Legal
Generated draftPrivacy Policy
This generated draft explains how Prospect intends to handle personal data in the product, support, billing, analytics, monitoring, and eFaktura workflows.
1. Who we are
Last updated: June 12, 2026
Prospect is operated by ПРОСПЕКТ - АСПЕКТ ДОО, located at ул. Орце Николов 190-3/1, 1000 Скопје. For privacy questions, contact contact@prospect.mk.
2. Data we process
Prospect may process account details, names, emails, company names, user roles, billing details, support messages, audit and activity logs, authentication data, product usage events, error logs, and customer-entered operational data such as partners, items, documents, tax identifiers, bank statement lines, eFaktura data, and attachments.
3. How we use data
We use data to provide and secure the service, authenticate users, process subscriptions, send transactional emails, provide support, maintain audit trails, improve product quality, monitor reliability, troubleshoot incidents, prevent abuse, and comply with legal or contractual obligations.
4. Legal bases
Depending on context, processing may be based on contract performance, legitimate interests such as security and product reliability, legal obligations, customer instructions, or consent where required for optional analytics or communications.
5. Subprocessors and service providers
Prospect uses subprocessors to operate the product. The current launch draft list is:
| Provider | Purpose |
|---|---|
| Creem | Billing, checkout, subscriptions, and payment records. |
| Resend | Transactional and support email delivery. |
| PostHog | Product analytics when enabled. |
| Sentry | Error monitoring, diagnostics, and stability telemetry. |
| Better Stack | Uptime monitoring, public status page, and cron heartbeats. |
| Hosting provider and Coolify infrastructure | Application hosting, deployment, logs, networking, and operational infrastructure. |
| UJP and eFaktura | eFaktura submission, sync, document status, and related public authority workflows when enabled by the customer. |
6. Customer-enabled integrations
If a customer enables eFaktura, UJP, billing, email, or other integrations, Prospect may transmit the data needed to operate those workflows. Customers are responsible for confirming that submitted business, tax, and document data is accurate and that the integration is appropriate for their legal obligations.
7. Retention
Prospect retains account, company, billing, operational, audit, and support data for as long as needed to provide the service, meet legal obligations, resolve disputes, maintain security, and support customer exports or deletion requests. The final reviewed policy should define exact retention windows for backups, logs, support email, analytics, and cancelled accounts.
8. Security
Prospect uses authentication, authorization, tenant isolation, monitoring, logging, least-privilege operational access, encrypted transport, and service-provider controls to protect data. No online service can guarantee perfect security, so customers should use strong passwords, manage invitations carefully, and report suspected account compromise quickly.
9. Your rights
Depending on applicable law and your role, you may have rights to access, correct, export, delete, restrict, or object to processing of personal data. Requests can be sent to contact@prospect.mk. If your account is managed by a customer company, we may direct you to that company as the controller for workspace data.
10. Changes
Prospect may update this policy as the product, providers, or legal requirements change. Material changes should be communicated through the product, email, or website before they take effect where required.