Privacy Policy
1. Controller
Data is processed by [LEGAL NAME] ([TAX ID]). Privacy contact / DPO: [email].
2. Data we collect
| Data | Purpose |
|---|---|
| Email and account identifier (via Firebase Authentication) | Create and authenticate your account |
| Plan and usage count | Enforce limits and billing |
| Payment data (processed by Stripe) | Pro plan subscription |
| Messages, images and documents you send to the chat | Generate the requested response |
PDF/image processing happens in your browser; the text sent to the model is transmitted to the AI provider only to generate the response.
3. Legal bases
We process your data to perform the contract (providing the service), comply with legal/regulatory obligations, and for legitimate interests (security and improvement).
4. Who we share with
- AI providers (e.g. Anthropic, OpenAI, Google, OpenRouter) — receive your message content to generate the response, under their own policies.
- Firebase/Google — authentication and database.
- Stripe — payment processing.
- Railway/Netlify — hosting.
We don't sell your data. Some providers may be located abroad (international transfer, with safeguards).
5. Retention
Your conversation history stays in your browser (localStorage). Account and usage data are kept while the account exists and for the applicable legal period. You may request deletion.
6. Your rights
You may confirm the existence of processing, access, correct, port, anonymize and request deletion of your data, and withdraw consent — via [email].
7. Security
Keys and secrets stay on the server; model access is authenticated per account. We take reasonable technical measures, but no system is 100% secure.
8. Minors
The Service is not intended for people under 18 without guardian consent.
9. Changes
We may update this Policy; relevant changes will be announced in the Service.
See also the Terms of Use.