CoMStudio 🇺🇦

Privacy Policy

Learn how we handle your data and protect your privacy.

Privacy & Cookie Policy of CoMStudio OÜ

Welcome to the privacy policy of CoMStudio OÜ. This policy explains what data we collect, why we collect it and what your rights are when you interact with our services.

This Privacy and Cookie Policy describes how CoMStudio OÜ collects, uses and protects personal data when you interact with any product or service we operate.

Latest update: November 13, 2025

This policy applies to the following services:

  • CoMStudio Platform
  • DepLog.dev
  • Skron
  • AnDocs.io
  • GetNow.Date

Owner and Data Controller

CoMStudio OÜ — Lõõtsa tn 5 11415 Tallinn Harju maakond Eesti Vabariik (Estonia)

Owner contact email: support@comstud.io

Types of Data collected

Among the types of Personal Data that CoMStudio OÜ collects by itself or through third parties are:

  • Trackers.
  • Location details: city, ZIP or postal code, state, province, country, county, metro area, geography or region plus latitude and longitude derived at city level.
  • Usage Data: IP address, device information, app information, device logs, operating systems, browser information, language, launches, number of sessions, session duration, scroll to page interactions, mouse movements, scroll position, keypress events, motion sensor events, touch events, video views, clicks, browsing history, search history, session statistics, page views, interaction events, page events and custom events.
  • Application opens.
  • Browser fingerprint.
  • Payment info.
  • Purchase history.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this policy or in specific explanation texts displayed before collection.

Personal Data may be provided freely by the User or collected automatically when using CoMStudio OÜ. Unless stated otherwise all Data requested by CoMStudio OÜ is mandatory and failure to provide it may make it impossible for CoMStudio OÜ to deliver the Service.

Where CoMStudio OÜ states that certain Data is not mandatory Users are free not to communicate that Data without consequences for availability or functionality of the Service.

Users who are uncertain about which Personal Data is mandatory can contact the Owner.

Any use of cookies or other tracking tools by CoMStudio OÜ or by third-party services used by CoMStudio OÜ serves the purpose of providing the Service requested by the User in addition to any other purposes described in this policy and in the Cookie Policy.

Users are responsible for any third-party Personal Data obtained, published or shared through CoMStudio OÜ and confirm that they have the third party's consent to provide such Data to the Owner.

Mode and place of processing the Data

Methods of processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of the Data.

Data processing is carried out using computers and IT enabled tools following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner the Data may be accessible to persons in charge of operating CoMStudio OÜ (administration, sales, marketing, legal, system administration) or external parties such as technical service providers, mail carriers, hosting providers, IT companies and communications agencies appointed as Data Processors by the Owner when necessary. The updated list of these parties may be requested from the Owner at any time.

Place

Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.

Depending on the User's location data transfers may involve transferring the User's Data to a country other than their own. Users can find out more about the place of processing of such transferred Data in the section detailing processing of Personal Data.

Retention time

Unless stated otherwise Personal Data shall be processed and stored for as long as required by the purpose for which it has been collected and may be retained for longer to meet legal obligations or based on the Users' consent.

The purposes of processing

The Data concerning the User is collected to allow the Owner to provide its Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activity and for the following purposes:

  • Traffic optimization and distribution.
  • Spam and bots protection.
  • Analytics.
  • Handling payments.
  • Registration and authentication.

Detailed information on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Analytics

The services in this section enable the Owner to monitor and analyze web traffic and keep track of User behavior.

Cloudflare Web Analytics
  • Company: Cloudflare Inc.
  • Place of processing: United States.
  • Personal Data processed: device information, browser type and aggregated usage statistics.

Handling payments

Unless otherwise specified CoMStudio OÜ processes payments via external payment service providers. Users provide payment details and personal information directly to those providers. CoMStudio OÜ does not collect or store full payment data and only receives notification of payment status.

Paddle
  • Company: Paddle.com Inc.
  • Place of processing: United States.
  • Personal Data processed: payment info, billing identifiers and transaction metadata.
  • Notes: Used when Paddle handles checkout and invoicing.
Lemon Squeezy
  • Company: Lemon Squeezy LLC.
  • Place of processing: United States.
  • Personal Data processed: payment info, billing identifiers and transaction metadata.
  • Notes: Used when Lemon Squeezy acts as the payment provider instead of Paddle.

Registration and authentication

By registering or authenticating Users allow CoMStudio OÜ to identify them and give access to dedicated services. Depending on the service third parties may provide registration and authentication. In that case CoMStudio OÜ can access Data stored by these third-party services for registration or identification. Some services may also collect Personal Data for targeting and profiling. Details are described below.

GitHub OAuth
  • Company: GitHub Inc.
  • Place of processing: United States.
  • Personal Data processed: trackers, account identifier and profile information shared during OAuth.
Google OAuth
  • Company: Google LLC.
  • Place of processing: United States.
  • Personal Data processed: trackers, email address and basic profile information.

Spam and bots protection

These services analyze the traffic of CoMStudio OÜ to filter unwanted traffic, messages and malicious bots.

Cloudflare Bot Management
  • Company: Cloudflare Inc.
  • Place of processing: United States.
  • Personal Data processed: app information, request telemetry and threat detection signals.
Cloudflare Turnstile
  • Company: Cloudflare Inc.
  • Place of processing: United States.
  • Personal Data processed: browser fingerprint, challenge responses and interaction logs.

Traffic optimization and distribution

These services allow CoMStudio OÜ to distribute content using servers in different countries and optimize performance. They filter communications between CoMStudio OÜ and the User's browser. Due to the distributed nature of these systems it is difficult to determine the locations to which content containing Personal Data is transferred.

