Slatewise
SlatewiseBeta

by Serenity

Privacy Policy

Last updated: 19 May 2026

This Privacy Policy explains how Slatewise by Serenity ("Slatewise", "we", "us") collects, uses and protects personal data when you use our production budgeting and scheduling service (the "Service"). We are the data controller for account data, and a data processor for the project content you store in the Service.

1. Data we collect

  • Account data — your name, email address and a password (stored only as a secure hash by our authentication provider).
  • Workspace & project data — the company details, gear, crew roles, budgets, projects and calendar information you enter.
  • Billing data — handled by Stripe. We store only a Stripe customer reference and your current plan/subscription status; we never see or store full card details.
  • Operational logs — minimal technical logs needed to run and secure the Service. We do not run third-party advertising or cross-site behavioural tracking.
  • Product analytics — to understand which features are used and improve the Service, we record a small set of in-app events (e.g. "project created", "PDF generated") via PostHog on its EU Cloud. This is cookieless and pseudonymous: it is keyed only to an internal account identifier — never your name or email — with no IP address stored, no cookies set, and no recording of the content you enter. Because it sets no cookies and is strictly necessary-adjacent and non-intrusive, no consent banner is required; deleting your account severs the link to you.

2. Lawful bases for processing

  • Contract (Art. 6(1)(b) GDPR) — to provide the Service you signed up for.
  • Legitimate interests (Art. 6(1)(f)) — to keep the Service secure and reliable, and for minimal cookieless, pseudonymous product analytics to improve it. We do not use this basis for marketing.
  • Legal obligation (Art. 6(1)(c)) — where retention is required by law (e.g. Stripe retaining billing records for tax).

3. How we use data

Solely to operate, secure and support the Service: authenticating you, storing and displaying your workspace data, processing subscription payments via Stripe, and responding to support requests. We do not sell personal data, and we do not send marketing emails without opt-in.

4. Sub-processors

We rely on a small set of well-known providers. See our sub-processors list for the current set, what they process and where. We give notice before adding a new sub-processor.

5. Data residency & security

Production data is hosted in the European Union. Data is encrypted in transit (TLS) and at rest. Passwords are hashed by our authentication provider. Access to production systems is restricted to authorised personnel.

6. Retention

  • Account and workspace data is retained while your account is active.
  • We may delete accounts inactive for 24 months, after a warning email.
  • On account deletion, your owned workspaces and their data are permanently removed, and disappear from short-term backups within a few days.
  • Billing records are retained by Stripe as required by tax law (typically up to 7 years).

7. Your rights

Under the GDPR you have the right to:

  • Access & portability — download all your data as JSON from your account page at any time.
  • Rectification — edit your profile and workspace data directly in the app.
  • Erasure — permanently delete your account and owned data from your account page.
  • Object / restrict — contact us; since we don't process for optional purposes, deletion is usually the relevant remedy.
  • Complain — to your local supervisory authority. In Greece this is the Hellenic Data Protection Authority (dpa.gr).

8. Children

Slatewise is not intended for anyone under 16. Account creation requires confirming you are at least 16 years old. We do not knowingly process children's data.

9. Contact

For any privacy request or question, contact privacy@slatewise.app. We respond to data subject requests within 30 days.