You have the right to access your data, correct it, and request its deletion. You also have the right to object to the processing of your personal data or to request restriction of processing.
Using WebhookApp does not require registration or providing personal data. The service operates based on browser sessions and stores data temporarily. We do not make individual decisions based solely on automated processing (profiling) that would produce legal effects or similarly significantly affect you.
Our domain has an SSL certificate, which means your data is encrypted.
Below you will find all the key information related to data processing in our Service.
Definitions
-
Controller — BitApp, Tax ID (NIP): 7792282241, ul. Gerberowa 41, 60-175 Poznan, Poland.
-
Cookies — small pieces of data, especially text files, stored on the User's device through which they access the Service.
-
Service/WebhookApp — the Controller's web application that allows Users to generate temporary URLs for capturing and analyzing HTTP requests (webhooks).
-
User — a natural person using the Service.
-
Webhook — an HTTP request sent by an external service to a URL generated by the Service for analysis and debugging purposes.
Who is the data controller?
The controller of the website and data is:
BitApp ul. Gerberowa 41, 60-175 Poznan, Poland Tax ID (NIP): 7792282241 REGON: 363080644
Contact details: Email: info@bitapp.pl
What is the legal basis for data processing?
Data is collected and processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation - GDPR).
What data do we process?
WebhookApp is a service that does not require registration. We only process technical data necessary for the service to function:
Session data:
- Browser session identifier
- Generated webhook URLs assigned to the session
Captured webhook data:
- HTTP request headers
- Request body
- Query string parameters
- HTTP method (GET, POST, PUT, DELETE, etc.)
- IP address of the request sender
- Date and time of the request
Technical and analytical data:
- User's IP address
- Browser and operating system information
- Time spent on the Service and pages visited
Important: Captured webhook data is stored temporarily and automatically deleted when the session expires or after a specified time (TTL). The User decides what data to send to the generated webhook URL.
For what purposes do we process data?
We process data to the extent necessary for the operation of our Service:
Service provision
Legal basis: Article 6(1)(b) GDPR
We process data necessary to:
- Generate unique webhook URLs
- Capture and display incoming HTTP requests
- Enable webhook analysis and debugging
Analytics and statistics
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the controller)
We process data for:
- Analyzing how the Service is used
- Improving the quality of services provided
- Optimizing Service performance
Security
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the controller)
We process data to protect the Service from abuse and ensure its proper functioning.
How long do we store data?
| Data category | Retention period |
|---|---|
| Session data | Until browser session ends or session expires |
| Captured webhook data | Automatically deleted when session TTL expires |
| Analytics data | 14 months (Google Analytics) |
| Server logs | 30 days |
Who do we share data with?
We share data with other entities only to the extent necessary for service provision:
Entities processing data on our behalf:
| Entity | Purpose | Location |
|---|---|---|
| Google Cloud Platform | Application hosting (App Engine) | EU (Netherlands) |
| Redis Labs / Upstash | Temporary data storage | EU |
| Google Ireland Limited | Analytics (Google Analytics) | Ireland/USA* |
*In case of data transfer to the USA, it is carried out based on Standard Contractual Clauses or the Data Privacy Framework.
Other entities:
- Government authorities (based on legal requirements)
Is data transferred to third countries?
Some data processing operations may involve transferring data to third countries (USA) in connection with the use of Google Analytics.
The provider of this tool ensures an adequate level of personal data protection through:
- Participation in the Data Privacy Framework
- Application of Standard Contractual Clauses approved by the European Commission
What are your rights regarding data processing?
You have the right to:
- Access your data — you can obtain information about processed data
- Rectify data — you can correct inaccurate data
- Erase data — you can request data deletion ("right to be forgotten")
- Restrict processing — you can request restriction of processing in certain situations
- Object — you can object to processing based on legitimate interest
- Lodge a complaint — you can file a complaint with a supervisory authority
How to exercise your rights?
Data deletion: Captured webhook data is automatically deleted when the session expires. You can also clear session data by clearing your browser cookies or closing the browser window.
Other requests: Contact us at: info@bitapp.pl
We will respond to your request within one month of receipt. In exceptional cases, this period may be extended by an additional two months, of which you will be informed.
Cookie Policy
Cookies are small text files that allow identification of the software used, customization of content to user needs, and ensure proper functioning of the Service.
Types of cookies
| Type | Description | Retention period |
|---|---|---|
| Essential | Required for Service operation (session identifier) | Until session ends |
| Analytics | Used for traffic and user behavior analysis | Up to 14 months |
Legal basis for cookies
- Essential cookies — used based on legitimate interest (ensuring Service operation)
- Analytics cookies — used based on user consent
How to manage cookies?
You can manage cookies through your browser settings. Every browser allows blocking or deleting cookies.
Disabling essential cookies may prevent proper functioning of the Service (e.g., loss of association with generated webhook URLs).
Third-party tools
Google Analytics
We use Google Analytics provided by Google Ireland Limited for analytics and statistics purposes.
Data collected:
- Website traffic information
- Pages visited
- Time spent on the Service
- Traffic source
- Device and browser type
Anonymization: We have enabled IP address anonymization, so full IP addresses are not stored.
More information: Google Privacy Policy
Google Cloud Platform
The Service is hosted on Google Cloud Platform (App Engine). Servers are located in the European Union (Netherlands).
More information: Google Cloud Privacy Notice
Server logs
Visiting and using the website involves sending requests to the server, which are recorded in server logs. These contain:
- User's IP address
- Date and time of the request
- Browser and operating system information
Logs are stored for 30 days and are used solely for Service administration and security purposes. They are not used to identify specific users.
Data security
We apply the following data protection measures:
- Connection encryption (SSL/TLS)
- Automatic data deletion after TTL expiration
- Data isolation between user sessions
- Hosting in certified data centers (Google Cloud)
Responsibility for webhook content
The User is responsible for the content of data sent to generated webhook URLs. The Controller is not responsible for the content of captured HTTP requests. Users should not send sensitive, confidential, or third-party personal data to the Service without appropriate consent.
Changes to Privacy Policy
We reserve the right to make changes to this Privacy Policy. Users will be notified of significant changes through a message in the Service.
The date of the last update is visible at the beginning of this document.
Contact
For matters related to data protection, please contact:
BitApp Email: info@bitapp.pl Address: ul. Gerberowa 41, 60-175 Poznan, Poland