Privacy Notice

How SolveClaims processes personal data

This notice explains what data we process for website visitors, trial users, and paying customers, why we process it, and what controls are available to you.

Last updated: March 22, 2026 GDPR-ready model Global customer support

1. Scope and roles

Website visitors: SolveClaims acts as data controller for marketing site operations.
App organizations: customer organization is controller for complaint content; SolveClaims is processor.
Platform operations: SolveClaims is controller for security, billing, abuse prevention, and legal compliance.

2. Data categories we process

Identity data: name, work email, organization profile.
Commercial contact data: contact form messages, demo/trial interest metadata, support emails.
Operational case data: complaint details, comments, tasks, workflow history.
Billing data: invoicing profile, transaction references, payment proofs.
Security telemetry: hashed IP, masked IP, user-agent hash, authentication events.
Consent + analytics: only after explicit consent for non-essential categories.

3. Legal basis used

Contract: deliver complaint-management platform and paid services.
Legal obligation: accounting, tax, fraud prevention, and lawful disclosure duties.
Legitimate interest: service security, abuse prevention, incident investigation, service quality.
Consent: analytics and attribution cookies/events on the public marketing site.

4. Data retention (operational policy)

Data type	Retention target	Reason
Website consent audit events	24 months	Proof of consent, compliance defense, audit traceability
Marketing analytics events (consent-based)	13 months	Trend analysis without long-term profiling
Security and abuse logs	12 months	Threat detection, forensics, account protection
Tenant account profile and settings	Contract term + 90 days	Operational continuity and controlled offboarding
Complaint records	Set by customer controller policy	Business/legal requirements defined by each organization
Billing and fiscal documents	According to mandatory accounting law	Tax and bookkeeping compliance

Retention may be extended where legal obligations, dispute handling, or active security investigations require it.

5. International transfers

When data is transferred outside the EEA/UK, we apply appropriate transfer safeguards.
Safeguards may include Standard Contractual Clauses and equivalent transfer controls.
Vendors are selected with security and privacy due diligence.

6. Your rights

Access, correction, deletion, restriction, portability, and objection rights where applicable.
Right to withdraw cookie consent at any time from website cookie settings.
Right to file a complaint with your competent supervisory authority.

7. Security controls

Role-based access controls and tenant isolation by organization boundaries.
Rate limits, abuse throttling, and event-level input validation.
Audit logs for critical actions and billing operations.
Transport security and least-privilege operational model.

8. Contact for privacy requests

For access, deletion, correction, or compliance questions, contact us at privacy@solveclaims.com.

If you are an end-customer of a tenant organization, submit your request first to that organization, which is the primary controller of complaint content.