Legal & Privacy
Last updated: 23 May 2026. EU Reporting is operated by Fontaine Farm SRL (operator: Daniel Matthews-Ferrero), registered at Rue Duquesnoy 8, 1000 Bruxelles, Belgique. Belgian VAT/TVA: BE 1004.190.223. General contact: daniel@garden-stack.com.
1. Who we are
EU Reporting ("we", "us") provides an automated platform that generates compliant reports for EU grant-funded projects and programmes. The data controller is Fontaine Farm SRL, Rue Duquesnoy 8, 1000 Bruxelles, Belgique (Belgian VAT BE 1004.190.223). General contact: daniel@garden-stack.com. Privacy enquiries: privacy@eureporting.com.
2. What we process
- Account data — your email address and a hashed password, used to authenticate you and provide the service.
- Documents you upload — grant project files you submit for report generation. These are processed solely to produce your report and are not used for any other purpose.
- Billing data — handled by our payment processor (Stripe). We do not store card numbers.
- Analytics — aggregate, cookieless usage statistics only (see our Cookie Policy). No advertising or cross-site tracking.
3. Where data is processed
Document processing and storage take place on infrastructure located in the European Union. Sub-processors include Microsoft Azure (document intelligence and storage, EU region), Neon (database), Stripe (payments), Plunk (transactional email), Cloudflare Turnstile (bot protection) and Vercel (hosting). Each acts under a data-processing agreement.
4. Retention
Uploaded documents and generated reports are automatically deleted after a retention window that depends on your plan: Free 7 days, Pro 30 days, Max 90 days, Ultra 365 days. Account data is kept while your account is active and deleted on request or after account closure.
5. Your rights
Under the GDPR you may request access to, correction of, or erasure of your personal data, restrict or object to processing, and request data portability. To exercise these rights, contact privacy@eureporting.com. You may also lodge a complaint with the Spanish supervisory authority (Agencia Española de Protección de Datos, APD-GBA (Belgian DPA)) or with the supervisory authority of your EU member state of residence.
6. Security
Data is encrypted in transit. Access to uploaded documents is restricted to the authenticated account that submitted them. We apply bot protection and rate limiting to authentication and processing endpoints.
7. Governing law
These terms are governed by the laws of Belgium, without prejudice to any mandatory consumer-protection rights you may have under the laws of your EU member state of residence. The competent supervisory authority for data protection is the Autorité de protection des données (APD-GBA), Belgium — contact@apd-gba.be.
8. Changes
We will update this page when our processing changes and revise the "last updated" date above.