Privacy Policy

BasalBit GmbH, Deckerstraße 39, 70372 Stuttgart, Germany, info@basalbit.com, operates ReRune and acts as controller for personal data processed in connection with account registration, website use, billing administration, support requests, newsletter subscriptions, platform security, and workspace administration.

Where customers upload translation content, project files, languages, or collaboration data into a ReRune workspace, the customer determines the content and purpose of that processing. ReRune processes that customer content to provide the requested localization service, configured workflows, imports, exports, and runtime delivery features.

This Privacy Policy applies to visitors, registered users, organisation owners, invited workspace members, billing owners, newsletter subscribers, and individuals who contact BasalBit GmbH about ReRune.

• Account and authentication data: email address, account identifiers, authentication state, verification events, password-reset events, session metadata, and security-relevant access events.
• Organisation and authorization data: organisation names, invited-user email addresses, member roles, billing ownership, workspace membership, and administrative settings.
• Project and localization data: project names, languages, locales, translation keys, translation values, placeholders, dictionaries, metadata, tags, comments, imported files, exported files, and runtime delivery settings.
• Integration and workflow data: enabled integration status, provider selection, language or model choices, request metadata, activation state, and usage metadata required to perform the selected workflow.
• Support and communication data: messages sent to BasalBit GmbH, support context supplied by the user, newsletter opt-in state, newsletter email address, and unsubscribe state.

Translation content remains customer content. ReRune stores and processes translation strings, source text, target translations, prompts used for translation workflows, dictionaries, placeholders, project metadata, and imported files for the purpose of providing the localization workspace.

Users are responsible for the content they upload. Users must not place secrets, credentials, payment card data, health data, regulated sensitive data, or unlawful material into translation strings, prompts, dictionaries, metadata, comments, or imported files unless they have all required rights, legal bases, and safeguards.

Stripe Payments Europe, Limited handles payments, tax calculation, invoicing, subscriptions, paid-plan trials, payment methods, cancellations, refunds, and customer portal workflows for ReRune.

BasalBit GmbH receives and stores the billing and subscription information needed to administer ReRune accounts, connect a subscription to a billing account, apply plan limits, maintain invoice records, and comply with commercial and tax obligations.

• Service provision: create accounts, authenticate users, operate organisations and projects, store translation content, run imports and exports, manage collaborators, deliver OTA functionality, and provide selected integrations.
• Billing administration: manage subscriptions, trials, invoices, payment status, tax information, cancellations, refunds, and free-account limits after downgrade.
• Service communications: send transactional emails, verification emails, password reset emails, invitation emails, billing notices, support replies, and opt-in newsletters.
• Security and operations: detect abuse, secure accounts, investigate errors, enforce limits, troubleshoot issues, maintain operational logs, and preserve platform reliability.
• Legal compliance: keep commercial, accounting, tax, payment, consumer, and legal records for the period required by applicable law.

• Contract performance under Article 6(1)(b) GDPR for account access, workspace operation, collaboration, translation workflows, subscriptions, support, and requested integrations.
• Legal obligation under Article 6(1)(c) GDPR for commercial, tax, invoice, accounting, payment, consumer, compliance, and legally required retention records.
• Consent under Article 6(1)(a) GDPR for opt-in newsletters and other processing that requires consent.
• Legitimate interests under Article 6(1)(f) GDPR for service security, abuse prevention, troubleshooting, reliability, support administration, and normal product operation.

DeepL and OpenRouter are optional customer-enabled integrations. ReRune sends translation content, prompts, language metadata, model choices, and request metadata to the selected provider only when a user triggers the relevant integration workflow.

The customer controls whether an optional integration is enabled and which content is submitted through that workflow. The provider's own terms and privacy information apply to the provider-side processing.

ReRune sends transactional email and newsletter email through Microsoft 365 / Exchange Online via Microsoft Graph. Transactional emails include verification, password reset, invitation, account, and billing-related messages required to operate the service.

Newsletter email is opt-in. ReRune processes the email address for newsletter delivery, provides an unsubscribe option, and does not use newsletter tracking pixels or link tracking.

ReRune uses Hostinger for hosting, application data, storage, and backups in Frankfurt, Germany. ReRune uses Microsoft 365 / Exchange Online via Microsoft Graph for transactional and newsletter email. ReRune uses Stripe for billing and payment workflows.

DeepL and OpenRouter receive customer content only when the customer enables and triggers the relevant optional integration. Current processors and optional integration recipients are listed on the Subprocessors page.

Core hosting is located in Frankfurt, Germany. Stripe Payments Europe, Limited is located in Ireland / EEA. DeepL SE is located in Germany / EU. OpenRouter, LLC is located in the United States and receives content only for customer-triggered optional AI translation workflows.

Where personal data is transferred outside the EEA, ReRune relies on the safeguards provided by the relevant provider terms, data processing agreements, standard contractual clauses, adequacy decisions, or other transfer mechanisms available under applicable data protection law.

ReRune keeps account, workspace, translation, billing, and operational data for as long as required to provide the service, maintain the account, comply with law, resolve disputes, enforce agreements, and protect the platform.

ReRune does not automatically delete workspace data after subscription cancellation or downgrade. Workspace data remains available under free-account rules until users delete relevant data or legal, billing, security, or operational retention requires continued storage.

Users can delete their profile from profile settings. Profile deletion is irreversible. Users should export their data before deleting their profile, cancel active subscriptions where needed, and understand that billing and invoice records remain stored where commercial or tax law requires retention.

• Request access to personal data ReRune holds about you.
• Request correction of inaccurate or incomplete personal data.
• Request deletion where continued processing is not required.
• Restrict or object to certain processing.
• Receive portable data where the right applies.
• Withdraw newsletter consent at any time.
• Lodge a complaint with a competent supervisory authority. For BasalBit GmbH, the competent supervisory authority is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg.

ReRune uses self-hosted authentication and application infrastructure on Hostinger, operational access controls, account verification flows, password reset flows, and security logs to protect the service.

No online service is completely risk free. Users must protect account credentials, restrict workspace access to authorized people, review invited users, and avoid placing secrets or regulated data into localization content.