Who we are
Dopomoga is a practical guide for Ukrainians in the European Union. The controller of your personal data is MaxVera (eenmanszaak — sole proprietorship, trading as Dopomoga), KvK 99672332, Seisplein 9, 4331NP Middelburg, the Netherlands. For any questions regarding this policy, write to support@uadopomoga.eu.
What data we collect
We collect the minimum necessary to operate the service:
- Email — for logging into your account and technical notifications.
- Password — stored in hashed form (bcryptjs, cost factor 12). We cannot see your password in plaintext.
- Personal settings: selected country (for example, NL), document drafts (rental, work, KvK), ZZP preparation progress, activity log (the last 100 events).
- Registration date and the date of acceptance of the terms of use.
- Profile and contact details you provide: first/last name, phone number, city.
- Login history — for your account security we record each successful sign-in (time, browser/operating system, and a one-way salted hash of your IP, never the raw IP). It is included in your data export.
- Business and bookkeeping data, if you use the ZZP Pro tools: invoices, expenses, quotes, credit notes, customer contacts, VAT/BTW figures and your KvK number. Some fields you fill in yourself may contain a BSN (yours or, where a tax form requires it, a client's). Finalized invoices and accounting records are kept for 7 years to meet Dutch tax-law obligations, and are therefore retained even after you delete your account; everything else is erased with your account.
- Marketplace data, if you use the marketplace: your seller profile, listings, bookings, reviews, and the content of in-app messages you send.
- AI-tool inputs: the text or images you submit to the AI chat, letter analyzer, translator, receipt scanner and invoice assistant (see “AI chat and data transfer”).
We do not use third-party analytics, advertising trackers, or third-party cookies (no Google Analytics, Meta Pixel, Hotjar, etc.).
We do run our own cookieless analytics, stored only in our EU database and never shared or sold. It records: page views with a daily-rotating visitor hash (sha-256 of IP and browser, re-salted every day, so visits cannot be linked across days or back to you), device type, and an approximate country derived from your IP via an offline lookup — the IP address itself is not stored. We also count key events (registrations, published listings, bookings, ZZP Pro payments) and store normalized search queries with personal data removed (any query containing an email, phone number, or long digit sequence is discarded) in order to find and fill content gaps. Page-view data is kept for 180 days and search queries for 90 days, then deleted automatically.
Legal basis for processing
We rely on different legal bases depending on the purpose: providing your account and the service you ask for (ZZP bookkeeping, marketplace participation) — performance of a contract (Art. 6(1)(b)); authentication, security and abuse-prevention, and our cookieless analytics — our legitimate interests (Art. 6(1)(f)); transferring data to AI tools outside the EU — your explicit consent (Art. 6(1)(a) and 49(1)(a)); and keeping invoices and payment records for the statutory period — a legal obligation under Dutch tax law (Art. 6(1)(c)). By accepting at registration you also confirm you are at least 16, the age required to consent validly under Dutch data-protection law.
Your business and tax data. For the bookkeeping records you create — invoices, expenses, customer details and any tax identifiers such as a BSN — you are the data controller and Dopomoga acts as your processor, providing the tools. You are responsible for entering accurate data and for having a lawful basis to store any third party's personal data (for example a client's BSN) that you input.
Security. We apply appropriate technical and organisational measures (Art. 32 GDPR) — password hashing, PII scrubbing before error reports, and EU-region hosting. However, no method of transmission over the internet or electronic storage is completely secure, so while we work to protect your data we cannot guarantee absolute security.
Your rights
Under the GDPR you have the right to:
Storage and region
Most data (the Neon Postgres database, authorization sessions, server authentication logs) is hosted in the eu-central-1 (Frankfurt, EU) region and is not transferred outside the EU. Specific categories of data are transferred to processors outside the EU with your consent — for details see the “AI chat and data transfer” section below. Server authentication logs are retained for up to 30 days via pm2-logrotate; email addresses in logs are hashed (sha-256, first 16 characters), and full addresses and passwords are never logged.
Contact-form submissions: contact-form messages (the message text, email/phone) are retained for up to 180 days, after which the record is automatically anonymized. The form does not accept document uploads. If you have an account, this data is also deleted when you delete your account.
