Undes
Get started

Privacy Policy

Last updated: 27 May 2026

This Privacy Policy describes the baseline data practices for the Undes website, account area, licensing flow, and related services.

1. Overview

This Privacy Policy explains how Individual Entrepreneur "A13SOFT" (“Undes”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal data when you visit our website, create an account, purchase or use Undes, contact support, or interact with our services.

2. Controller

Controller: Individual Entrepreneur "A13SOFT"
Registration number: 780322302771
Address: 154 Gagarin Ave., 6, Almaty, Republic of Kazakhstan
Privacy contact: privacy@undes.app

3. Personal data we collect

We may collect the following categories of personal data:

  • account data: name, email address, company name, login identifiers, and account preferences;
  • billing and transaction data: plan, subscription status, order reference, receipt identifiers, payment status, and tax-related information received from Paddle where applicable;
  • license and activation data: license key, activation count, device or installation identifiers, product version, entitlement status, and activation timestamps;
  • support data: messages, issue descriptions, attachments, logs, and troubleshooting information you choose to send us;
  • technical data: IP address, browser type, operating system, timestamps, error logs, security logs, and usage events;
  • product content: prompts, artifacts, configuration, code snippets, repository metadata, or analysis outputs if you submit them to a hosted Undes service or support channel.

4. How we use personal data

We use personal data to:

  • provide, operate, secure, and maintain Undes;
  • create and manage accounts, licenses, subscriptions, and activations;
  • process purchases, renewals, cancellations, refunds, and billing support;
  • respond to support requests and troubleshoot technical issues;
  • detect abuse, fraud, security incidents, and license misuse;
  • improve product reliability, documentation, onboarding, and user experience;
  • send service messages, security notices, product updates, and administrative communications;
  • send marketing communications only where permitted by law and your preferences;
  • comply with legal, tax, accounting, and regulatory obligations.

Where applicable law requires a legal basis, we rely on one or more of the following:

  • performance of a contract, including providing the product, account, license, subscription, and support;
  • legitimate interests, including security, fraud prevention, service improvement, support, and business administration;
  • consent, including optional marketing, certain cookies, and certain data processing choices;
  • legal obligations, including accounting, tax, consumer protection, and regulatory requirements.

6. Payments and Paddle

We may use Paddle to process payments, subscriptions, receipts, taxes, fraud prevention, billing support, subscription management, and refunds. Paddle may collect and process buyer data directly during checkout. Paddle’s own privacy notices and buyer terms may apply to the payment transaction.

We do not store full payment card numbers on our servers.

7. AI providers and BYOK

If you configure Undes with your own AI provider API keys, your prompts, code, artifacts, logs, or other inputs may be sent to the AI providers you choose. In that case, the provider’s own terms, privacy policy, data processing settings, retention settings, and pricing apply.

You are responsible for ensuring that you have the right to submit Customer Content to your selected AI providers and that your configuration meets your internal security and compliance requirements.

8. Sharing personal data

We may share personal data with:

  • payment and subscription providers, including Paddle;
  • hosting, infrastructure, security, analytics, email, and support providers;
  • AI providers selected by you or configured for the service;
  • professional advisers, auditors, accountants, and legal advisers;
  • government authorities, courts, or regulators where required by law;
  • successors in connection with a merger, acquisition, restructuring, or sale of assets.

9. International transfers and data residency

We may process and store personal data in countries other than your country of residence, depending on our hosting, support, payment, AI provider, and infrastructure setup.

Where local data localization or data residency requirements apply, we will take reasonable steps intended to comply with applicable law. This may include selecting appropriate hosting locations, providers, contractual safeguards, or operational controls.

10. Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Policy, including product access, support, security, accounting, tax, legal compliance, dispute resolution, and enforcement of agreements.

Typical retention periods:

  • account data: while the account is active and for a reasonable period after closure;
  • billing records: for the period required by tax, accounting, and legal obligations;
  • support records: as needed to resolve issues and maintain a support history;
  • security logs: for a limited period needed for security, abuse prevention, and incident investigation;
  • marketing preferences: until you unsubscribe or withdraw consent.

11. Your rights

Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, object to processing, withdraw consent, request portability, or complain to a regulator.

To exercise privacy rights, contact us at privacy@undes.app. We may need to verify your identity before responding.

12. Security

We use reasonable technical and organizational measures designed to protect personal data, including access controls, secure communication, logging, monitoring, and restricted access to production systems. No system is completely secure, and we cannot guarantee absolute security.

13. Children

Undes is not intended for children. We do not knowingly collect personal data from children under the age required by applicable law. If you believe a child has provided us personal data, contact us and we will take appropriate steps.

14. Marketing communications

We may send marketing emails only where permitted by law. You can unsubscribe using the link in the email or by contacting us. Service, billing, security, and legal notices are not marketing communications and may still be sent where necessary.

15. Cookies

We use cookies and similar technologies as described in our Cookie Notice.

16. Changes to this Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with the updated date.

17. Contact

Privacy contact: privacy@undes.app.