YapMap Privacy Policy
Effective: 06 November 2025 • YapMap Labs GmbH, Rigaer Straße 12, 10247 Berlin, Germany.
1. Overview
YapMap processes text snippets to deliver dimensional usage insights. By design, we operate with transient processing and EU-only hosting. We minimise data collection and support data subject rights under GDPR.
2. Data we process
- Transient text: highlighted phrases are processed in memory and discarded immediately.
- Usage analytics: hashed user ID, timestamp, dimensional metadata (formality/tone/region).
- Account data: email address, authentication tokens via Supabase.
3. Legal basis
We rely on legitimate interest (GDPR Art. 6(1)(f)) for essential processing, and explicit consent (Art. 6(1)(a)) for demo submissions.
4. Retention
- Transient text: 0 seconds (never stored).
- Usage analytics: default 30 days, configurable per workspace.
- Billing records: retained per legal obligations (10 years Germany).
5. Subprocessors
Cloudflare (Workers, Pages), Supabase (Postgres), Stripe (billing), Plausible (analytics). All subprocessors operate within the EU/EWR or provide SCCs.
6. Your rights
Access, rectification, erasure, restriction, objection, and data portability. Email privacy@yapmap.co. Supervisory authority: Berliner Beauftragte für Datenschutz und Informationsfreiheit.