Measure Apps

Privacy Policy

Last Updated: June 1, 2026

1. Who We Are

This website is operated by Michal Nováček, trading as Measure Apps (measure-apps.com). If you have any questions about this policy, contact us at michal@measure-apps.com.

2. What Data We Collect

We collect only the data necessary to provide our services:

  • Purchase data — name, email address, and billing information when you buy a course. Payment processing is handled by Stripe and we do not store your card details.
  • Usage data — pages visited and general interaction data collected via Macaly (see section 4).
  • Communication data — email address and message content when you contact us directly.
  • Account integrity data — technical device and browser signals (such as browser fingerprint, IP address, and device characteristics) collected to detect unauthorised account sharing and enforce single-user licence terms. This data is processed via FingerprintJS and is not used for any other purpose.

3. How We Use Your Data

  • To deliver course content you have purchased and send order confirmations.
  • To respond to your inquiries and provide customer support.
  • To improve the website and understand how visitors use it.
  • To comply with legal obligations.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — payment processing. See Stripe's Privacy Policy at stripe.com/privacy.
  • Macaly — website analytics. Macaly does not use cookies, localStorage, or any persistent identifiers in your browser. Visitor deduplication is handled server-side using a short-lived hash that resets hourly. No personal data is stored. See Macaly's privacy documentation at macaly.io.
  • Podia — course platform and payment processing. When you purchase a course, your data is also processed by Podia under their own Privacy Policy at podia.com/privacy.
  • FingerprintJS — device identification for licence enforcement. Technical browser and device signals are processed to detect unauthorised account sharing. Data is not used for advertising or tracking. See fingerprint.com/privacy-policy.

5. Cookies

We do not use analytics cookies. Macaly, our analytics provider, operates without placing any cookies or persistent identifiers in your browser.

We use only a functional session cookie required for course platform login via courses.measure-apps.com. This cookie is essential for the service to work and does not require consent under GDPR.

6. Data Retention

We retain your purchase data for as long as required by applicable law (typically 10 years for accounting purposes under Czech law). Analytics data is retained for 14 months. You may request deletion of your personal data at any time by contacting us.

7. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data (“right to be forgotten”).
  • Request restriction of processing of your data.
  • Object to processing carried out on the basis of legitimate interest.

To exercise any of these rights, contact us at michal@measure-apps.com. We respond within 30 days.

You also have the right to lodge a complaint with the Czech data protection authority (ÚOOÚ) at uoou.cz.

8. Account Integrity & License Enforcement

What we collect and why

To detect account sharing, we collect the following technical data when you access your course:

  • IP address
  • Browser type and version
  • Operating system and device type
  • Screen size, timezone, and language settings

From this data we generate a hashed Device ID. We do not collect canvas fingerprints, audio fingerprints, or any biometric data. This data is used exclusively for license enforcement — never for advertising, marketing, or analytics.

Legal basis

This processing is based on legitimate interest (Art. 6(1)(f) GDPR). Enforcing single-user licensing is a real and proportionate business interest. We collect the minimum data necessary, hash it, use it for a single purpose, and disclose it to you upfront. If you believe your account has been flagged in error, you can object at any time — see Your Rights above.

Retention

Device IDs are retained for the duration of your active account plus 90 days, then automatically deleted.

9. Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated date. Continued use of the site after changes constitutes acceptance of the updated policy.