TL;DR
We do not run trackers, analytics, or advertising cookies on this site. We collect the bare minimum needed to deliver products you bought. Payments and invoicing are handled by Lemon Squeezy as Merchant of Record.
1. Who is the data controller
Lukáš Jeřábek, sole proprietor based in the Czech Republic, operating under the Nevaroq brand.
- IČO (Business ID): 04209419
- Registered address: Nad Šárkou 1513/61, 160 00 Praha 6, Czech Republic
- Contact: hello@nevaroq.com
2. What data we collect — and why
2.1 When you browse this site
We do not use Google Analytics, Facebook Pixel, or any third-party analytics. The site loads Google Fonts from Google's CDN — Google receives your IP address when fonts are fetched. No cookies are set by this site itself.
2.2 When you buy a product
Checkout is handled by Lemon Squeezy Inc., 64 Shirley Road, Southampton, England (Merchant of Record). They collect and process:
- Your name, email address, country, billing address
- Payment method details (card data is processed by Stripe and never sent to us)
- VAT/tax ID if you enter one
After purchase, Lemon Squeezy sends us: your email, name, country, purchase amount, product ID, and license key. We use this to deliver your product and issue support.
2.3 When you email us
Your email address and message content are stored in our email provider's system (Google Workspace) for as long as needed to handle your inquiry.
2.4 License activation
If a product requires a license key, our license server receives: the license key, a hash of your machine ID, and a timestamp. We do not collect your name, IP, or any other identifying data during activation.
3. Legal basis (GDPR Art. 6)
- Contract performance — to deliver your purchase
- Legal obligation — to keep tax records for 10 years (CZ law)
- Legitimate interest — to prevent license key abuse
4. Data retention
- Purchase records: 10 years (Czech tax law)
- License activation logs: 24 months
- Email correspondence: 24 months after last interaction
5. Who we share data with
- Lemon Squeezy — payment processing (MoR)
- Google Workspace — email hosting
- Netlify — site hosting
We do not sell your data. We do not share it for advertising. We share with the above only as needed to operate the service.
6. International transfers
Some processors (Lemon Squeezy, Google) may process data outside the EU. Both rely on Standard Contractual Clauses approved by the EU Commission.
7. Your rights (GDPR)
You can request at any time:
- Access to your data
- Correction of inaccurate data
- Deletion (right to be forgotten) — except where we have a legal duty to retain
- Data portability
- Restriction of processing
- Objection to processing based on legitimate interest
- To lodge a complaint with the Czech Data Protection Authority (ÚOOÚ)
Email hello@nevaroq.com to exercise any of these. We respond within 30 days.
8. Cookies
This site does not set any cookies. We may add a cookie banner in the future only if/when we add functionality that requires cookies. We will never add tracking cookies without explicit consent.
9. Security
The site runs on HTTPS with HSTS preload. We do not store passwords. We do not store payment data. License keys are stored hashed where applicable.
10. Changes
We may update this policy. Material changes will be announced via the site footer or email if you have purchased from us.