Privacy Policy

Effective: 6 March 2026 · Data Controller: GodLocal, Ireland · privacy@godlocal.ai

1. Data We Collect

Account data: Email, username, hashed password.
Payment data: Billing info via Stripe (no card numbers stored).
Usage data: Pages visited, features used, session duration.
Technical data: IP address, browser type, device type.
AI conversations: Messages sent to the AI (retained 90 days).

2. Legal Basis (GDPR)

We process data under: Contract (account, payments, AI features), Legitimate Interest (security, analytics), Consent (marketing — withdraw anytime), Legal Obligation (compliance).

3. Data Sharing

We do not sell your data. We share it only with Stripe (payments), Groq (AI inference), Render/Vercel/Supabase (infrastructure), and law enforcement when legally required. All processors operate under GDPR-compliant agreements.

4. Data Retention

Account data — until deletion + 30 days
Payment records — 7 years (legal requirement)
AI conversation history — 90 days rolling
Analytics logs — 12 months

5. Your Rights (GDPR)

As an EU/EEA resident you have the right to: access, rectify, erase, restrict processing, data portability, object to processing, and withdraw consent.

Contact privacy@godlocal.ai — we respond within 30 days. You may also lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).

6. Security

Passwords are bcrypt-hashed. All transmission is over HTTPS/TLS.

7. International Transfers

Some providers are in the USA. We use Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Cookies

We use essential cookies (auth/session), functional cookies (preferences), and anonymised analytics cookies. Control cookies via your browser settings.

9. Children

The Service is not for users under 18. We do not knowingly collect data from children.

10. Contact

privacy@godlocal.ai · godlocal.ai · Ireland