Back to Home
Yocopo Privacy

Privacy Policy

Last Updated: February 17, 2026

1. Introduction

Yocopo ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our policy management service ("Service").

2. Information We Collect

Personal Information You Provide

When you register for and use our Service, we collect:

  • First name and last name
  • Business email address
  • Organization name (if applicable)

Payment Information

  • Payment processing is handled by Stripe
  • We do not store your credit card details on our servers
  • Stripe collects and processes billing information according to their privacy policy
  • We receive limited information from Stripe (such as the last 4 digits of your card) for display purposes

Content You Upload

  • Policy documents and related content you create or upload
  • Approval and acknowledgement records
  • Comments and review notes

Automatically Collected Information

  • Authentication cookies (strictly necessary for the Service to function)
  • Log data including IP addresses, browser type, and access times
  • Usage information about how you interact with the Service

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process your subscription and payments
  • Send you service-related communications (account notifications, updates, security alerts)
  • Respond to your support requests
  • Ensure the security and integrity of the Service
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract: To provide the Service you've subscribed to
  • Legitimate Interest: To improve the Service, ensure security, and prevent fraud
  • Consent: Where you've provided explicit consent for specific purposes
  • Legal Obligation: Where required by law

5. Data Storage and Security

  • Your data is stored on secure servers
  • We use industry-standard security measures including encryption and access controls
  • Database backups are stored securely in Google Cloud Storage
  • Only authorized personnel have access to your data
  • We implement reasonable technical and organizational measures to protect your data

6. Data Retention

  • We retain your personal information for as long as your account is active
  • Upon account deletion, we will delete your personal data within 30 days
  • We may retain certain data longer where required by law or for legitimate business purposes (such as resolving disputes or preventing fraud)
  • Deleted data may persist in backups for up to 90 days before being permanently purged

7. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in these limited circumstances:

Service Providers

  • Stripe for payment processing
  • Google Cloud for hosting and data storage
  • These providers are contractually bound to protect your data and use it only for providing services to us

Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations or court orders
  • Protect our rights or property
  • Prevent fraud or security issues
  • Protect the safety of users or the public

8. Your Data Protection Rights (GDPR)

If you are in the European Economic Area, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a portable format
  • Object: Object to our processing of your data
  • Withdraw Consent: Withdraw consent at any time where we rely on consent

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

9. Data Export

You can export your policy data at any time in PDF or DOCX format through the Service interface.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Cookies and Tracking

Cookies We Use

  • Authentication Cookie: Strictly necessary to keep you logged in (session management)
  • This is an essential cookie required for the Service to function

Third-Party Cookies

We do not currently use third-party cookies or analytics. If this changes, we will update this policy and, where required, seek your consent.

12. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Business Transfers

If Yocopo is acquired by or merged with another company, your data may be transferred to the new entity. We will notify you of any such change and any choices you may have regarding your data.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending an email to your registered email address
  • Displaying a notice in the Service

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

15. Contact Us

For questions, concerns, or to exercise your data protection rights, contact us at:

For GDPR-related inquiries, you may also contact your local data protection authority.

16. Data Controller

For the purposes of GDPR, the data controller is:
Yocopo
Contact: [email protected]

Your Privacy Matters: We are committed to protecting your data and being transparent about our practices. If you have any questions or concerns, please don't hesitate to reach out.