Privacy

What we store

Your name, your email, what you write in a pol, photos and voice notes you attach, and the relationship summary the AI keeps for each of your connections. That's it.

Who can see it

Your pol partner sees what you wrote to them, once both of you have sent. Nobody else does. We do not show your writing in any operator or admin tool, by design.

What the AI does

It suggests the starting prompt each week and offers a brief acknowledgment on the reveal. It does not train on your content. The details live on the AI page.

If you leave

Your identity is erased. What you and your pol partner wrote together stays in their archive, but appears under 'Former member' rather than your name. They can delete the whole archive themselves at any time, which removes it fully.

How to reach us

Write to hello@polpol.life for any privacy question, data request, or deletion follow-up.

1. Who is responsible

polpol is operated by a sole legal entity registered in Croatia (controller details available on request at hello@polpol.life). For data-protection purposes, that entity is the data controller for the personal data described below. Hosting and processing partners act as processors under written agreements.

2. What we collect, and why

Account: email address, display name, optional avatar, language preference, timezone. Used to sign you in and to schedule your weekly cycle in your local time.

Connection content: the prompts presented each week and the answers you and your pol partner write, plus any attached photos and voice notes. Used to deliver the ritual itself.

Relationship memory: a private summary kept per connection so the experience stays in tune with your specific relationship over time. Described further on the AI page.

Operational metadata: billing status, plan, cap usage, paywall and CTA events. Used to run the business and improve the funnel.

Diagnostic logs: bounce and complaint signals from the email provider, authentication errors, server logs. Used to keep delivery healthy and the product working. No pol content is written to logs.

3. Legal bases

Contract (GDPR Art. 6(1)(b)) for everything required to deliver the ritual you signed up for. Legitimate interests (Art. 6(1)(f)) for fraud prevention, abuse mitigation, deliverability, and minimal operational analytics. Consent (Art. 6(1)(a)) where we ask for it explicitly, for example when you opt into voice transcription on a per-connection basis. Legal obligation (Art. 6(1)(c)) for tax and fiscalization records on paid plans.

4. Processors we use

Supabase (database, authentication, file storage). Anthropic (AI text generation). AssemblyAI and Groq (audio transcription). Resend (transactional and ritual emails). Vercel (hosting and edge runtime). Stripe (payments and subscription management on paid plans).

Each processor is bound by a Data Processing Agreement and is selected with EU-region or DPF-aligned routing where available. Transfers outside the EEA rely on Standard Contractual Clauses.

5. Sharing

We do not sell personal data. We do not share it for advertising. We share content with the other party in your connection (that is the product), and with our processors (above) to the extent strictly required to operate the service. We will share data when compelled by valid legal process and will notify you where lawful to do so.

6. Retention and deletion

Active accounts: data is retained for as long as the account is active. Routine pruning removes ephemeral artifacts (expired magic links, abandoned uploads, old diagnostic logs) on a periodic schedule.

Account deletion: when you delete your account, your identity (auth record, profile, display name, avatar, personal-scratch attribution) is erased. Content you and your pol partner created together inside a connection stays visible to them as a shared archive, but your identifying details are stripped at the time of deletion: your contributions appear under 'Former member' rather than your name, with no link to any account.

This approach is grounded in GDPR Recital 65 and the proportionality doctrine: shared content can be retained where erasing it would unduly affect the rights of the other party. The other party can delete the archive themselves at any time, which removes the content in full.

7. Your rights

Under GDPR you have the right to access, rectify, delete, restrict processing, object to processing, and request data portability. To exercise any of these, write to hello@polpol.life from the email on your account. We respond within 30 days. You may also lodge a complaint with your national supervisory authority; in Croatia that is AZOP (azop.hr).

8. Cookies and local storage

We set one authentication cookie so you stay signed in, and use a small amount of local storage in your browser to remember in-progress drafts and UI state. We do not use third-party analytics, advertising, or tracking cookies.

9. Security posture

Transport is TLS-only. Database access is gated by row-level security policies that scope reads to the connection's two parties. Service-role access is restricted to specific server-side actions with explicit intent. We do not yet have end-to-end encryption on pol content; until we do, we maintain an internal discipline (documented at docs/PRIVACY.md in our source repository) preventing admin and operator surfaces from rendering pol content as a side effect of any other task.

10. Children

polpol is not directed to children under 16. If we learn that an account belongs to someone under 16, we will close it and delete the associated data.

11. Changes to this page

When we make a material change, we update the date at the top and, where the change affects you directly, we send a notice to the email on your account. Continued use after a change means you accept the updated terms; if you do not, you can delete your account at any time.

12. Contact

hello@polpol.life. We read everything that arrives.