Privacy Policy
Last updated: July 10, 2026
This Privacy Policy explains how Secret Beaches Greece ("we", "us") collects and processes
personal data when you use https://secretbeaches.aitools.rs, in accordance with the EU General Data
Protection Regulation (GDPR).
1. Data We Collect
- Account data: email address, and name if provided.
- Usage data: pages visited, searches performed, favorites saved, IP address, browser/device type.
- Payment data: handled entirely by Paddle.com Market Limited; we do not store card numbers.
We receive only your subscription status, plan, and Paddle customer ID.
- Cookies: see Section 5 below.
2. How We Use Your Data
- To provide passwordless login (magic links) and maintain your session.
- To operate and improve the Service, including personalized recommendations.
- To process payments and manage subscriptions via Paddle.
- To send transactional emails (login links, receipts) and, only with your explicit opt-in, marketing emails.
- To maintain security and prevent abuse.
3. Legal Basis for Processing
We process your data based on: performance of a contract (providing the Service you signed up for),
your consent (marketing communications, non-essential cookies), and our legitimate interest (security,
fraud prevention, service improvement).
4. Data Sharing
We share data with the following categories of processors, strictly as needed to operate the Service:
- Paddle.com Market Limited - payment processing and billing (Merchant of Record).
- Our email/SMTP provider - sending login and transactional emails.
- Hosting provider - storing application data.
- AI processing (Anthropic) - generating summaries and search results from aggregated public data. No personal account data is sent to the AI provider as part of this processing.
We do not sell your personal data to third parties.
5. Cookies
We use: (a) essential cookies required for login sessions and core functionality, which
cannot be disabled; (b) analytics cookies to understand aggregate usage patterns; and
(c) marketing cookies used only if you opt in via the cookie consent banner. You can change
your cookie preferences at any time via the "Cookie Settings" link in the footer.
6. Data Retention
Account data is retained while your account is active. If you delete your account, we remove personal
data within 30 days, except where retention is required for legal, tax, or fraud-prevention purposes
(e.g. Paddle transaction records).
7. Your Rights (GDPR)
You have the right to: access your data, request correction or deletion, restrict or object to
processing, request data portability, and withdraw consent at any time. To exercise these rights, contact
us at markomark@gmail.com. You
also have the right to lodge a complaint with your local data protection authority.
8. International Transfers
Some of our processors (e.g. Paddle, hosting/AI providers) may process data outside the EEA under
appropriate safeguards such as Standard Contractual Clauses.
9. Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect data from children.
10. Contact
Data controller: Secret Beaches Greece. Contact:
markomark@gmail.com.