Home/Privacy Policy
Legal

Privacy Policy

How we collect, use and protect your personal data, in line with the GDPR and Cyprus law.

Last updated: 8 June 2026
PandaServe LTD · GDPR

This policy explains how PandaServe LTD (reg. no. HE 317541) collects and uses your personal data when you use PandaRoc, in line with the EU General Data Protection Regulation (GDPR) and Cyprus law.

01Who is responsible for your data

The data controller is PandaServe LTD, Chrysanthou Mylona 1, Panayides Building, Floor 3, Office 1, 3030 Limassol, Cyprus. Contact: hello@pandaserve.eu.

02What we collect

  • Account details: your name, email address, and a securely hashed password.
  • Subscription and billing: handled by Stripe. We store a Stripe customer reference and your subscription status and plan; we do not store your card details.
  • Device information: a machine fingerprint and device name, used to activate and enforce your license.
  • Diagnostics: limited logs and error reports to keep the service reliable.

03What we do not collect

Your ROC eFiling credentials and the certificates you download stay on your own device and are never transmitted to or stored by us.

04Why we use your data and our legal basis

  • To provide and operate the service (performance of our contract with you).
  • To process payments and manage subscriptions (performance of our contract).
  • To activate licenses and prevent abuse (our legitimate interests).
  • To meet accounting and legal obligations (legal obligation).

05Service providers

We share data only with providers that help us run PandaRoc: Stripe (payment processing), Railway (server and database hosting), and Cloudflare (website hosting). These providers act on our instructions, and some may process data outside the EEA under appropriate safeguards.

06How long we keep it

We keep your data while your account is active and for as long as needed to meet legal and accounting obligations, after which it is deleted or anonymised.

07Your rights

Under the GDPR you have the right to access, correct, delete, restrict, or port your data, and to object to certain processing. To exercise any of these, email hello@pandaserve.eu. You also have the right to lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection.

08Cookies and local storage

Our website uses your browser's local storage to keep you signed in (your login tokens). We do not use advertising or third-party tracking cookies.

09Contact

Questions about your privacy? Email hello@pandaserve.eu.

This document is provided for general information and is not legal advice.