Cloudflare
  • Company: Cloudflare Inc.
  • Place of processing: United States.
  • Personal Data processed: trackers, network logs and usage Data.
Cloudflare DNS
  • Company: Cloudflare Inc.
  • Place of processing: United States.
  • Personal Data processed: Usage Data linked to DNS queries.

CoMStudio OÜ uses trackers. To learn more Users can consult the Cookie Policy.

Further Information for Users in the European Union

The Owner may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes.
  • Provision of Data is necessary for the performance of an agreement with the User or for pre-contractual obligations.
  • Processing is necessary for compliance with a legal obligation to which the Owner is subject.
  • Processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Owner.
  • Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

The Owner will help clarify the specific legal basis that applies to processing, particularly whether the provision of Personal Data is a statutory or contractual requirement or a requirement necessary to enter into a contract.

Further information about retention time

Unless stated otherwise Personal Data shall be processed and stored for as long as required by the purpose for which it has been collected and may be retained for longer due to legal obligation or based on the Users' consent.

Therefore:

  • Personal Data collected for purposes related to performance of a contract between the Owner and the User shall be retained until the contract has been fully performed.
  • Personal Data collected for the purposes of the Owner's legitimate interests shall be retained as long as needed to fulfil such purposes. Users can find details regarding those legitimate interests in the relevant sections of this document or by contacting the Owner.

The Owner may retain Personal Data for a longer period when Users have given consent, as long as the consent is not withdrawn. The Owner may be obliged to retain Personal Data for a longer period to fulfil a legal obligation or on order of an authority.

Once the retention period expires Personal Data shall be deleted and the rights of access, erasure, rectification and data portability cannot be enforced after expiration.

The rights of Users based on the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding their Data processed by the Owner. In particular Users have the right to do the following within the limits of applicable law:

  • Withdraw consent at any time where they have previously given consent to processing of their Personal Data.
  • Object to processing of their Data when it is carried out on a legal basis other than consent.
  • Access their Data to learn if Data is being processed by the Owner, obtain disclosure regarding aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification to ensure the accuracy of their Data.
  • Restrict processing so the Owner will store their Data for limited purposes.
  • Have their Personal Data deleted or removed.
  • Receive their Data and have it transferred to another controller in a structured commonly used and machine readable format and, if technically feasible, have it transmitted to another controller without hindrance.
  • Lodge a complaint before a competent data protection authority.

Users are also entitled to learn about the legal basis for Data transfers abroad including to any international organization governed by public international law or set up by two or more countries (such as the UN) and about the security measures taken by the Owner to safeguard their Data.

Details about the right to object to processing

Where Personal Data is processed for a public interest, in the exercise of official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that should their Personal Data be processed for direct marketing purposes they can object to that processing at any time free of charge and without providing justification. Where the User objects to processing for direct marketing purposes the Personal Data will no longer be processed for such purposes. To learn whether the Owner is processing Personal Data for direct marketing Users can refer to the relevant sections of this document.

How to exercise these rights

Requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests are free of charge and will be answered as early as possible and always within one month. The Owner will inform Users about any action taken in response to a request.

Any rectification or erasure of Personal Data or restriction of processing will be communicated by the Owner to each recipient, if any, to whom the Personal Data has been disclosed unless this proves impossible or involves disproportionate effort. At the Users' request the Owner will inform them about those recipients.

Additional information about Data collection and processing

The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of CoMStudio OÜ or the related Services.

The User declares to be aware that the Owner may be required to reveal Personal Data upon request of public authorities.

Additional information about User's Personal Data

In addition to the information contained in this privacy policy CoMStudio OÜ may provide Users with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.

System logs and maintenance

For operation and maintenance purposes CoMStudio OÜ and any third-party services may collect files that record interaction with CoMStudio OÜ (system logs) or use other Personal Data such as the IP address for this purpose.

Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from the Owner at any time using the contact information listed in this document.

Changes to this privacy policy

The Owner reserves the right to make changes to this privacy policy at any time by notifying Users on this page and possibly within CoMStudio OÜ and, where technically and legally feasible, sending a notice to Users via any contact information available to the Owner.

It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

Should the changes affect processing activities performed on the basis of the User's consent the Owner shall collect new consent where required.

Personal Data (or Data)

Any information that directly or indirectly or in connection with other information, including a personal identification number, allows for identification or identifiability of a natural person.

Usage Data

Information collected automatically through CoMStudio OÜ or third-party services employed in CoMStudio OÜ. It can include the IP addresses or domain names of the computers used by Users, URI addresses, time of the request, method used to submit the request to the server, size of the file received in response, numerical code indicating the status of the server's answer (successful outcome, error and similar information), country of origin, browser features, operating system used by the User, time details per visit (for example the time spent on each page within the Application) and details about the path followed within the Application with special reference to the sequence of pages visited as well as other parameters about the device operating system or the User's IT environment.

User

The individual using CoMStudio OÜ who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor (or Processor)

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller as described in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of CoMStudio OÜ. The Data Controller, unless otherwise specified, is the Owner of CoMStudio OÜ.

CoMStudio OÜ (or this Application)

The means by which the Personal Data of the User is collected and processed.

Service

The service provided by CoMStudio OÜ as described in the relevant terms and on this site or application.

European Union (or EU)

Unless otherwise specified all references made within this document to the European Union include all current member states of the European Union and the European Economic Area.

Cookies are trackers consisting of small sets of data stored in the User's browser.

Tracker

Tracker indicates any technology such as cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting that enables tracking of Users for example by accessing or storing information on the User's device.

Language of this Policy

This Privacy Policy is provided in English as the main language of our website and services.

It applies to all users worldwide.