Outils gratuits
CO
Checkin OK

Privacy Policy

Last updated: March 2026

1. Privacy at a Glance

The following information provides a simple overview of what happens to your personal data when you visit our website and use our services. Personal data is any data with which you could be personally identified. This policy is governed by the General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and the Belgian Data Protection Act (Kaderwet of 30 July 2018).

2. Responsible Party

Radom UG (haftungsbeschränkt)

Geschäftsführer: Arber Lamce

Telemannstr. 2

60323 Frankfurt am Main, Germany

Email: support@checkin-ok.be

Due to the size of our company, no data protection officer has been appointed. For data protection inquiries, please contact us at the email address above.

3. Data Collection on Our Website

Cookies

Our website uses technically necessary cookies to ensure proper functionality. These include session cookies and authentication tokens. We use a single authentication cookie ("auth-token") to keep you logged in. No third-party tracking cookies are used.

Server Log Files

Our hosting provider automatically collects and stores information in server log files, which your browser transmits to us. These include your IP address, browser type, operating system, the referring URL, and the time of the server request. This data cannot be assigned to specific persons and is not combined with other data sources.

Registration and User Account

When you create an account, we collect your email address, name (optional), and company name (optional). Passwords are stored only in hashed form using bcrypt. Your account data is used to provide our services, manage subscriptions, and communicate with you about your account.

4. Third-Party Services

Azure OpenAI (Document Processing)

When you upload attendance files, we may use Microsoft Azure OpenAI Service to process and correct data using AI. Data is processed in European data centers. Microsoft does not use your data to train their models.

Stripe (Payment Processing)

For paid subscriptions, we use Stripe as our payment processor. When you subscribe, your payment information is processed directly by Stripe and is not stored on our servers. Stripe's privacy policy applies to all payment data. See: stripe.com/privacy

5. Data Processing for Our Service

Uploaded Documents

When you upload attendance files (CSV, Excel, PDF), the data is processed temporarily to generate NSSO-compliant XML declarations. When image-based extraction is required, temporary files are created during processing and automatically deleted immediately afterwards. For anonymous users, no uploaded data is retained after processing. For registered users, we store declaration metadata (file name, record count, status, date) but do not permanently store the original uploaded files.

Storage Duration

Uploaded files are processed temporarily and deleted immediately after conversion completes. No uploaded files are permanently stored. Generated XML declarations and metadata are automatically deleted after 90 days. Account data is stored for the duration of your account. Upon account deletion, your data is removed immediately and irrevocably, along with all associated declarations and subscriptions. You may delete your account at any time via the Settings page.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — You can request information about the data we store about you.
  • Right to rectification — You can request correction of inaccurate data.
  • Right to erasure — You can request deletion of your data. You can also delete your account yourself via Settings.
  • Right to restriction of processing — You can request that we restrict processing of your data.
  • Right to data portability — You can request your data in a machine-readable format.
  • Right to object — You can object to the processing of your data.
  • Right to withdraw consent — You can withdraw any consent you have given at any time.
  • Right to complain — You have the right to lodge a complaint with a supervisory authority.

As our services are primarily offered in Belgium, you may lodge a complaint with the Belgian Data Protection Authority: Gegevensbeschermingsautoriteit (GBA) / Autorité de protection des données (APD), Drukpersstraat / Rue de la Presse 35, 1000 Brussels, Belgium. Website: dataprotectionauthority.be

The supervisory authority responsible for our company is: Hessischer Beauftragter für Datenschutz und Informationsfreiheit, Postfach 3163, 65021 Wiesbaden, Germany.

7. Data Security

We use SSL/TLS encryption for all data transmissions. Passwords are hashed with bcrypt. Access to user data is restricted to authorized personnel only. Our infrastructure is hosted on servers in Germany (European Union). Uploaded files are processed temporarily and deleted immediately after conversion.

8. Changes to This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify registered users of material changes via email.