Name (optional)
• Company/workspace name
• Company website URL

2.2 Questionnaire Data

When you use our Service, you provide information about your business through our questionnaire, including:

• Product and service descriptions
• Data processing activities
• Third-party vendors and subprocessors
• Data retention policies
• Security measures

2.3 Payment Information

Payment processing is handled by Wise (formerly TransferWise). We do not store your credit card or payment details. We only receive transaction confirmations and payment references from Wise.

2.4 Usage Data

• Log data (IP address, browser type, pages visited)
• Device information
• Feature usage analytics

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Generate compliance documentation based on your inputs
• Process payments and manage subscriptions
• Send transactional emails (account verification, pack generation)
• Improve our Service and develop new features
• Respond to support requests
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data under the following legal bases:

• Contract: Processing necessary to provide our Service to you
• Legitimate Interest: Analytics, security, and service improvement
• Legal Obligation: Compliance with applicable laws
• Consent: Marketing communications (where applicable)

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Cloud hosting (Vercel, Neon), payment processing (Wise), email delivery
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

Our current public-facing infrastructure summary is: Application hosting on Vercel, PostgreSQL through Neon, and payments processed through Wise.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

• Account data: Until account deletion
• Generated packs: Until you delete them or close your account
• Payment records: 7 years (legal/tax requirements)
• Usage logs: 90 days

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain processing activities

To exercise these rights, contact us at privacy@euauditpack.com or use the data export feature in your account settings.

8. International Data Transfers

Our Service is operated from India. If you are located in the EU/EEA, your data may be transferred to and processed in India and other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where applicable.

9. Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), secure database storage, and access controls. However, no method of transmission over the Internet is 100% secure.

10. Cookies

EUAuditPack uses essential cookies for authentication and session management and does not use advertising cookies. See our Cookie Policy for more details about site cookies and cookie-related controls.

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: