Privacy Policy

1. Introduction

This Privacy Policy explains how IRENA KRNJAJIC PR SENITZA, operating as noDeco (“noDeco”, “we”, “us”, or “our”), collects, uses, and protects personal data when you use our website and software platform (the “Service”).

noDeco is a business-to-business (B2B) SaaS platform designed for dive centers.

We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), where applicable.

2. Who We Are

Legal entity: Irena Krnjajic PR Senitza
Registered address: Omladinskih brigada 10, Belgrade
Country: Serbia
Contact email: hello@nodeco.app

For the purposes of data protection laws, we act as:

  • Data Controller for account and website data
  • Data Processor for data uploaded into the platform by our customers

3. Data We Collect

A. Account & Business Information

When you create an account or subscribe, we may collect:

  • Name
  • Business name
  • Business address
  • Email address
  • Phone number
  • Login credentials
  • Subscription plan information

B. Payment Information

All payments are processed by Paddle.com Market Limited (UK) or Paddle.com Inc. (USA) as Merchant of Record.

We do not store full payment card details.

Paddle collects and processes:

  • Billing information
  • Payment method details
  • Tax identification details
  • Transaction history

Paddle’s Privacy Policy is available at: https://www.paddle.com/legal/privacy

C. Platform Data (Customer Data)

As part of the Service, dive centers may upload and manage:

  • Customer names
  • Contact details
  • Dive history
  • Booking information
  • Instructor assignments
  • Business performance data

In this case:

  • You (the dive center) are the Data Controller
  • noDeco acts as the Data Processor

We process this data only to provide the Service.

D. Technical & Usage Data

We may collect:

  • IP address
  • Browser type
  • Device information
  • Log files
  • Usage analytics
  • Error reports

This helps us improve system performance and security.

4. How We Use Data

We use collected data to:

  • Provide and maintain the Service
  • Process subscriptions
  • Communicate with users
  • Improve functionality
  • Ensure security
  • Comply with legal obligations

We do not sell personal data.

5. Legal Basis for Processing (GDPR)

Where GDPR applies, processing is based on:

  • Contractual necessity (to provide the Service)
  • Legitimate interest (security, analytics, service improvement)
  • Legal obligation (tax and accounting compliance)
  • Consent (where applicable)

6. Data Sharing

We may share data with:

  • Paddle (payment processing and tax compliance)
  • Hosting providers (cloud infrastructure)
  • Analytics providers
  • Professional advisors (legal, accounting)

All third-party providers are required to maintain appropriate security measures. We do not sell or rent data to third parties.

7. International Transfers

Your data may be processed in countries outside your jurisdiction, including:

  • United Kingdom
  • United States
  • European Union

Where required, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

8. Data Retention

We retain data:

  • For as long as your account is active
  • As required by legal obligations
  • As necessary for dispute resolution

Upon termination, data may be deleted or anonymized within a reasonable timeframe, unless retention is legally required.

9. Security

We implement appropriate technical and organizational measures to protect data, including:

  • Encrypted connections (HTTPS)
  • Access control
  • Role-based permissions
  • Secure hosting environments

However, no system is completely secure, and we cannot guarantee absolute security.

10. Your Rights

Where applicable under GDPR or similar laws, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability

To exercise these rights, contact: hello@nodeco.app

If you are a dive center using noDeco, requests related to your customers’ data must be handled by you as Data Controller.

11. Cookies

We may use cookies and similar technologies for:

  • Authentication
  • Analytics
  • Performance monitoring

You may control cookies via your browser settings.

12. Children

The Service is intended for business users and not directed at individuals under 18.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes become effective upon posting the updated version.

14. Contact

Irena Krnjajic PR Senitza
Omladinskih brigada 10
Belgrade, Serbia
hello@nodeco.app