easybits GmbH — Terms of Service & Privacy Policy

Effective Date: 07.10.2025
Contact Email: support@easybits.tech

1. Introduction & Scope

These Terms of Service (“Terms”) govern your use of the easybits self-service application and related services (“Service”).

By creating an account or using the Service, you agree to these Terms and our Privacy Policy.

easybits GmbH (“easybits”, “we”, “us”, “our”) operates the Service to automate workflows and enable document processing through AI and third-party integrations.

2. Definitions

  • Customer / User: The individual or entity accessing or using the Service.
  • Account: Your registered access credentials to the easybits Service.
  • Documents: Files or content uploaded or processed within the Service.
  • Extracted Data: Information derived from your Documents using automated or AI-based methods.
  • Service: The easybits self-service app, APIs, and related tools.
  • Processor / Controller: As defined under the GDPR.
  • AI Component: Any automated or machine-learning-based processing, including third-party AI models such as Google Gemini and open-source frameworks like Gwen.

3. Use of Service & License

easybits grants you a limited, non-exclusive, non-transferable license to use the Service for lawful business or personal purposes.

Free & Paid Tiers:

  • Free users have limited usage and storage quotas.
  • Paid subscriptions or usage-based billing may apply for advanced functionality.

Restrictions:
You may not:

  • Reverse-engineer, copy, or resell the Service.
  • Use the Service for unlawful, harmful, or discriminatory purposes.
  • Attempt to interfere with the Service’s operation or security.

You are responsible for maintaining the confidentiality of your login credentials.

4. Data, Processing & Storage

  • Data is processed and stored in secure AWS data centers in Frankfurt (Germany).
  • easybits does not permanently store personal or document data beyond the duration required to provide the Service.
  • Logs and metadata may be retained for troubleshooting and analytics, in anonymized form.

5. Privacy — What We Collect & Use

Data Categories

We collect:

  • Account data (name, email)
  • Payment data (for paid plans)
  • Usage logs (device, IP, timestamps)
  • Uploaded content (documents, structured text, metadata)

Legal Basis

Processing is based on Art. 6 (1)(b) GDPR, performance of a contract.

Purposes

  • To provide and improve the Service
  • To secure and monitor platform performance
  • To process payments and detect misuse

Retention

Inactive accounts are anonymized or deleted after one year.

6. AI & Extraction Disclaimer

AI-generated outputs, including text and data extractions, may contain inaccuracies. Users are solely responsible for verifying and validating results before relying on them. easybits disclaims all liability for damage or loss arising from AI-generated content or interpretations.

7. Warranties, Liability & Indemnification

The Service is provided “as is” without warranties of accuracy, fitness for purpose, or non-infringement. To the fullest extent permitted by law, easybits is not liable for indirect, incidental, or consequential damages. You agree to indemnify and hold harmless easybits GmbH from any claims arising from your misuse of the Service or violation of these Terms. The Service is provided “as is” without warranties of accuracy, fitness for purpose, or non-infringement. To the fullest extent permitted by law, easybits is not liable for indirect, incidental, or consequential damages. You agree to indemnify and hold harmless easybits GmbH from any claims arising from your misuse of the Service or violation of these Terms.

8. Term, Suspension & Termination

easybits may suspend or terminate access if you breach these Terms or misuse the Service. Upon termination, your data will be deleted in accordance with GDPR requirements and our retention policy.

9. International Users & Transfers

While easybits hosts all data within the EU, some subprocessors may process data outside the EU under approved safeguards (e.g., EU Commission Standard Contractual Clauses (SCCs)).

Third-party service providers may include:

  • Google (Gemini, Analytics, YouTube)
  • Hugging Face
  • Redis Labs, Sentry, Intercom, New Relic
  • Slack, Telegram, Leadfeeder, LogRocket, Mailjet, LinkedIn, Meta/Facebook, Twitter
  • Open-source AI frameworks such as Gwen

easybits ensures all processors adhere to GDPR-compliant agreements and technical security standards.

10. Children’s Data

The Service is not directed at persons under 16 years of age. We do not knowingly collect, process, or store personal data from children under 16. If we become aware that such data has been provided, it will be deleted without delay.

11. Security Measures

We implement technical and organizational security measures in accordance with Art. 32 GDPR to protect personal data against unauthorized access, loss, alteration, or destruction.

These include:

  • Encryption in transit and at rest (TLS 128-bit)
  • Strict access control and role-based permissions
  • Regular backups and system monitoring
  • Anonymization and pseudonymization where applicable
  • Periodic audits of subprocessors and internal systems

All employees and contractors are bound by confidentiality obligations.

12. Cookies

We use essential, analytics, and marketing cookies. You can manage preferences in your browser or via the Cookie Settings link. For details, see Section 11a of our Privacy Policy.

13. Governing Law & Disputes

These Terms are governed by German law. Jurisdiction lies with the courts of Berlin, Germany.

14. Changes to Terms & Notice

We may update these Terms and our Privacy Policy as laws or service features evolve. Users will be notified of material changes via email or in-app notice. Continued use after notice constitutes acceptance.

15. Miscellaneous

If any provision is found invalid, the remainder remains enforceable. Neither party is liable for delays caused by events beyond their reasonable control (force majeure).

16. Data Processing Addendum (DPA)

When acting as a Processor on behalf of a Controller, easybits agrees to:

  • Process personal data solely under written instructions.
  • Maintain confidentiality and implement security per Art. 32 GDPR.
  • Use subprocessors only under written agreements ensuring equivalent protections.
  • Assist the Controller in fulfilling data subject rights.
  • Delete or return personal data upon termination.

A list of subprocessors and security measures is available upon request at support@easybits.tech.

17. Contact & Data Controller

easybits GmbH
Choriner Str. 83
10119 Berlin, Germany
Managing Director: Terence Hielscher
Phone: +49 (0)30 27596400
Email: support@easybits.tech
Website: www.easybits.tech

Data Protection Officer:
Bernd Schulz
F1 Gesellschaft für Informationstechnologien und Managementberatung mbH
Mädewalder Weg 2, 12621 Berlin
Email: Datenschutz@f1-gmbh.de

Supervisory Authority:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219, 10969 Berlin
Email: mailbox@datenschutz-berlin.de

18. Version & Updates

Version 1.0 — Effective 07.10.2025
Future updates will be published on easybits.tech/terms.