f Ruby — Privacy Policy
Ruby
Legal

Privacy Policy

Last updated: July 7, 2026

Ruby ("we," "us," "our"), operated by Teodor Todorov Hristov, an individual based in Plovdiv, Bulgaria, respects your privacy. This policy explains what personal data we collect, why, how we use it, and your rights. It applies to our website rubyaudit.com, our discovery and review calls, and our audit services.

1. Who we are

The data controller responsible for your personal data is Teodor Todorov Hristov, operating as Ruby, Plovdiv, Bulgaria. For any privacy question, contact us at teodor@rubyaudit.com.

2. What data we collect

Information you give us directly: your name, phone number, email address, business name, and any details you share about your business, tools, and workflows during the discovery call.

Call recordings and transcripts: our discovery and review calls are recorded and transcribed so we can analyze your business and produce your audit.

Payment information: when you pay, our payment processor (Stripe) collects your payment details. We do not store or have access to your full card details.

Website and technical data: basic technical data such as IP address, browser type, and pages visited, collected by our hosting and any analytics we use.

3. Why we use your data and our legal basis

What we use it forLegal basis (GDPR)
Calling you for the discovery / review callConsent + steps to enter a contract
Recording & transcribing calls to build your auditConsent + legitimate interest
Producing and delivering your auditPerformance of a contract
Processing your paymentPerformance of a contract
Sending you service emailsPerformance of a contract
Improving our services and securityLegitimate interests
Meeting legal / accounting obligationsLegal obligation

We rely on your consent for recording calls and for receiving an automated call. You may withdraw consent at any time (see Section 8).

4. Who we share your data with

We share data only with service providers who help us run the business, under appropriate agreements: Stripe (payments), Retell AI (the voice agent that conducts the call), Google (email, file storage and sharing, scheduling), Calendly (scheduling), Netlify (website hosting), and Anthropic / Claude (analyzing the transcript to produce your audit). We do not sell your personal data to anyone.

5. International data transfers

Some of our service providers are located outside the EU/EEA (for example, in the United States). Where data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses and/or adequacy mechanisms.

6. How long we keep your data

7. How we protect your data

We use reasonable technical and organizational measures to protect your data, and we work only with reputable processors who maintain their own security standards. No method of transmission or storage is 100% secure, but we take protection seriously.

8. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, or object to the processing of your data, the right to data portability, the right to withdraw consent at any time, and the right to lodge a complaint with a supervisory authority — in Bulgaria, the Commission for Personal Data Protection (CPDP / КЗЛД, cpdp.bg), or the authority in your own country. To exercise any of these, email teodor@rubyaudit.com. We will respond within the timeframe required by law.

9. Cookies and tracking

Our website uses only the cookies and technologies necessary to function, plus the Meta Pixel to measure the effectiveness of our advertising. You can control advertising cookies through your browser settings.

10. Children

Our services are intended for businesses and adults. We do not knowingly collect data from children under 16.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date above reflects the most recent version.

12. Contact

Questions about this policy or your data: teodor@rubyaudit.com — Teodor Todorov Hristov, operating as Ruby, Plovdiv, Bulgaria.