Privacy Policy

TL;DR

• We collect the minimum needed to run your bot: account profile, bot token (encrypted), and the Telegram-supplied identity of each subscriber.
• We do not sell, rent, or share your data with advertisers.
• Card data never touches our servers — Stripe handles it.
• You can export or delete everything from inside the dashboard. GDPR Articles 15–22 apply.
• Data is hosted in the EU (Frankfurt).

1. Who we are

This Privacy Policy describes how mySkua (operated at myskua.com, “we”) handles personal data. For account-related processing we are a Data Controller; for the bot subscribers your bot interacts with, we act as a Data Processor on your behalf — see the DPA.

2. What we collect about you (the account holder)

• Email address, hashed password (bcrypt with per-row salt), display name.
• Bot tokens you provide (encrypted at rest with Fernet using a per-instance secret key).
• Telegram user ID and Google subject identifier if you connect those accounts.
• Subscription tier, plan-status, current period end, and Stripe customer / subscription identifiers.
• Login timestamps and IP addresses (last 30 days) for security and abuse detection.
• Audit log of admin actions you take inside the dashboard (who created / edited / deleted what).

3. What your bot collects about its end users

When a Telegram user sends /start to your bot, we receive what Telegram makes available:

• Telegram user ID, username (if public), full name, language code.
• Source attribution from the /start <payload> deep-link (e.g. ?start=instagram).
• Subscription / activation timestamps for your campaigns.
• Tags you or the auto-tag rules apply.
• Delivery state for every broadcast / auto-message / scheduled-broadcast we send on your behalf (sent / failed / blocked).

We do not collect or store the bodies of messages your subscribers send to the bot beyond what is necessary to dispatch the funnel response. We do not see message opens — Telegram's Bot API does not expose read receipts.

4. What we don't collect

• No card or banking data — Stripe processes payments and we receive only customer / subscription identifiers and the masked last-4 digits of the card via the Customer Portal.
• No location data beyond the country-level lookup of login IPs for fraud detection.
• No third-party analytics or advertising trackers on the dashboard.

5. Why we process it (legal basis under GDPR)

• Performance of a contract (Art. 6(1)(b)) — to run the service you signed up for.
• Legitimate interest (Art. 6(1)(f)) — security, abuse prevention, anonymous aggregate analytics.
• Legal obligation (Art. 6(1)(c)) — tax records, anti-fraud, regulator requests.
• Consent (Art. 6(1)(a)) — only for optional marketing emails you opt into.

6. Where the data lives

Application: Railway (EU – Frankfurt / Amsterdam) — managed PostgreSQL with automated daily backups retained for 30 days. Front-end: Vercel edge network (EU primary). Payments: Stripe Ireland.

7. Sub-processors

We use a short list of well-known sub-processors. The current list:

• Railway Corp. — application hosting, Postgres, object storage. Region: EU.
• Vercel Inc. — front-end edge delivery. Region: EU.
• Stripe Payments Europe Ltd. — subscriptions, invoices, customer portal.
• Postmark / Resend (transactional email) — verification codes, payment notices.
• Sentry GmbH — error reporting (no PII payloads).
• Telegram Messenger LLP — the bot platform itself.

Material changes to sub-processors will be announced at least 30 days in advance via email or in-app banner.

8. Retention

• Account profile: kept while the account is open + 30 days after deletion.
• Bot subscriber rows: as long as the bot exists, with plan-tier-dependent retention windows (7 days on Free, 90 days on Pro, 2 years on Scope) for derived analytics and history.
• Audit logs: 2 years.
• Stripe invoices and tax records: 7 years (legal obligation).
• Backups: 30 days then automatically purged.

9. Your rights (GDPR Articles 15–22)

• Access & portability — request a JSON export of your account + bot data at privacy@myskua.com.
• Rectification — edit your profile in Account → My profile.
• Erasure — Platform → Edit bot → Delete bot wipes a bot. For full account deletion, email us and we'll process within 30 days.
• Restriction / objection — pause processing while we resolve a complaint.
• Withdraw consent — unsubscribe link in every marketing email.
• Complain to a Supervisory Authority — you have the right to lodge a complaint with your local Data Protection Authority.

10. Cookies and similar technologies

We use a single first-party cookie: access_token — HttpOnly, Secure, SameSite=Lax. JWT-encoded, expires after 30 days. No third-party trackers, no advertising cookies.

11. Security

Passwords: bcrypt with per-row salt. Bot tokens: Fernet symmetric encryption. Transport: TLS 1.2+. JWT signing key: 256-bit, stored as an environment variable. Webhook authentication: per-bot secret token verified on every Telegram request. See the Security overview for the full picture.

12. International transfers

Data is processed within the European Union. Where a sub-processor (e.g. Stripe's parent in the US) requires extra-EU transfers, those are covered by Standard Contractual Clauses.

13. Children

mySkua is not directed at children under 16. If you become aware that a child has signed up, contact us and we will delete the account.

14. Updates

Material changes are announced at least 30 days before they take effect. We post the “Last updated” date at the top of this page.

15. Contact

Data Protection: privacy@myskua.com · contact form.