Last Updated: December 30, 2025
Effective Date: December 30, 2025
Infoterra LLP ("we," "us," "our," or the "Company") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use GraphFolio, our data analytics subscription platform (the "Service").
This Privacy Policy applies to all users of our Service and should be read in conjunction with our Terms of Service, Cookie Policy, and Refund Policy.
By using our Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.
We are committed to full compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
The data controller responsible for your personal information is:
Company Name: Infoterra LLP
Registered Address: Building 6, E 248 Street, Esil District, 010000 Astana, Kazakhstan
Tax ID (BIN): 230240009770
Email: info@graphfolio.com
For all privacy-related questions, concerns, or requests to exercise your data protection rights, please contact us at info@graphfolio.com.
We collect several types of information to provide and improve our Service.
When you register for an account, we collect:
To ensure security and prevent fraud, we automatically collect:
We collect information about how you interact with our Service:
Payment processing is handled entirely by our payment processor, 2Checkout (Verifone), who acts as Merchant of Record. We do NOT store payment card information (credit card numbers, CVV codes, or expiration dates) on our servers.
We receive from 2Checkout only:
All sensitive payment information is securely stored and processed by 2Checkout in accordance with Payment Card Industry Data Security Standards (PCI DSS).
If you contact us via email, we collect:
We use the collected information for the following purposes:
We send transactional emails only (no marketing communications):
We do NOT send marketing, promotional, or newsletter emails.
Under GDPR, we process your personal data based on the following legal grounds:
Processing necessary to fulfill our contract with you (Terms of Service):
Processing required to comply with legal obligations:
Processing necessary for our legitimate business interests:
Processing based on your explicit consent:
You have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
We use cookies and similar tracking technologies to enhance your experience and secure our Service. For detailed information about the cookies we use, please refer to our separate Cookie Policy.
Strictly Necessary Cookies (always active):
Analytics Cookies (requires your consent):
Upon your first visit, you will see a GDPR-compliant cookie consent banner where you can:
You can change your cookie preferences at any time through our cookie settings or your browser settings.
We work with carefully selected third-party service providers to operate our platform. Each processes personal data only as necessary to provide their specific service.
Purpose: Payment processing and invoicing (acts as Merchant of Record)
Data Shared: Name, email, billing address, payment information
Location: Global infrastructure with data centers in multiple jurisdictions
Privacy Policy: https://www.2checkout.com/legal/privacy/
2Checkout processes all payment transactions and stores payment card information securely in compliance with PCI DSS standards. We do not have access to or store your full payment card details.
Purpose: Website analytics and usage statistics (requires opt-in consent)
Data Shared: Anonymized usage data, pages visited, session duration
Location: United States (with EU data processing agreements)
Privacy Policy: https://policies.google.com/privacy
Google Analytics is only activated if you consent via our cookie banner. You can opt out at any time through cookie settings.
Purpose: Fraud prevention, bot detection, protection against automated abuse
Data Shared: IP address, browser information, device data, user interaction data
Location: United States (with EU data processing agreements)
Privacy Policy: https://policies.google.com/privacy
reCAPTCHA is essential for platform security and cannot be disabled.
Purpose: Server hosting and data storage
Data Shared: All account and usage data stored on platform
Location: Netherlands (EU jurisdiction)
Privacy Policy: https://www.scalahosting.com/legal/privacy-policy/
All your data is stored on secure servers located in the Netherlands, within the European Union, providing strong data protection under EU law.
All third-party service providers process data on our behalf under strict data processing agreements that comply with GDPR requirements, including appropriate technical and organizational security measures.
All user data is stored in the Netherlands (EU jurisdiction) through our hosting provider, Scalahosting. This ensures your data benefits from the strong data protection standards of European Union law.
We implement industry-standard security measures to protect your personal information:
While we implement robust security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but continuously work to protect your data using industry best practices.
We retain your personal information for as long as your account remains active and is necessary to provide you with our Service.
When you delete your account via your user dashboard:
We may retain certain data longer if required by law, such as:
In such cases, data is securely archived with restricted access until the retention requirement expires.
We do NOT send marketing or promotional emails. All communications from us are strictly transactional and directly related to your use of the Service:
You will never receive newsletters, promotional offers, or marketing materials from us.
As a data subject under GDPR, you have the following rights regarding your personal data:
You have the right to obtain confirmation of whether we process your personal data and to access that data. You can export your personal data from your account dashboard.
How to exercise: Log in to your account and navigate to "Export Data" or contact us at info@graphfolio.com.
You have the right to correct inaccurate or incomplete personal data.
How to exercise: Update your information directly in your account settings or contact us at info@graphfolio.com.
You have the right to request deletion of your personal data.
How to exercise: Delete your account via your user dashboard. Your data will be permanently deleted after a 30-day retention period.
You have the right to request restriction of processing in certain circumstances.
How to exercise: Contact us at info@graphfolio.com with your request and justification.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
How to exercise: Use the "Export Data" function in your account dashboard or contact us at info@graphfolio.com.
You have the right to object to processing based on legitimate interests.
How to exercise: Contact us at info@graphfolio.com to object to specific processing activities.
Where processing is based on consent (e.g., Google Analytics), you have the right to withdraw consent at any time.
How to exercise: Adjust your cookie preferences in cookie settings or contact us at info@graphfolio.com.
You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.
We will respond to your requests within one month of receipt. In complex cases, we may extend this period by two additional months and will inform you of the delay.
Your personal data is primarily stored within the European Union (Netherlands), ensuring it benefits from strong EU data protection laws.
Some third-party services (Google Analytics, Google reCAPTCHA, 2Checkout) may process data outside the EU. In such cases:
By using our Service, you consent to the transfer of your data to these third-party services under the safeguards described above.
Our Service is not intended for individuals under 18 years of age or the age of majority in their jurisdiction (whichever is greater). We do not knowingly collect personal information from minors.
If you are a parent or legal guardian and believe your child has provided us with personal information without your consent, please contact us immediately at info@graphfolio.com. We will promptly delete such information from our systems.
We do not have processes to verify the age of users. We rely on users to comply with our age restrictions as stated in our Terms of Service.
We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, legal requirements, or service features. The type of notification depends on the nature of the changes:
Minor updates include corrections, clarifications, formatting improvements, and contact information changes. These updates:
Material changes include modifications to the types of data we collect, new third-party services, changes to data retention periods, changes to your rights, new data processing purposes, or other significant changes to how we handle your personal information. For material changes:
Under GDPR and applicable data protection laws, when we make material changes:
Your continued use of the Service after the effective date of changes constitutes acceptance of the updated Privacy Policy, except where renewed consent is legally required.
If you do not agree with material changes, you should:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Company Name: Infoterra LLP
Email: info@graphfolio.com
Registered Address: Building 6, E 248 Street, Esil District, 010000 Astana, Kazakhstan
Tax ID (BIN): 230240009770
For privacy-related inquiries: info@graphfolio.com
We will respond to your inquiry within a reasonable timeframe, typically within one month.
By using our Service, you acknowledge that you have read, understood, and agree to this Privacy Policy.