Privacy Policy

Last updated: 2026-03-30

This Privacy Policy explains how ProITM Piotr Szczepaniuk ("we", "us", "our") processes personal data in connection with AI QA Agent, on the website URL configured for your deployment (for example via NEXT_PUBLIC_SITE_URL) and related service pages.

We are committed to processing personal data lawfully, transparently, and securely, including under GDPR where applicable.

1. Controller identity

Controller: ProITM Piotr Szczepaniuk, Sole proprietorship (Jednoosobowa dzialalnosc gospodarcza), al. Aleja Wilanowska 95 lok. 8, 02-765 Warszawa, Poland, NIP/VAT ID 1132404367, REGON 523963446.

Contact for privacy matters: contact@loveautomate.com

2. Scope and data subjects

This policy applies to:

  • website visitors and contact form users,
  • account holders and subscription users,
  • product teams using the SaaS application,
  • web QA evidence and finding data uploaded or generated in the platform.

3. Categories of personal data

  • Identity and account data: name, work email, account ID, authentication metadata.
  • Business and billing data: company name, invoice details, VAT/NIP data, billing history.
  • Service data: scan targets, QA artifacts, findings, validation notes, and support context.
  • Technical data: IP address, browser/device data, security and access logs.
  • Communication data: support requests, legal requests, and product feedback correspondence.

4. Sources of personal data

  • Directly from you (registration, billing details, support messages).
  • Automatically from your use of our site/services (logs, analytics, session metadata).
  • From authorized organization users who upload QA-related business data into the platform.

5. Purposes and legal bases (GDPR Art. 6)

  • Provide and maintain the service: performance of contract (Art. 6(1)(b)).
  • Manage subscriptions, invoices, and taxes: legal obligation/contract (Art. 6(1)(b),(c)).
  • Protect service security and prevent abuse: legitimate interest (Art. 6(1)(f)).
  • Handle support and operational communication: contract/legitimate interest (Art. 6(1)(b),(f)).
  • Optional product analytics and marketing communications: consent where required (Art. 6(1)(a)).

6. Controller vs processor context

For account, subscription, and platform operations we act as a data controller. For QA data uploaded by business customers, we may operate as a processor on behalf of that customer.

Where required, data processing terms can be established with business customers to reflect these roles.

7. Recipients and subprocessors

We use trusted service providers for hosting, authentication, data storage, infrastructure, and payment processing. Payment transactions are processed by Stripe. We disclose personal data only as needed for service delivery, legal compliance, or security.

8. International transfers

If personal data is transferred outside the EEA/UK, we apply appropriate safeguards (for example Standard Contractual Clauses and equivalent mechanisms) as required by applicable law.

9. Data retention

  • Account and service data: during active subscription and for a limited period after closure for continuity and legal defense.
  • Billing and tax records: retained as required by applicable Polish and EU accounting/tax regulations.
  • Security logs and diagnostics: retained for incident detection, security response, and auditability.

10. Your rights

Subject to applicable law, you may request access, rectification, erasure, restriction, portability, and objection. You can withdraw consent at any time where processing is based on consent. You may also lodge a complaint with a competent supervisory authority, including UODO in Poland.

11. Cookies and similar technologies

We use essential cookies and may use analytics technologies to improve product performance and user experience. Where legally required, non-essential cookies are used only with consent.

12. Security

We apply technical and organizational safeguards, including access controls, encrypted transport, secure development practices, and role-based permissions.

13. Automated processing and AI assistance

The platform may provide AI-assisted QA recommendations and summaries. Final product and release decisions remain human-driven. We do not perform solely automated legal or similarly significant decisions about individuals.

14. Children's data

Our services are designed for professional/business use and are not intended for children.

15. Changes to this policy

We may update this Privacy Policy from time to time. Material updates will be published on this page with a revised "Last updated" date.

16. Contact

Privacy and legal contact: contact@loveautomate.com. Billing contact: contact@loveautomate.com.