Start tracking free

Privacy Policy

Last updated: 27 June 2026

This policy explains what personal data Lapsewise collects, why, how we protect it, and the rights you have under the General Data Protection Regulation (GDPR).

Who we are

Lapsewise ("we", "us") provides renewal and expiry management software. For the personal data described in this policy, we act as the data controller for your account data and as a data processor for the records and documents you store in the service. If you have any questions, contact us at hello@lapsewise.com.

Data we collect

  • Account data: your name, email address, password (stored only as a secure hash), and timezone preference.
  • Workspace content: the records, dates, notes, and documents you add (for example certificates, contracts, and grants), plus any contact or entity names you choose to store.
  • Usage and technical data: basic logs needed to operate and secure the service, such as request timestamps and error logs.
  • Communications: messages you send us, for example through the contact form or by email.

We do not use advertising cookies or third-party tracking. We do not sell your data.

Why we use it (legal bases)

  • To provide the service (performance of a contract): creating your account, storing your records, and sending the reminders you configure.
  • To secure and improve the service (legitimate interests): fraud prevention, debugging, and reliability.
  • To communicate with you (legitimate interests or consent): service emails and replies to your enquiries.
  • To meet legal obligations where applicable, such as accounting and tax records for paid plans.

Reminder and account emails

Reminder emails are sent through Resend. Account emails (sign-up confirmation, password reset, and invitations) are sent through our email provider. These providers process the recipient address and message content solely to deliver the email on our behalf.

Where your data is stored

Your data is hosted on Supabase infrastructure in the European Union (Ireland, eu-west-1). Uploaded documents are stored in private storage with workspace-level access controls. Some sub-processors (for example our email and hosting providers) may process limited data; we choose providers that support GDPR-compliant transfers.

How long we keep it

We keep your account and workspace data for as long as your account is active. If you delete a record or document, it is removed from the live service. If you close your account, we delete or anonymise your personal data within a reasonable period, except where we must retain certain records to meet legal obligations.

Your rights under the GDPR

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data ("right to be forgotten").
  • Restrict or object to certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data protection authority (in Sweden, the Integritetsskyddsmyndigheten, IMY).

To exercise any of these rights, email us at hello@lapsewise.com.

Security

We protect your data with encryption in transit, access controls, and per-workspace isolation. For more detail on how your documents are kept safe, see our Security page.

Cookies

We use only essential cookies: one to keep you signed in, and a stored preference for your light or dark theme. We do not use advertising or third-party analytics cookies.

Changes to this policy

We may update this policy from time to time. We will revise the "last updated" date above and, for material changes, notify you through the service or by email.