← Back to home

Privacy Policy

Last updated: April 27, 2026

1. Introduction

This Privacy Policy explains how Solvery ("we", "us") processes personal data when you use solvery.online (the "Service"). We comply with the EU General Data Protection Regulation (GDPR) and applicable local laws.

2. Data We Collect

  • Account data: email address, authentication identifiers, password hash (or OAuth identifier).
  • User content: problems, prompts, decision trees, chat messages, journal entries you submit.
  • Usage data: pages visited, features used, device type, approximate location (country), referrer.
  • Billing data: processed by our payment provider (Stripe). We never store your card number.
  • Communication data: messages you send us by email.

3. Purposes and Legal Bases

  • Providing the Service and your account — performance of a contract (Art. 6(1)(b) GDPR).
  • Billing and tax compliance — legal obligation (Art. 6(1)(c)).
  • Security, fraud prevention, product improvement — legitimate interest (Art. 6(1)(f)).
  • Analytics and marketing cookies — your consent (Art. 6(1)(a)).
  • Daily digest emails (when enabled) — performance of a contract / consent.

4. AI Processing

When you submit a problem, your prompt is sent to third-party AI providers (e.g. Google, OpenAI) via our backend in order to generate a response. We do not use your content to train third-party models, and we configure the providers to minimize retention where available. Do not submit special-category data (e.g. health, ID numbers) you would not want processed by an AI.

5. Sub-processors

We rely on the following categories of sub-processors:

  • Hosting and database (EU/US): our cloud backend provider.
  • Authentication and OAuth providers (Google).
  • Payments: Stripe.
  • Email delivery: transactional email provider.
  • AI model providers: Google Gemini, OpenAI.
  • Analytics: Google Analytics (only with your consent).

6. International Transfers

Some sub-processors are located outside the EEA. In such cases transfers are protected by Standard Contractual Clauses or equivalent safeguards.

7. Retention

  • Account and user content: kept while your account is active and up to 30 days after deletion.
  • Billing records: kept for 5 years to meet tax obligations.
  • Server logs: up to 90 days.
  • Analytics data: up to 14 months.

8. Your Rights (GDPR)

You have the right to:

  • access your data and request a copy;
  • correct inaccurate data;
  • delete your data ("right to be forgotten");
  • restrict or object to processing;
  • data portability;
  • withdraw consent at any time;
  • lodge a complaint with your local data-protection authority.

To exercise any of these rights, email soon.

9. Security

We use industry-standard technical and organizational measures including encryption in transit (HTTPS), encryption at rest, hashed passwords, role-based access control, and Row-Level Security in our database.

10. Cookies

Details about cookies are described in our Cookie Policy. You can change your choices at any time via the "Cookie settings" link in the footer.

11. Children

The Service is not directed at children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes

We may update this Privacy Policy. The latest version will always be available at this URL with an updated "Last updated" date.

13. Contact

For privacy-related questions, contact soon.