> Privacy Policy _

Last Updated: January 26, 2026

Data Controller: Adam Parák

Contact: privacy@rekt.su

This service is a non-public, restricted-access platform. This policy explains how we process personal data in accordance with the EU General Data Protection Regulation (GDPR).

1. Lawful Basis for Processing

We process your data under the following legal bases:

• Contractual Necessity (Art. 6(1)(b) GDPR): To provide the service you have requested, manage your account, and execute N8N workflows triggered by your actions.
• Legitimate Interests (Art. 6(1)(f) GDPR): To ensure the security of our private infrastructure and prevent unauthorized access.

2. Data Collection & Processing

We adhere to the principle of data minimization. We only process:

• Identity Data: Name and email address provided via Single Sign-On (SSO) (Google or self-hosted identity providers).
• Technical Data: Necessary session cookies and IP addresses for security logging and authentication.
• Workflow Data: Data processed via N8N is limited to the specific parameters required to modify remote data or trigger events as per the service’s functional design.

3. Data Sovereignty & Sole Processor

• Sole Processor: Adam Parák is the sole processor of your data.
• No Data Sales: We do not sell, rent, or trade your personal data.
• Sub-processors: We use Google (for SSO) and our hosting provider. Where data is transferred outside the EEA (e.g., to Google in the USA), we rely on the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs) to ensure an adequate level of protection.

4. Your Rights under GDPR

As an EU data subject, you have the following rights:

• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure (“Right to be Forgotten”): You can request that we delete your data when it is no longer necessary for the purposes for which it was collected.
• Right to Restrict Processing: You can request that we limit how we use your data.
• Right to Data Portability: You can request a transfer of your data to another controller in a machine-readable format.
• Right to Object: You can object to processing based on legitimate interests.

5. Automated Decision-Making

While we use N8N for automation, we do not use your data for automated decision-making that produces legal effects or significantly affects you without human oversight.

6. Data Retention

We retain personal data only for the duration of your authorized access. Once your account is deactivated, data is deleted within 30 days, unless retention is required for legal or security purposes.

7. Right to Lodge a Complaint

If you believe your data has been handled incorrectly, you have the right to lodge a complaint with your local Data Protection Authority (DPA) within the EU.