Privacy Policy
Last updated: 14 May 2026
The short version
Your documents are processed in memory and discarded the moment your explanation is returned. We never store, log, or read your payslip contents. We hold only what is needed to run your account and process your payment.
1. Who we are
DutchDecoded is operated by Siya Ntombela, a sole trader (eenmanszaak) registered in the Netherlands (KvK number: to be added on registration).
We are the data controller for personal data processed through this service. For privacy questions, contact us at privacy@dutchdecoded.com.
2. What we collect and why
Account data
When you create an account, we store your email address and a user ID provided by our authentication provider (Clerk). This is necessary to identify your account across sessions. Legal basis: performance of a contract (Article 6(1)(b) GDPR).
Usage data
We store a count of how many documents you have analysed in the current calendar month. This single integer is used to enforce the free tier limit. We do not store which documents were uploaded, their contents, or any data extracted from them. Legal basis: legitimate interest in operating a fair free tier (Article 6(1)(f) GDPR).
Payment data
If you subscribe to the annual plan, we store your Stripe customer ID and subscription status. Card numbers and payment details are handled entirely by Stripe and never reach our servers. Legal basis: performance of a contract (Article 6(1)(b) GDPR).
Documents you upload
Documents (PDFs and images) are converted to base64 in memory, sent to the Anthropic API for analysis, and then discarded. They are never written to a database, object storage, log file, or any persistent medium. Once your explanation is returned, no copy of your document exists on our infrastructure.
3. What we do not collect
- The contents of any document you upload
- Salary figures, tax numbers, BSN, employer names, or any data appearing in your payslip
- Browsing behaviour, analytics events, or tracking cookies
- Device fingerprints or IP addresses (beyond what Vercel's infrastructure logs transiently)
4. Third-party processors
We use the following sub-processors. Each processes only the data necessary for their function.
| Processor | Purpose | Data shared |
|---|---|---|
| Clerk (US) | Authentication | Email address, user ID |
| Stripe (US) | Payment processing | Email, subscription status, payment details |
| Anthropic (US) | Document analysis | Document contents — in-memory only, not stored by Anthropic per their privacy policy |
| Vercel (US) | Application hosting | Transient request data (IP, headers) |
| Neon (US) | Database hosting | Account and usage data (not document contents) |
Clerk, Stripe, Anthropic, Vercel, and Neon are based in the United States. Data transfers are covered by Standard Contractual Clauses (SCCs) as provided by each processor under GDPR Chapter V.
5. Data retention
- Account data — retained for as long as your account is active. Deleted within 30 days of an account deletion request.
- Usage data — monthly document counts are retained for 13 months to support any billing disputes, then deleted.
- Payment data — Stripe customer ID and subscription status are retained for 7 years to meet Dutch tax record-keeping requirements (bewaarplicht).
- Document contents — never retained. Retention period: zero.
6. Your rights
Under GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate data.
- Erasure — ask us to delete your account and associated data.
- Portability — receive your data in a machine-readable format.
- Objection — object to processing based on legitimate interest.
- Restriction — ask us to restrict processing while a complaint is resolved.
To exercise any of these rights, email privacy@dutchdecoded.com. We will respond within 30 days.
You also have the right to lodge a complaint with the Dutch data protection authority: the Autoriteit Persoonsgegevens (AP).
7. Cookies
DutchDecoded does not use advertising or tracking cookies. Our authentication provider (Clerk) sets a session cookie strictly necessary for keeping you logged in. No cookie consent banner is required for strictly necessary cookies under the Dutch Telecommunicatiewet.
8. Changes to this policy
If we make material changes, we will update the date at the top of this page and notify active subscribers by email. Continued use of the service after a change takes effect constitutes acceptance of the updated policy.
9. Contact
For any privacy-related questions or requests: privacy@dutchdecoded.com