← Back to Home

Privacy Policy

How Yet.Rest protects your data with GDPR compliance and EU-only residency

Effective Date: July 8, 2025 | Last Updated: July 8, 2025

1. Who We Are

Yet.Rest is a backend platform service operated by Yet Technologies S.à r.l., a Luxembourg company (SARL-S) located at 15 Avenue Dr Klein, 5630 Mondorf-les-Bains, Luxembourg.

Contact Information:

  • Company: Yet Technologies S.à r.l.
  • Address: 15 Avenue Dr Klein, 5630 Mondorf-les-Bains, Luxembourg
  • Email: privacy@yet.rest
  • Data Protection Officer: dpo@yet.rest

2. What Data We Collect

Account Information

  • Email address (required for account creation)
  • Name (optional, for personalization)
  • Company name (optional, for business accounts)
  • Password (encrypted and never stored in plain text)

Usage Data

  • API requests and responses (for service functionality)
  • Project descriptions and configurations
  • Database schemas and structures you create
  • Performance metrics and error logs

Technical Data

  • IP address (for security and fraud prevention)
  • Browser type and version
  • Device information
  • Access times and usage patterns

🔒 GDPR-Compliant Data Handling

All personal data is processed lawfully under GDPR Article 6(1)(b) for contract performance and Article 6(1)(f) for legitimate interests in service improvement and security.

3. How We Use Your Data

Service Provision

  • • Create and manage your backend APIs
  • • Process your data through our platform
  • • Provide customer support
  • • Handle billing and payments

Service Improvement

  • • Monitor service performance
  • • Identify and fix technical issues
  • • Develop new features
  • • Ensure security and fraud prevention

⚠️ What We DON'T Do

  • • We never sell your personal data to third parties
  • • We don't use your data for advertising purposes
  • • We don't share your project data with other users
  • • We don't train AI models on your private data

4. Data Location and Security

🇪🇺 EU-Only Data Residency

All your data is stored and processed exclusively within the European Union:

  • Primary Servers: Luxembourg and Germany (AWS EU regions)
  • Backup Storage: Multiple EU locations for redundancy
  • Data Processing: All processing occurs within EU borders
  • No Data Transfers: Your data never leaves the EU

Security Measures

Encryption

  • • TLS 1.3 for data in transit
  • • AES-256 for data at rest
  • • End-to-end encryption for sensitive data

Access Control

  • • Multi-factor authentication
  • • Role-based access control
  • • Regular access audits

5. Your Rights Under GDPR

Data Subject Rights

  • Right to Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Delete your data ("right to be forgotten")
  • Right to Portability: Export your data
  • Right to Restriction: Limit processing of your data
  • Right to Object: Object to data processing

How to Exercise Your Rights

To exercise any of your rights, contact us at:

  • Email: privacy@yet.rest
  • Response Time: Within 30 days
  • Cost: Free of charge
  • ID Verification: May be required

6. Data Retention

Account Data

Retention Period: While your account is active + 12 months after deletion

Reason: Legal obligations, dispute resolution, and service improvement

Project Data

Retention Period: While project is active + 90 days after deletion

Reason: Recovery options and accidental deletion protection

Analytics Data

Retention Period: 24 months (anonymized after 6 months)

Reason: Service improvement and performance monitoring

7. Third-Party Services

Infrastructure Partners (EU-Based)

  • AWS Europe: Cloud hosting (Luxembourg, Germany)
  • Data Processing Agreements: All partners have signed DPAs
  • GDPR Compliance: All partners are GDPR-compliant

Analytics and Monitoring

  • Google Analytics: Website usage (anonymized)
  • Error Tracking: Service reliability monitoring
  • Performance Metrics: Service optimization

8. Contact and Complaints

Contact Us

  • Privacy Questions: privacy@yet.rest
  • Data Protection Officer: dpo@yet.rest
  • General Support: hello@yet.rest
  • Postal Address:
    Yet Technologies S.à r.l.
    15 Avenue Dr Klein
    5630 Mondorf-les-Bains
    Luxembourg

File a Complaint

If you're not satisfied with our response, you can file a complaint with:

  • Luxembourg DPA:
    Commission Nationale pour la Protection des Données (CNPD)
  • Website: cnpd.public.lu
  • Your Local DPA: Any EU data protection authority

9. Updates to This Policy

We may update this privacy policy from time to time. When we do:

  • • We'll notify you by email if the changes are significant
  • • We'll update the "Last Updated" date at the top of this page
  • • We'll maintain a changelog of major updates
  • • The updated policy will be effective immediately upon posting

This privacy policy was last updated on July 8, 2025

← Return to Yet.Rest