Privacy Policy

Privacy Policy

Last updated: May 2026

1. Who We Are

This website is operated by Here2Help.chat ("we", "us", "our"). We are committed to protecting your privacy and handling your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Slovenian data protection law.

If you have any questions about this Privacy Policy or how we handle your data, you can contact us at:

Email: info@here2help.chat
Website: https://here2help.chat

2. What Personal Data We Collect

We collect personal data in the following ways:

2.1 Contact Form

When you use our contact form, we collect your name, email address, company name, and the content of your message. We use this information to respond to your inquiry and to evaluate whether our services may be a good fit for your business.

2.2 Client Registration and Account

If you become a client, we collect additional information during the registration process, including your first and last name, username, password (stored in encrypted form), company details (name, address, tax information) required for billing purposes, and your website URL. This data is necessary for the performance of our contract with you and to provide access to the client portal.

2.3 Payment Processing

Payments for our services are processed through Stripe, a third-party payment processor. When you make a payment, Stripe collects and processes your payment card details directly. We do not store your full credit card number on our servers. For more information about how Stripe handles your data, please review Stripe's Privacy Policy.

2.4 Website Analytics

We use Google Analytics to understand how visitors use our website. Google Analytics collects data such as your IP address (anonymised), browser type, operating system, referring pages, and pages visited. This data is collected only with your consent, which you can manage through our cookie consent banner. For more details on cookies, please see our Cookie Policy.

2.5 Automatically Collected Data

When you visit our website, our servers automatically collect certain technical data, including your IP address, browser type and version, and the date and time of your visit. This data is necessary for the secure operation of the website and is processed based on our legitimate interest in maintaining website security and functionality.

3. Why We Process Your Data (Legal Basis)

We process your personal data based on the following legal grounds under the GDPR:

  • Consent (Art. 6(1)(a) GDPR) — for analytics cookies and marketing cookies, which you can accept or decline via our cookie consent banner.
  • Performance of a contract (Art. 6(1)(b) GDPR) — to create and manage your account, process your subscription payments, and provide access to our services and client portal.
  • Legitimate interest (Art. 6(1)(f) GDPR) — to respond to contact form inquiries, maintain website security, and improve our services. Our legitimate interest in these cases is balanced against your rights and does not override your fundamental privacy interests.
  • Legal obligation (Art. 6(1)(c) GDPR) — to comply with applicable tax, accounting, and regulatory requirements related to billing and invoicing.

4. Who We Share Your Data With

We do not sell your personal data. We share your data only with the following third parties, solely to the extent necessary to provide our services:

  • Stripe — for payment processing. Stripe acts as an independent data controller for payment data. See Stripe's Privacy Policy.
  • Google Analytics — for website usage analytics (only when you have given consent). See Google's Privacy Policy.
  • Hosting provider — our website and application are hosted on servers located within the European Union.

If we engage any additional service providers in the future, we will ensure appropriate data processing agreements are in place and update this policy accordingly.

5. International Data Transfers

Our servers are located within the European Union. Some of our third-party providers (such as Stripe and Google) may transfer data outside the EU/EEA. Where such transfers occur, they are protected by appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission or adequacy decisions, in accordance with Chapter V of the GDPR.

6. How Long We Keep Your Data

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:

  • Contact form submissions — retained for up to 12 months after your inquiry has been resolved, unless a business relationship is established.
  • Client account data — retained for the duration of your active subscription and for up to 5 years after account closure, as required for tax and accounting purposes.
  • Payment records — retained as required by applicable tax and accounting legislation (typically 5–10 years).
  • Analytics data — retained according to Google Analytics' data retention settings, which we have configured to the minimum period necessary.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct inaccurate or incomplete data.
  • Right to erasure — you can ask us to delete your personal data, subject to legal retention requirements.
  • Right to restrict processing — you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability — you can request your data in a structured, commonly used, machine-readable format.
  • Right to object — you can object to processing based on legitimate interest.
  • Right to withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@here2help.chat. We will respond to your request within 30 days.

8. Cookies

Our website uses cookies. When you first visit, our cookie consent banner allows you to choose which categories of cookies to accept: necessary cookies, analytics cookies, and marketing cookies. You can change your preferences at any time. For full details about the cookies we use, please refer to our Cookie Policy.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encrypted data transmission (SSL/TLS), secure password storage, access controls, and regular security reviews. While no system is entirely risk-free, we are committed to maintaining a high standard of data protection.

10. Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.

12. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority. In Slovenia, the relevant authority is:

Informacijski pooblaščenec (Information Commissioner)
Dunajska cesta 22, 1000 Ljubljana, Slovenia
Phone: +386 1 230 97 30
Website: www.ip-rs.si
Email: gp.ip@ip-rs.si