Privacy Policy

Controller

BasalBit GmbH operates ReRune and is the controller for the personal data described in this notice unless another party is explicitly identified for a specific workflow.

Registered office: Königstraße 5, 70173 Stuttgart, Germany. General contact: info@basalbit.com. Privacy contact: info@basalbit.com.

What we process

• Account data such as name, email address, password-related metadata, login timestamps, and organisation membership.
• Workspace data such as projects, translation content, invited user email addresses, API key metadata, billing-account relationships, and audit-oriented configuration records.
• Billing and subscription data such as billing account names, invoicing addresses, payment method metadata, subscription identifiers, invoices, and plan history.
• Support and operational data such as issue reports, security logs, rate-limit events, and service diagnostics needed to protect the platform.
• Browser-side technical data such as strictly necessary cookies, local storage values used for authentication state, and user-interface preferences.

Purposes and legal bases

• Art. 6(1)(b) GDPR: to create accounts, deliver the service, manage organisations, process translations, and operate subscriptions.
• Art. 6(1)(c) GDPR: to retain records required by tax, accounting, sanctions-screening, fraud-prevention, or other legal obligations.
• Art. 6(1)(f) GDPR: to secure the service, prevent abuse, investigate incidents, improve reliability, and answer support requests.
• Art. 6(1)(a) GDPR: to send newsletter or product-update emails where you have explicitly opted in.

Recipients and subprocessors

We share data only where it is necessary to provide the service, fulfill payments, or enable integrations that you choose to configure.

Current subprocessors and integration-related recipients are listed on the dedicated Subprocessors page.

International transfers

Some processors or integrations may process data outside the European Economic Area. Where that happens, transfers should rely on an adequacy decision, Standard Contractual Clauses, or another lawful transfer mechanism.

Before enabling third-party integrations for customer content, verify that your backend-side contracts and transfer safeguards are in place and reflected on the Subprocessors page.

Retention

Account and workspace data should be kept only for as long as your organisation uses the service or as long as needed to resolve support, security, and contractual matters.

Billing, invoice, and tax-relevant records may be retained beyond account deletion where German commercial or tax law requires it. Keep the exact retention schedule aligned with your finance and legal process.

Your rights

• Access the personal data we hold about you.
• Rectify inaccurate or incomplete personal data.
• Request deletion where continued processing is not required.
• Restrict or object to certain processing.
• Receive portable data where the right applies.
• Withdraw consent for newsletter communications at any time.
• Lodge a complaint with a competent supervisory authority, including the authority in Germany responsible for your place of residence or our establishment.

Contact and requests

For privacy requests, contact info@basalbit.com. If you submit a request through the dashboard, export the data available to you first and include enough information for us to verify your identity securely.