Privacy Policy

Last updated: 10 May 2026

This policy describes what RoboFleet (KvK 57715610, Netherlands) collects when you use our apps — RoboComic, RoboSlides, RoboTest — and what we do with it. It applies to robofleet.dev and every *.robofleet.dev / per-app domain operated by us.

1. Data controller

RoboFleet, registered with the Netherlands Chamber of Commerce (KvK 57715610), is the data controller for all personal data processed through our apps. Reach us at privacy@robofleet.dev.

2. What we collect

Account data

• Email address (used to identify you and to log in)
• Display name (if you set one)
• The contents you create in our apps (e.g. comics in RoboComic)

Payment data

• Stripe (our payment processor) handles your card. We never see or store full card numbers.
• We receive: payment amount, currency, the last 4 digits of the card, a card fingerprint (so we can prevent abuse of welcome credits), and the Stripe customer/charge IDs.

Technical data

• IP address (logged briefly for security/abuse prevention; not used for marketing).
• Standard server logs: HTTP method, path, status code, timestamp, user agent.
• Error reports via Sentry (stack traces, request metadata; we strip sensitive fields).

3. How we use it

• To operate the apps you signed up for (generate comics, store your library, etc.).
• To bill you and process refunds.
• To detect and prevent abuse (e.g. one welcome credit per real card).
• To debug crashes and improve reliability.
• To respond when you contact us.

We do not sell your personal data. We do not run ad networks or behavioural tracking. We do not train AI models on your content.

4. Third parties we share data with

• Stripe (payments) — card processing, fraud prevention. stripe.com/privacy.
• OpenAI (image generation for RoboComic) — the prompt and reference images you submit are sent to OpenAI's API to generate the requested output. OpenAI's API terms state they do not train on API data by default.
• Cloudflare (hosting, CDN, DNS) — handles network-level traffic and TLS termination. cloudflare.com/privacypolicy.
• Hetzner (server hosting, EU) — runs our production infrastructure.
• Sentry (error tracking) — receives stack traces and request metadata when something breaks.

5. Where we store data

Production data is stored on servers physically located in the European Union (Hetzner Germany). Stripe and OpenAI process data on their own infrastructure under their respective terms.

6. How long we keep data

• Account + content: for as long as your account is active, plus 30 days after deletion (so we can recover from accidents).
• Payment records: 7 years (Dutch tax-law minimum).
• Server logs: 30 days.
• Error reports: 90 days.

7. Your rights (GDPR)

Under the General Data Protection Regulation you have the right to access, correct, delete, restrict, or port your personal data, and to object to processing. Email privacy@robofleet.dev and we'll respond within 30 days. You can also file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

8. Cookies

We use a single first-party cookie (rf_session) to keep you logged in. It's HttpOnly, SameSite=Lax, Secure on HTTPS, and expires after 7 days. We do not use tracking cookies or third-party analytics cookies.

9. Changes

We may update this policy. The "Last updated" date at the top reflects the most recent change. Material changes will be announced by email to active users.