AI chat and data transfer
For the AI chat feature, Dopomoga uses the external service OpenRouter(OpenRouter Inc., registered in the USA). When you send a message to the AI chat, the text of your question and the context of recent messages are transferred to OpenRouter to generate a response. OpenRouter in turn may use one or more model providers (for example, Google, OpenAI) to process the request.
Dopomoga does not store AI chat history on the server. Only anonymous usage counters are stored (number of messages per day, time of the last request) — this is necessary for the technical limit (100 messages per UTC day, a 5-second interval between requests).
For sending transactional emails (email confirmation, password reset), Dopomoga uses the service Resend (Resend, Inc., registered in the USA; the sending server is hosted in the Ireland region, eu-west-1). The metadata of the Resend account (our settings, sending statistics) is stored in the USA; the email content itself is sent from servers in the EU.
Your rights: You may at any time request the deletion of all data via the “Delete account” function in the Account section — this will delete the AI chat usage counters and all tokens for email verification / password reset associated with your account.
Payments and subscriptions (Stripe)
For processing payments for the ZZP Pro subscription, Dopomoga uses Stripe(Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Dublin 2, Ireland — the processor for EU customers; the parent company Stripe, Inc. is registered in the USA). Stripe is a regulated payment service provider (an authorised payment institution in the EU). Available payment methods: card and SEPA Direct Debit.
Legal basis: The transfer of payment data to Stripe is based on the performance of a contract (Art. 6(1)(b) GDPR) — the ZZP Pro subscription you take out.
Processing region and transfer: Stripe Payments Europe processes data within the European Economic Area. Certain data may be processed by the parent company Stripe, Inc. (USA) on the basis of the EU Standard Contractual Clauses (SCCs), which provide an adequate level of protection.
What data is transferred to Stripe: Your name, email address, payment method type, and the last 4 digits of the card or IBAN (for display in your dashboard), as well as the Stripe customer and Stripe subscription identifiers. Dopomoga never stores the full card number or full IBAN — this data is processed exclusively on Stripe's side in tokenized form.
Storage on our side: We store the Stripe customer and Stripe subscription identifiers (for managing the subscription lifecycle) — they are deleted together with the account (cascade deletion).
Storage at Stripe: Stripe stores payment data in accordance with its own privacy policy and Dutch tax requirements (7 years for accounting documents). For more details: stripe.com/privacy.
Tax refund (tax-return filing)
The Tax refund service (Belastingteruggave) comes in two packages: “I file myself” (€39/year) — we verify your documents and prepare a personal step-by-step instruction, and you file the return yourself via Mijn Belastingdienst; “Accountant files” (€89/year) — a registered accountant partner files the return for you after a scheduled call and a DigiD Machtigen authorization. For both packages, Dopomoga is the data controller — unlike the ZZP bookkeeping tools, where you are the controller.
What data we collect (both packages): your name, e-mail, phone, the tax years, your family situation (marital status, children, joint filing with a fiscal partner), a note about your situation, and the documents you upload (primarily the jaaropgaaf — note that the document itself contains your BSN). “Accountant files” only: your BSN (persoonsnummer) and refund IBAN (the accountant needs them to file and to state the refund account) and, for a joint return, the name and BSN of your fiscal partner. In the “I file myself” package we deliberately do not ask for your BSN or IBAN (data minimization, Art. 5(1)(c) GDPR): you file via your own DigiD and enter your IBAN directly in the return.
Legal basis: the processing is based on performance of the service contract (Art. 6(1)(b) GDPR). BSN processing (the “Accountant files” package) is based on a legal obligation under Dutch tax law, which requires the BSN to be stated on a tax return (Art. 6(1)(c) GDPR).
Recipients: in the “I file myself” package your documents are seen only by the Dopomoga operator who verifies them and prepares your instruction — they are not shared with anyone outside Dopomoga. In the “Accountant files” package your data is shared with a registered accountant partner (with a Beconnummer) who files the return with the Belastingdienst (the Dutch tax authority), which pays out any refund; the authorization is arranged in the government’s own DigiD Machtigen system — we never see or store your DigiD credentials. The service fee (€39 or €89 per year, plus the fiscal-partner add-on) is processed via Stripe (see the “Payments and subscriptions” section above).
