Privacy Policy

1. Data Controller and Contact Information

2. Age Requirements and Eligibility

Our SaaS platform is intended for business and professional users aged 18 and older. By subscribing to Aquariusly, you confirm that you are at least 18 years old and have the authority to enter into this agreement on behalf of your organization (if applicable). We do not knowingly collect personal information from individuals under 18 years of age.

3. Information We Collect

3.1 Account and Subscription Information

• Account Credentials: Email address, name, and authentication information
• Subscription Data: Billing information, subscription tier, payment history
• Organization Details: Company name, business address (if provided)
• Profile Information: Optional professional bio and preferences

3.2 Service Usage Information

• AI Interactions: Messages, prompts, and queries sent to AI models
• Usage Analytics: Feature usage, session duration, API call metrics
• User Preferences: Theme settings, model preferences, notification settings
• Integration Data: Third-party service connections and configurations

3.3 Technical Information

• Device Information: Browser type, operating system, device identifiers
• Network Data: IP address, connection information, access logs
• Performance Data: Error logs, performance metrics, diagnostic information

4. Information We Do NOT Collect

• Precise location data or GPS coordinates
• Personal contacts, photos, or files (unless explicitly uploaded)
• Biometric data or health information
• Cross-platform tracking data for advertising purposes
• Sensitive personal data (race, religion, political opinions) unless voluntarily provided

5. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contract Performance: To provide our SaaS services and fulfill subscription agreements
• Legitimate Interest: To improve our services, ensure security, and provide customer support
• Consent: For marketing communications and optional features (where required)
• Legal Obligation: To comply with applicable laws and regulations

6. How We Use Your Information

6.1 Service Provision

• Authenticate and manage your account
• Process AI requests and deliver responses
• Maintain conversation history and user preferences
• Provide customer support and technical assistance
• Process subscription payments and manage billing

6.2 Service Improvement

• Analyze usage patterns to enhance platform performance
• Develop new features and improve existing functionality
• Monitor system security and prevent fraud
• Conduct research and analytics for business insights

6.3 Communication

• Send service-related notifications and updates
• Provide customer support responses
• Share important policy or service changes
• Send marketing communications (with your consent)

7. Third-Party Services and Data Sharing

7.1 AI Model Providers

• OpenAI, Anthropic, Google, and other AI model providers for processing requests
• Your prompts and conversations are processed by these third-party AI services
• Each provider has their own privacy policies and data handling practices

7.2 Essential Service Providers

• Payment processors (Stripe) for subscription billing
• Cloud infrastructure providers for hosting and data storage
• Authentication services for secure login
• Email service providers for transactional communications

7.3 Data Sharing Principles

• We only share data necessary for service provision
• All third parties are bound by contractual data protection obligations
• We do not sell or rent your personal information to third parties
• Data sharing is limited to legitimate business purposes

8. Data Security and Protection

8.1 Technical Safeguards

• End-to-end encryption for data transmission (HTTPS/TLS)
• Encrypted data storage with industry-standard protocols
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Multi-factor authentication for administrative access

8.2 Organizational Measures

• Employee training on data protection and privacy
• Access controls limiting data access to authorized personnel
• Regular backup procedures and disaster recovery plans
• Incident response procedures for security breaches

8.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours as required by applicable law.

9. Data Retention and Deletion

9.1 Retention Periods

• Account Data: Retained while your account is active and for 30 days after deletion
• Conversation History: Retained for the duration of your subscription plus 90 days
• Billing Information: Retained for 7 years for tax and accounting purposes
• Usage Analytics: Aggregated data retained indefinitely, personal identifiers removed after 2 years

9.2 Data Deletion

You can request deletion of your personal data at any time. We will delete your data within 30 days of your request, except where retention is required by law or for legitimate business purposes.

10. Your Rights Under GDPR

If you are located in the European Union, you have the following rights regarding your personal data:

To exercise these rights, contact us at privacy@aquariusly.pro. We will respond within 30 days.

11. Your General Rights and Controls

• Access and update your profile information through your account settings
• Control notification preferences and communication settings
• Export your conversation history and account data
• Request account deletion and data removal
• Opt-out of marketing communications at any time
• Contact our support team for assistance with privacy concerns

12. International Data Transfers

Our services may involve transferring your personal data to countries outside your jurisdiction. When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with equivalent data protection laws
• Certification schemes and codes of conduct
• Binding corporate rules for intra-group transfers

13. Children's Privacy

Our platform is designed for business and professional use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we learn that we have collected personal information from someone under 18, we will delete that information promptly. If you believe a minor has provided us with personal information, please contact us at privacy@aquariusly.pro.

14. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage patterns. For detailed information about our cookie practices, please see our Cookie Policy.

• Essential Cookies: Required for basic platform functionality
• Analytics Cookies: Help us understand usage patterns and improve services
• Preference Cookies: Remember your settings and preferences

15. Contact Us

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify users of material changes through email, platform notifications, or by updating the effective date. Your continued use of our services after such modifications constitutes acceptance of the updated Privacy Policy.

17. Supervisory Authority

If you are located in the European Union and believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

18. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes through the App or by updating the effective date.