Legal
Privacy Policy
This Privacy Policy explains how CRA Ledger processes personal data through this website and its public contact, early access, and demo request forms.
1. Controller
2. Scope of this policy
This Privacy Policy applies to the CRA Ledger website and public forms, including contact, early access, and demo request forms.
3. Website access and log files
When visitors access the website, technical data such as IP address, browser type, device information, request time, referring page, and requested URL may be processed by hosting, DNS, and security providers. This processing supports website delivery, security, troubleshooting, and abuse prevention.
4. Contact, early access, and demo forms
Public forms may collect name, work email, company, role, message or request details, consent confirmation, timestamp, and submitted page or form type. The information is used to respond to the request and manage follow-up communication.
5. Purposes of processing
Personal data may be processed to respond to inquiries, manage demo requests, manage early access requests, operate and secure the website, and maintain business communication records.
6. Legal basis
Where a visitor asks about the product, a demo, or early access, processing may be based on Art. 6(1)(b) GDPR for pre-contractual communication. Website operation, inquiry handling, security, and business communication records may be based on legitimate interests under Art. 6(1)(f) GDPR. Where consent is explicitly requested, processing may be based on Art. 6(1)(a) GDPR.
7. Email and form processing providers
CRA Ledger uses netcup for website hosting, Cloudflare for domain, DNS, and security services, Zoho Mail for business email, and Brevo for website form notifications.
8. Recipients and processors
Personal data may be processed by service providers necessary for website delivery, email handling, form notifications, DNS and security services, hosting, and operational troubleshooting.
9. International transfers
Some providers may process data outside the EU/EEA depending on configuration. Where applicable, appropriate safeguards such as standard contractual clauses or equivalent transfer mechanisms should be used.
10. Retention
Inquiries are retained only as long as needed to respond, manage follow-up, maintain business records, or meet legal obligations. Users can request deletion where legally possible.
11. User rights
Subject to applicable legal requirements, users may have rights of access, rectification, deletion, restriction, portability, objection, withdrawal of consent where consent is used, and complaint with a supervisory authority.
12. Cookies and analytics
At this stage, the website does not intentionally use non-essential analytics or tracking cookies unless separately configured. If analytics, advertising, or tracking tools are added later, this policy and any required consent mechanism should be updated.
13. Security
CRA Ledger uses HTTPS, restricted access to operational systems, and reasonable operational safeguards for website and form handling. No security certification, audit status, or compliance guarantee is claimed on this basis.
14. Changes to this policy
This policy may be updated as the website, product, providers, or processing activities evolve.
15. Contact
Privacy questions can be sent to [email protected].