Security: your BSN, IBAN, fiscal-partner BSN and situation note are stored with field-level encryption; uploaded documents are stored in a private server location and are never reachable via a public URL.
Retention: uploaded documents and the sensitive fields are deleted automatically within a few months after your request is completed or cancelled; abandoned unpaid requests are purged automatically as well. The payment record is kept for the statutory fiscal period under Dutch law.
Your rights: as with the rest of your data, you can request access or erasure (Account → Data export / Delete account, Art. 20 and 17 GDPR) or write to us at support@uadopomoga.eu.
Business registration verification (KvK Handelsregister)
To verify marketplace sellers who are registered as legal entities or ZZP'ers in the Netherlands, Dopomoga queries the official registry KvK Handelsregister (Kamer van Koophandel, Den Haag, Netherlands). The query occurs only at your explicit initiative — when you press “Verify via KvK API” in the seller profile settings.
Processing region: KvK is a state registry of the Netherlands, registered and physically located within the European Union. Transfer of data to countries outside the EU does not occur, so separate consent under Art. 49 GDPR is not required.
Legal basis: The transfer of data to KvK is based on contractual necessity (Art. 6(1)(b) GDPR) — without verifying the status of your business in the Handelsregister, we cannot provide you with the “Verified business” badge in the marketplace.
What data is transferred to KvK: Only your 8-digit KvK number. No other information (email, name, IP address) is transferred. In response, KvK returns publicly available information from your business registration: trade name, legal name, registered business address, and registration status (active / inactive / deregistered).
Storage on our side: The KvK response is cached on the server for 30 days (reducing the volume of API queries), after which it is automatically re-queried. Your KvK number in the seller profile is stored as long as your account remains active; it is deleted together with the account (cascade deletion under Art. 17 GDPR). Once a month we check whether the status of your KvK registration has changed — if so, we automatically remove the “Verified business” badge and send you a notification.
Storage at KvK: KvK, as a state registry of the Netherlands, stores your business registration data in accordance with the Handelsregister Act (Handelsregisterwet 2007). For more details: kvk.nl/privacy.
Error monitoring (Sentry)
To detect technical errors, Dopomoga uses the service Sentry (Functional Software, Inc., d/b/a Sentry; parent company Sentry GmbH — Berlin, Germany, EU). Data is sent to a Sentry instance in the Frankfurt, EU region (DSN host *.ingest.de.sentry.io). Telemetry is not transferred outside the EU.
Processing region: Sentry EU (Frankfurt). Transfer of data to countries outside the EU does not occur, so separate consent under Art. 49 GDPR is not required.
Legal basis: The transfer of error telemetry to Sentry is based on our legitimate interest in ensuring the security and reliability of the service (Art. 6(1)(f) GDPR); the relationship with Sentry as a sub-processor is governed by Art. 28 GDPR.
What data is transferred to Sentry: The technical stack of the error (trace, files, lines of code), browser / operating system type, the URL path (on the client side query parameters are removed). Email, phone number, BSN, KvK number, and IP address are hashed (sha-256, first 16 characters for email, first 8 for the rest) BEFORE being transferred to Sentry using the server-side PII scrubber — Sentry itself stores only sentinels of the form [email:<hash>], [phone:<hash>], etc.
Storage on our side: No Sentry events are stored locally — telemetry is transmitted directly to the Sentry EU instance via a network request at the moment the error occurs. On the Dopomoga server we store only the authorization log (authLog, separate from Sentry, with its own rotation rule of 30 days × 10 MB).
Storage at Sentry: Sentry stores error telemetry for 90 days (the standard free-tier period), after which it automatically deletes it. For more details: sentry.io/privacy.
Your rights: You may at any time request the deletion of your account via the “Delete account” function — after deletion, new Sentry events that could be associated with your account are physically impossible to create (the account no longer exists); events sent earlier are deleted automatically after 90 days under Sentry's policy.
What we do NOT do
- We do not show advertising.
- We do not use third-party trackers (Google Analytics, Meta Pixel, Hotjar, etc.).
- We do not transfer data to third parties without your consent (exceptions are described in the “AI chat and data transfer” section above).
- We do not sell your data.
Contact
For requests regarding personal data: support@uadopomoga.eu.
Changes to the policy
If we update this policy, you will see a notification at your next login asking you to confirm acceptance of the new version.