Privacy Policy

Effective date: April 13th, 2026
Last updated: April 13th, 2026

This Privacy Policy explains how Pragmatiqu IT GmbH, Ribnigstraße 4, 9580 St. Niklas an der Drau, Austria ("we", "us", "Pragmatiqu") collects, uses, and protects your personal data when you use laravelui5.com ("Site") and related services.

1. Data controller

Pragmatiqu IT GmbH
Ribnigstraße 4
9580 St. Niklas an der Drau
Austria
office@pragmatiqu.io

2. What we collect

Account registration

When you register on the Site, we collect:

Name
Email address
Company name (optional)
Role (optional)
Password (stored hashed, never in plain text)

Automatically collected data

When you visit the Site, we may collect:

IP address
Browser type and version
Operating system
Pages visited and time spent
Referral source

Purchase data

When you purchase the SDK, payment is processed by Paddle.com Market Limited. Paddle collects payment details (credit card, billing address, VAT ID) as the merchant of record. We receive: your name, email, purchase tier, and invoice details. We do not store payment card data.

3. How we use your data

Account management: To provide access to gated documentation and manage your license.
Email communication: To send account verification emails, license-related notifications, and (with consent) product updates.
Lead qualification: Company and role data helps us understand who uses the platform. We do not sell this data.
License management: To associate your account with purchased SDK licenses and Composer repository credentials.
Legal compliance: To fulfill legal obligations (invoicing, tax records, DSGVO requests).

4. Legal basis (DSGVO Art. 6)

Contract performance (Art. 6(1)(b)): Account registration, license management, documentation access.
Legitimate interest (Art. 6(1)(f)): Analytics, security, fraud prevention.
Consent (Art. 6(1)(a)): Marketing emails (opt-in only).
Legal obligation (Art. 6(1)(c)): Tax records, invoicing.

5. Sub-processors

Sub-processor	Purpose	Location
Cloudflare, Inc.	Site hosting, edge middleware, DDoS protection	Global (EU nodes available)
Paddle.com Market Limited	Payment processing, merchant of record	UK/EU
Mailtrap (Railsware Products, Inc.)	Transactional email delivery	EU

We maintain Data Processing Agreements (DPAs) with all sub-processors.

6. Data retention

Account data: Retained for the lifetime of your account. Deleted upon request.
Purchase records: Retained for 7 years (Austrian tax law, BAO).
Server logs: Retained for 30 days, then deleted.
Lead profile data: Retained for the lifetime of your account.

7. Your rights (DSGVO)

You have the right to:

Access your personal data (Art. 15)
Rectify inaccurate data (Art. 16)
Erase your data ("right to be forgotten", Art. 17)
Restrict processing (Art. 18)
Data portability (Art. 20)
Object to processing based on legitimate interest (Art. 21)
Withdraw consent at any time (Art. 7(3))

To exercise these rights, email office@pragmatiqu.io. We respond within 30 days.

8. Cookies

The Site uses a single functional cookie:

Auth cookie (HttpOnly, Secure, SameSite): Contains a signed JWT for authentication. Set upon login/registration. Expires after 7 days (verified users) or 1 hour (unverified users). No tracking cookies, no third-party advertising cookies.

9. International transfers

Your data may be processed outside the EU by sub-processors listed above. Transfers are protected by Standard Contractual Clauses (SCCs) or adequacy decisions where applicable.

10. Data security

We protect your data with:

HTTPS/TLS encryption in transit
HttpOnly cookies (no client-side token access)
Edge-level JWT validation (no unnecessary data transmission)
Hashed passwords (bcrypt)
Access controls on all backend systems

11. Children

The Site and SDK are not intended for individuals under 16. We do not knowingly collect data from children.

12. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email. The "Last updated" date at the top reflects the most recent revision.

13. Supervisory authority

You have the right to lodge a complaint with the Austrian Data Protection Authority:

Datenschutzbehörde (DSB)
Barichgasse 40-42, 1030 Wien
dsb@dsb.gv.at
https://www.dsb.gv.at

14. Contact

Pragmatiqu IT GmbH
Ribnigstraße 4
9580 St. Niklas an der Drau
office@pragmatiqu.io

Privacy Policy ​

1. Data controller ​

2. What we collect ​

Account registration ​

Automatically collected data ​

Purchase data ​

3. How we use your data ​

4. Legal basis (DSGVO Art. 6) ​

5. Sub-processors ​

6. Data retention ​

7. Your rights (DSGVO) ​

8. Cookies ​

9. International transfers ​

10. Data security ​

11. Children ​

12. Changes to this policy ​

13. Supervisory authority ​

14. Contact ​