Security and GDPR are the base layer, not an upsell.
EU (Estonian) controller. Lawful bases, data-subject rights, and a full DPA for business customers.
TLS in transit, row-level security, and private signed-URL file storage.
Registration and VAT fields, plus an optional identity-verification flow.
Export everything as JSON and delete your account at any time.
Invoicing records kept per the Estonian Accounting Act (Raamatupidamise seadus); the rest deleted after closure.
A short, transparent list under DPAs with EU SCC / UK IDTA safeguards.
Read the Privacy Policy, DPA and Terms.