Back

Legal

Privacy Policy

Last updated: 2026-05-20

At a glance

The short version of what we collect and why.

  • We store the minimum we need to run the service: account details, business data you enter, usage logs.
  • We never sell your data. No ad networks, no behavioural targeting, no data brokers.
  • AI suggestions are processed by specialised inference providers. Prompts are sent but not used to train their public models.
  • You can export or delete your data any time from Settings.
  • Hosted in EU data centres. Detailed sub-processor list is available in the signed DPA after signup.
01

Who we are

Vetka ("we", "us", "our") is the operator of the Vetka service available at vetka.io. For the purposes of the GDPR, we act as the controller of personal data about you (the account holder) and as a processor of data about your staff and end-customers that you put into the service. Contact the data protection lead at privacy@vetka.io. Full company details are in the Impressum.
02

What we collect

We collect only what is necessary to deliver the service:

  • Account data — email, display name, optional photo, chosen password (hashed, never stored in plaintext), authentication tokens.
  • Business data — company name, venue type, menu items, inventory items, recipes, stock movements, sales orders, shift records, photos of receipts you upload.
  • Usage logs — pages accessed, timestamps, IP address (shortened), browser user-agent, error traces. Used for debugging and abuse prevention.
  • Billing data — handled by our payment processor. We store your customer ID, plan and invoice metadata. Full card numbers never touch our servers.
  • AI interactions — prompts you generate (menu photos, recipe requests, chat queries), response metadata, and counters for quota enforcement.
  • Device data (optional) — if you enable push notifications we store a device-bound push token. If you enable voice stocktakes, audio is processed in the browser and not stored.
03

Why we process it (lawful basis)

  • Contract performance (Art. 6(1)(b) GDPR) — to provide the features you signed up for.
  • Legitimate interest (Art. 6(1)(f) GDPR) — to secure the service, detect abuse, improve features, and operate the business.
  • Legal obligation (Art. 6(1)(c) GDPR) — to keep invoices and billing records as required by tax law (typically 6-8 years depending on country).
  • Consent (Art. 6(1)(a) GDPR) — for optional features like marketing emails or cookies that are not strictly necessary. You can withdraw consent anytime.
04

Who processes it for us

We use trusted infrastructure providers, grouped here by purpose:

  • EU-hosted database, authentication and object storage — primary application data and uploaded assets, kept in EU regions where available.
  • EU-hosted frontend hosting and edge delivery — serves the web application.
  • BMF-certified Cloud-TSE provider — manipulation-proof signing of tax-relevant transactions in line with KassenSichV.
  • Payment processor (forthcoming) — card and bank-transfer processing; full card data stays on the processor’s PCI-DSS Level 1 infrastructure and never touches our servers.
  • AI inference providers — text, vision and voice models. Prompts are transient; per current provider policies, API traffic is not used to train public models.
  • Transactional email provider — welcome, password reset, receipts.
  • Application monitoring provider — anonymised error traces. Personal identifiers are scrubbed before transmission.

All processors are bound by data processing agreements (DPAs) and, where data leaves the EU, Standard Contractual Clauses and supplementary technical measures as required by Schrems II. A current, named list of sub-processors is provided to every Verantwortlicher as part of the signed DPA (Art. 28 DSGVO) inside the application.

05

International transfers

Some of our processors operate outside the EU/EEA (primarily in the US). When this happens, we rely on the EU Commission's Standard Contractual Clauses and (where applicable) the EU-US Data Privacy Framework. You can request a copy of the specific transfer mechanism used for any processor.
06

How long we keep it

  • Account data — for the life of your account, plus up to 30 days after deletion to allow restore requests.
  • Business / operational data — while your account is active; exported or deleted on termination.
  • Billing records — up to 8 years, as required by applicable tax law.
  • Logs — typically 30-90 days.
  • Marketing emails — until you unsubscribe.
07

Your rights under GDPR

You can:
  • Access — get a copy of your data.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion ("right to be forgotten"), subject to retention obligations.
  • Restriction — limit how we process your data.
  • Portability — receive your data in a structured, machine-readable format.
  • Object — stop processing based on legitimate interest, including profiling.
  • Withdraw consent — any time, without affecting prior lawful processing.
  • Lodge a complaint with a supervisory authority (e.g. BfDI in Germany, Garante in Italy, UODO in Poland, AZOP in Croatia).

Most of these can be done directly from the Settings page. For anything else, email privacy@vetka.io. We respond within 30 days.

08

Security

  • Transport-level encryption (HTTPS/TLS) on every request.
  • Encryption at rest for all database and object-storage data (provider-managed keys, AES-256).
  • Row-Level Security at the database layer — one venue cannot read another venue's data, enforced server-side.
  • Role-based access control inside the venue — staff see only what their permissions allow.
  • Audit logs for sensitive operations (user role changes, stocktake closures, financial exports).
  • Regular dependency scans and security patches.

No system is perfectly secure. If you notice a vulnerability, please report it responsibly to security@vetka.io.

09

Cookies & similar technologies

We use strictly necessary cookies to keep you logged in and remember your language preference. We do not use third-party advertising or tracking cookies. If we ever add optional analytics (e.g. PostHog, Mixpanel), we will show a cookie banner before setting any non-essential cookies.
10

Children

Vetka is a business tool and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us personal data, email privacy@vetka.io and we will delete it.
11

AI-specific notes

  • Menu photos you upload are sent to a vision model to extract structured items. The model returns JSON only; the photo is then stored on our Cloud Storage and you can delete it from the menu page.
  • Recipe suggestions, upsell hints, and variance summaries are generated on demand by text models. Prompts include dish names, inventory names and recent stock data, but do not include staff personal details beyond a user ID.
  • Voice features (stocktakes, daily menu, table orders, reservations and shift entry) record a short audio clip when you tap the mic and send it to our server, which uses a speech-to-text provider to transcribe it. The clip is used only for transcription and is not stored by us — only the resulting text is kept. Disable voice mode from AI Settings if that is a concern.
  • You can disable AI features entirely from Management → AI Settings.
12

Data exports & deletion

You can export your data any time — inventory CSV, accounting ZIP with receipts, menu JSON — from the respective sections of the app. Account deletion is available from Settings → Account. After confirmation we delete data within 30 days, except for records we must retain to meet legal obligations (typically billing records for up to 8 years).
13

Changes to this policy

We will post material changes on this page and, where required by law, notify you by email or in-product notice at least 30 days before they take effect.
14

Contact

Privacy questions, DPA requests, or to exercise your rights: privacy@vetka.io. Full contact details are in the Impressum.

This policy is provided in English. A translation may be available for convenience; the English version prevails in case of conflict.