Privacy policy
Last updated: February 2026
1. Controller
The data controller responsible for the processing of your personal data in connection with the PeekHire platform is:
Another SaaS EOOD Alabin Street 33, Floor 3, Office 318 1000 Sofia, Bulgaria
Email: hello@anothersaas.io
2. What data we collect
When you use PeekHire, we collect and process the following categories of personal data:
Account data — When you register, we collect your name, email address, company name, and job title. This information is necessary to create and manage your account.
Usage data — We collect information about how you use the platform, including search queries, idea validation results viewed, feature interactions, and session data. This helps us improve the service and provide you with relevant results.
Payment data — If you subscribe to a paid plan, payment information (such as billing address and payment method details) is processed by our payment provider Stripe, Inc. We do not store full card details on our servers.
Communication data — If you contact us by email, we store the content of your correspondence to handle your request and for follow-up purposes.
Technical data — Our servers automatically record IP addresses, browser type, operating system, and access timestamps for security and operational purposes.
3. Purposes and legal bases
We process your personal data for the following purposes and on the following legal bases under GDPR:
| Purpose | Legal basis |
|---|---|
| Providing and operating the PeekHire service | Art. 6(1)(b) — performance of a contract |
| Account management and authentication | Art. 6(1)(b) — performance of a contract |
| Processing subscription payments | Art. 6(1)(b) — performance of a contract |
| Improving and developing the platform | Art. 6(1)(f) — legitimate interests |
| Sending service-related notifications | Art. 6(1)(b) — performance of a contract |
| Security, fraud prevention, and abuse detection | Art. 6(1)(f) — legitimate interests |
| Complying with legal obligations | Art. 6(1)(c) — legal obligation |
4. Third-party services
We work with the following service providers who may process your personal data on our behalf:
Stripe, Inc. — Payment processing. Stripe processes payment information under its own privacy policy and applicable data processing agreements. Stripe is certified under applicable data protection standards. Learn more at stripe.com/privacy.
Hosting provider — PeekHire is hosted on infrastructure provided by a cloud hosting provider. Server logs containing technical data (IP addresses, access times) are processed on their servers. Data processing agreements are in place with all infrastructure providers.
We do not sell, rent, or otherwise share your personal data with third parties for their own marketing purposes.
5. Data retention
We retain your personal data for as long as your account is active or as needed to provide the service. Specifically:
- Account data: Retained for the duration of your account and deleted within 90 days after account closure upon request.
- Usage data: Retained for up to 24 months to support service improvement; aggregated after that.
- Payment records: Retained for 10 years to comply with tax and accounting obligations.
- Server logs: Deleted within 30 days unless retained longer for security investigations.
- Email correspondence: Retained for the duration of the business relationship plus a reasonable administrative period.
6. Your rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access — You can request a copy of the personal data we hold about you.
- Right to rectification — You can request correction of inaccurate or incomplete data.
- Right to erasure — You can request deletion of your personal data, subject to legal retention obligations.
- Right to restriction — You can request that we limit the processing of your data in certain circumstances.
- Right to data portability — You can receive your data in a structured, machine-readable format.
- Right to object — You can object to processing based on legitimate interests.
- Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at hello@anothersaas.io. We will respond within 30 days.
7. Supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority. Because Another SaaS EOOD is established in Bulgaria, the lead supervisory authority under GDPR's one-stop-shop mechanism is:
Commission for Personal Data Protection (CPDP) — Lead Supervisory Authority 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria Website: cpdp.bg
You may also lodge a complaint with the supervisory authority in your country of residence. This authority will cooperate with the CPDP under GDPR procedures. For example, users in Germany may contact:
Federal Commissioner for Data Protection and Freedom of Information (BfDI) Website: bfdi.bund.de
8. Data security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. All data transmitted between your browser and our servers is encrypted using HTTPS. Access to personal data within our organization is restricted on a need-to-know basis.
No method of transmission over the internet or electronic storage is 100% secure. We strive to use commercially acceptable means to protect your data, but cannot guarantee absolute security.
9. Changes to this policy
We may update this privacy policy from time to time. We will notify you of significant changes by email or through a prominent notice in the application. The date at the top of this policy indicates when it was last revised.