Last updated: March 26, 2026.
SAKA Kitchens (sakakuhinje.rs) is the controller of your personal data. Location: Belgrade, Serbia. Contact: [email protected]. We are committed to protecting your privacy in accordance with the Serbian Personal Data Protection Act and GDPR principles.
We collect the following data: account information (name, email, hashed password) when you register; usage data (pages visited, referrer, user agent, anonymized IP location) for analytics; kitchen designs you create in the planner; payment data (processed by Stripe — we do not store your card details); and contact form submissions (name, email, message).
We use your data to: provide and improve the 3D planner and AI features; process payments and manage credits; send order confirmations and service-related notifications; analyze site usage to improve user experience; and respond to your inquiries via the contact form.
We use essential technical cookies required for the site to function (authentication, language preferences). Analytics cookies (Google Analytics) are only used with your explicit consent via the cookie banner. You can change your cookie preferences at any time. Our internal analytics collects anonymized traffic data without cookies.
We do not sell your personal data. We share data only with: Stripe (payment processing), Supabase (database and file storage), Vercel (hosting), and Google Analytics (anonymized analytics, only with your consent). All providers comply with GDPR or equivalent standards.
We retain account data while your account is active. Analytics data is retained in aggregate form for up to 24 months. Kitchen designs are stored until you delete your account. Payment data is retained by Stripe according to their privacy policy.
You have the right to: access your personal data; rectify inaccurate data; erase your data ("right to be forgotten"); restrict processing; data portability; and object to processing. To exercise these rights, contact us at [email protected]. We respond within 30 days.
We implement technical and organizational measures to protect your data, including: HTTPS encryption across the entire site; password hashing (bcrypt); API rate limiting; secure HTTP headers (CSP, HSTS, X-Frame-Options); and regular security audits.
Our platform is not intended for children under 16 years of age. We do not knowingly collect data from children. If we learn that we have collected data from a child, we will promptly delete it.
We may update this privacy policy from time to time. We will notify you of significant changes via the website. For any privacy-related questions, contact us at [email protected].