Last updated: 13 April 2026
This summary provides key points from our Privacy Policy. You can find full details in the relevant section below.
What data we collect: Your name, email address, payment information, and usage/analytics data.
How we use it: To provide and improve the Service, process payments, communicate with you, and for security and fraud prevention.
Who we share it with: Payment processors (e.g. Stripe), analytics providers (e.g. Google Analytics), and marketing platforms. We do not sell your data.
How long we keep it: Only as long as necessary for the purposes outlined in this policy or as required by law.
Your rights: Under GDPR, you have the right to access, correct, delete, restrict, or port your data, and to object to certain processing.
How to exercise your rights: Contact us at hello@contentpeaks.com or submit a data subject access request.
Complaints: You may lodge a complaint with your national supervisory authority at any time.
This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our web application and SaaS services ("Service"). We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable European data protection laws.
By using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described herein, please discontinue use of our Service.
We act as the Data Controller for personal data collected through our Service. If you have any questions about this Privacy Policy or how we handle your data, please contact us at:
Email: hello@contentpeaks.com
Address: MB Devnexis, Perkūnkiemio g. 19, LT-12120 Vilnius, Lithuania
We collect and process the following categories of personal data:
Full name
Email address
Account credentials (passwords are stored in hashed form)
We process payments through third-party payment processors (e.g., Stripe). We do not store your full payment card details on our servers. The following data may be retained for billing and legal purposes:
Billing name and address
Transaction identifiers and invoice records
Payment status and history
We collect data about how you interact with our Service to improve functionality and user experience:
Pages visited and features used
Session duration and frequency
Browser type, operating system, and device information
IP address (anonymised where possible)
Referring URLs and click behaviour
Under GDPR, we rely on the following legal bases to process your personal data:
Contract performance (Article 6(1)(b)): Processing necessary to provide the Service you have signed up for, including account management and payment processing.
Legitimate interests (Article 6(1)(f)): Processing for analytics, security monitoring, fraud prevention, and improving our Service, where such interests are not overridden by your rights.
Legal obligation (Article 6(1)(c)): Processing required to comply with applicable laws, including tax and financial record-keeping requirements.
Consent (Article 6(1)(a)): Where we rely on consent (e.g., for marketing communications), you may withdraw it at any time without affecting the lawfulness of prior processing.
We use your personal data for the following purposes:
To create and manage your account
To process payments and send invoices
To provide, maintain, and improve the Service
To respond to support requests and communications
To detect, prevent, and address security incidents or fraud
To analyse usage trends and optimise user experience
To send service-related notifications (e.g., account updates, policy changes)
To comply with legal and regulatory obligations
We may share your personal data with the following categories of third parties, each acting under appropriate data processing agreements:
We use payment service providers such as Stripe to process transactions securely. These processors act as independent data controllers or processors and operate under their own privacy policies. We recommend reviewing Stripe’s Privacy Policy at stripe.com/privacy.
We use analytics tools such as Google Analytics to understand how users interact with our Service. Data may be pseudonymised and aggregated. Where required by GDPR, we implement appropriate safeguards such as IP anonymisation and data processing agreements. You can opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.
We may use third-party marketing platforms to manage campaigns, send newsletters, or retarget users with relevant advertising. We ensure that any such sharing is covered by your consent or our legitimate interests, with appropriate opt-out mechanisms provided.
We do not sell your personal data to third parties. We do not share your data with third parties for their own marketing purposes without your explicit consent.
In the event of a merger, acquisition, reorganisation, or sale of all or part of our business assets, your personal data may be transferred to the acquiring entity. We will notify you before your data becomes subject to a different privacy policy.
Some of our third-party providers may transfer your personal data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including:
Standard Contractual Clauses (SCCs) approved by the European Commission
Transfers to countries with an EU adequacy decision
Other appropriate transfer mechanisms under GDPR Chapter V
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting obligations:
Account data: Retained for the duration of your account and up to 3 years after closure
Payment records: Retained for up to 10 years in compliance with Lithuanian accounting law and EU financial regulations
Analytics data: Retained in aggregated or anonymised form for up to 14 months
Marketing data: Until you withdraw consent or unsubscribe
After the applicable retention period, data is securely deleted or anonymised.
As a data subject, you have the following rights under GDPR:
Right of access (Article 15): You may request a copy of the personal data we hold about you.
Right to rectification (Article 16): You may request correction of inaccurate or incomplete data.
Right to erasure (Article 17): You may request deletion of your data where there is no overriding legal basis for continued processing.
Right to restriction of processing (Article 18): You may request that we limit how we use your data in certain circumstances.
Right to data portability (Article 20): You may request your data in a structured, machine-readable format.
Right to object (Article 21): You may object to processing based on legitimate interests or for direct marketing purposes.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at hello@contentpeaks.com or submit a data subject access request (DSAR). We will respond within 30 days. You also have the right to lodge a complaint with your national supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.
Opting out of marketing: You can unsubscribe from marketing communications at any time by clicking the unsubscribe link in any email we send, or by contacting us directly. You will be removed from marketing lists, though we may still send you essential service-related communications.
We use cookies and similar tracking technologies (such as web beacons and pixels) to operate and improve our Service, analyse usage, and for marketing purposes. Some technologies help us maintain security, fix bugs, save your preferences, and assist with basic site functions.
We also permit third-party service providers to use tracking technologies on our Service for analytics and advertising purposes. You can manage your cookie preferences via our cookie consent banner or your browser settings. Note that disabling cookies may affect certain features of the Service.
For more information, please refer to our separate Cookie Policy [link].
Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature you can activate to signal your preference not to have your browsing activities monitored. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or other mechanisms that automatically communicate a preference not to be tracked online.
If a standard for online tracking is adopted that we are required to follow in the future, we will update this Privacy Policy accordingly.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:
Encryption of data in transit (TLS) and at rest
Access controls and authentication mechanisms
Regular security assessments and monitoring
Staff training on data protection obligations
While we strive to protect your data, no method of transmission over the internet is completely secure. In the event of a personal data breach that is likely to result in a high risk to your rights, we will notify you without undue delay as required by GDPR Article 34.
Our Service is intended for use by adults only (18 years of age or older). We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete it.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our website with a revised “Last updated” date and, where appropriate, by email notification.
Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
Email: hello@contentpeaks.com
Postal address: MB Devnexis, Perkūnkiemio g. 19, LT-12120 Vilnius, Lithuania
To review, update, or request deletion of your personal data, you may submit a data subject access request (DSAR) by contacting us at the email above. We will consider and act upon any request in accordance with applicable data protection laws.
We are committed to resolving any concerns you may have regarding your privacy.