Privacy Policy

The controller for MoveStack website, checkout, licensing and related support workflows is We Web Hosting (Business ID 2536101-3).

Contact email: [email protected]

This policy applies to the MoveStack public website, help pages, feedback board, early-access purchase flow, payment reconciliation, licensing records and related support and admin handling.

• Contact and identity data, such as name, email address and optional company name.
• Purchase and billing context, such as checkout session identifiers, order amount, currency, payment status and related metadata.
• License and entitlement records, such as issued license ID, feature set, status, signed plan history and download token references.
• Feedback and support content, such as bug reports, feature ideas, optional contact email and admin moderation status.
• Technical and security records, such as IP-derived request metadata, audit events, server logs and route-level operational traces needed to secure the service.

• Directly from you when you submit checkout details, feedback, support requests or other forms on the site.
• From our payment provider when a Stripe Checkout session is created, completed, cancelled, refunded or disputed.
• From our own service logs and audit records when the website, admin area or issuer endpoints are used.

• To provide the website, downloads, forms, help pages and moderated feedback workflow. Legal basis: legitimate interest, and where necessary performance of pre-contractual steps.
• To create and manage checkout, accept payment, reconcile orders and prevent duplicate or fraudulent charges. Legal basis: contract and legitimate interest.
• To issue, manage, revoke or audit licenses, entitlements and signed plans. Legal basis: contract and legitimate interest in service integrity and abuse prevention.
• To provide support, answer questions, review early-access requests and moderate feedback submissions. Legal basis: legitimate interest and, where applicable, steps taken at your request before entering into a contract.
• To maintain accounting, tax and legally required records. Legal basis: compliance with a legal obligation.
• To investigate misuse, abuse, security incidents and service failures. Legal basis: legitimate interest and, where necessary, legal claims.

Payments are handled through Stripe Checkout. MoveStack and We Web Hosting do not store or directly process full payment card numbers, CVV codes or similar card payment credentials on their own servers. Stripe processes payment details under its own privacy and compliance framework, and shares with us the minimum business data needed to create the payment session, confirm payment, reconcile the order and handle refunds, disputes or fraud controls.

Depending on the transaction flow, this can include your email address, checkout session identifiers, payment intent references, amount, currency, status and billing-related metadata.

Public feedback submissions are moderated before publication. A submission may contain an idea or bug title, message body and optional email address. Unapproved submissions are processed internally for moderation, spam control, abuse handling and possible follow-up.

Approved items may be shown publicly on the feedback board. Optional contact email is not intended for public display unless explicitly surfaced by the product in a later revision.

• Internal operators and administrators who need the data to run MoveStack, approve requests, issue licenses, moderate feedback or support customers.
• Stripe, for checkout, payment processing, payment confirmation, refund handling and fraud-related controls.
• Email or infrastructure providers if used to deliver license emails, transactional notices or host the application and database.
• Authorities, advisers or counterparties where required by law or needed to establish, exercise or defend legal claims.

Some service providers may process data outside Finland or outside the EEA. Where that happens, transfers are expected to rely on an adequacy decision, contractual safeguards such as Standard Contractual Clauses, or another lawful transfer mechanism required by applicable data protection law.

• Feedback and support submissions are kept for moderation history, product planning and abuse prevention for as long as reasonably needed for those purposes.
• Access request, payment and license records are kept for order history, fraud prevention, support, tax/accounting reconciliation and auditability for as long as the relationship or legal retention duties require.
• Audit and security logs are kept for operational security, incident investigation and system integrity for a limited period appropriate to those purposes, unless a longer hold is required for a dispute, incident or legal obligation.

If GDPR or similar data protection law applies, you may have the right to request access, rectification, erasure, restriction of processing, objection, and data portability where applicable. If processing is based on consent, you may also withdraw that consent at any time without affecting prior lawful processing.

You may also have the right to lodge a complaint with your local supervisory authority. In Finland, that is the Office of the Data Protection Ombudsman.

MoveStack uses necessary cookies for the basic operation of the site. If Google Analytics, Google Tag Manager, or other non-essential analytics are enabled, they load only on the basis of the visitor's consent through the site's cookie settings.

You can reopen the cookie settings later from the site footer and change your analytics consent. Stripe-hosted checkout or third-party infrastructure may also use their own necessary cookies or similar technologies under their own policies.

We use reasonable technical and organisational measures to limit unauthorized access, misuse, alteration or loss of personal data. No internet service can be guaranteed perfectly secure, so you should avoid sending unnecessary sensitive data through public forms.

Privacy-related requests should identify the request clearly and include enough information for verification. Requests can be sent to [email protected].