Skip to main content
M
MergeMySheets

Privacy Policy

Last updated: March 21, 2026

1. Introduction

Tillman Konsult AB ("we," "our," or "us") operates MergeMySheets (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name (if provided), and authentication credentials
  • Payment Information: Processed securely through Stripe. We do not store credit card details on our servers.
  • File Data: Excel/CSV files you upload for processing. Files are automatically deleted after 24 hours unless you have an active subscription.
  • Waitlist/Demo Information: Email, industry, use case, country, company size, and marketing consent preferences
  • Feedback: Survey responses and feedback you voluntarily provide

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, merge operations performed, and template usage
  • Technical Data: IP address (anonymized), browser type, device information, and timestamps
  • Cookies: See our Cookie Policy for details

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, maintain, and improve our Service
  • To process your transactions and manage subscriptions
  • To send you service-related communications (e.g., demo codes, feedback requests)
  • To respond to your inquiries and provide customer support
  • To analyze usage patterns and improve user experience
  • To detect, prevent, and address technical issues and security threats
  • To comply with legal obligations
  • To send marketing communications (only with your explicit consent, which you can withdraw at any time)

4. Data Processing and Storage

4.1 Data Location

Your data is processed and stored within the European Union (EU). We use Supabase (hosted in the EU) for database and file storage, ensuring GDPR compliance.

4.2 Data Retention

  • Uploaded Files: Automatically deleted after 24 hours for free users. Pro and Business subscribers may retain files longer based on their plan.
  • Account Data: Retained while your account is active. You may request deletion at any time.
  • Usage Logs: Retained for 12 months for analytics and troubleshooting purposes.
  • Waitlist Data: Retained until you request deletion or unsubscribe from marketing communications.

4.3 Data Security

We implement industry-standard security measures, including encryption in transit (HTTPS) and at rest, secure authentication, and regular security audits. However, no method of transmission over the Internet is 100% secure.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party services (Supabase, Stripe, Resend) that help us operate our Service, subject to strict data processing agreements
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: When you explicitly authorize us to share your information

6. Your Rights (GDPR)

If you are located in the EU/EEA, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your data for marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@mergemysheets.com. We will respond within 30 days.

7. Cookies and Tracking

We use cookies and similar tracking technologies. For detailed information, please see our Cookie Policy.

8. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Tillman Konsult AB

Email: privacy@mergemysheets.com

Data Protection Officer: Stefan Tillman