Athilion
Athilion - Legal

Privacy Policy

Last updated March 09, 2026

About Athilion and This Policy

This Privacy Policy is provided by Athilion GbR, operating as Athilion ("we," "us," or "our"). It describes how and why we access, collect, store, use, and share ("process") your personal information when you use our services ("Services"), including when you:

  • Visit our website at https://www.athilion.com, or any other website we operate that links to this policy
  • Download and use our mobile application (Athilion), or any other application we offer that links to this policy
  • Use the Athilion App β€” an AI-powered mobile application that generates personalized fitness and nutrition plans. To create these plans, the app requires text-based input about your goals, training experience, nutrition habits, injuries, special health conditions, and training preferences.
  • Interact with us in other related ways, such as through marketing activities or events

If you disagree with the policies and practices described here, please do not use our Services.

Data Protection Officer

If you have questions or comments about this policy, you can reach our Data Protection Officer (DPO):

  • Email: dwilhelm@athilion.com
  • Phone: +491632750074
  • Mail: Athilion GbR Data Protection Officer SchneidemΓΌhler Str., 20D Karlsruhe, Baden-WΓΌrttemberg 76139 Germany

For general support inquiries, you may also contact us at support@athilion.com.

Your Privacy Rights

Rights for Individuals in the EEA, UK, Switzerland, and Canada

If you live in the European Economic Area (EEA), the United Kingdom (UK), Switzerland, or Canada, local data protection laws grant you specific rights over your personal information. These include:

  1. Requesting access to your personal information and obtaining a copy of it;
  2. Asking us to correct or delete your personal information;
  3. Asking us to limit how we process your personal information;
  4. Where applicable, receiving your personal information in a portable format so you can transfer it to another service;
  5. Not being subject to decisions made entirely by automated systems.

If we make a decision about you using only automated processes and that decision has legal or similarly significant consequences for you, we will notify you, explain the key factors involved, and provide a straightforward way for you to request human review of the decision.

You may also have the right to object to our processing of your personal information. To exercise any of these rights, please contact us using the details in the "About Athilion and This Policy" section above.

We will review and respond to every request in accordance with the data protection laws that apply to you.

Filing complaints:

  • EEA residents may file a complaint with their Member State's data protection authority.
  • UK residents may file a complaint with the UK's data protection authority.
  • Swiss residents may contact the Federal Data Protection and Information Commissioner.

For individuals in Canada: We may process your information when you have given us specific, direct permission (express consent) or when your permission can reasonably be assumed from the circumstances (implied consent). You can withdraw your consent at any time.

Canadian law may allow us to process your information without consent in limited situations, including when:

  • Collecting the information is clearly in someone's interest and consent cannot be obtained quickly enough
  • The processing is needed to investigate, detect, or prevent fraud
  • It relates to a business transaction, provided certain legal conditions are met
  • The information is in a witness statement needed to evaluate, process, or settle an insurance claim
  • It is needed to identify someone who is injured, ill, or deceased, or to contact their next of kin
  • We have reasonable grounds to believe someone has been, is being, or may become a victim of financial abuse
  • Requiring consent would likely compromise the availability or accuracy of the information, and the collection is reasonable for investigating a breach of an agreement or a violation of Canadian federal or provincial law
  • Disclosure is needed to comply with a subpoena, warrant, court order, or court rules about producing records
  • The information was created by someone in the course of their employment, business, or profession, and the collection aligns with the original purpose for which it was created
  • The collection is exclusively for journalistic, artistic, or literary purposes
  • The information is publicly available as defined by applicable regulations
  • We may share de-identified information for approved research or statistical projects, provided those projects are subject to ethics review and the recipients commit to keeping the information confidential

Rights for United States Residents

If you live in California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, state law may give you specific rights over your personal information, including:

  • Right to know β€” You can ask us to confirm whether we are processing your personal data.
  • Right to access β€” You can request to see the personal data we hold about you.
  • Right to correct β€” You can ask us to fix inaccurate personal data.
  • Right to request deletion β€” You can ask us to delete your personal data.
  • Right to obtain a copy β€” You can get a copy of the personal data you previously provided to us.
  • Right to non-discrimination β€” We will not treat you unfairly because you chose to exercise any of these rights.
  • Right to opt out β€” You can direct us to stop processing your personal data for targeted advertising (including sharing as defined under California's privacy law), for selling your personal data, or for profiling that leads to decisions with legal or similarly significant consequences.

Depending on which state you live in, you may have additional rights, including:

  • The right to see the categories of personal data we are processing (where applicable law provides this right, including Minnesota's privacy law).
  • The right to get a list of the types of third parties we have shared personal data with (where applicable law provides this right, including the privacy laws of California, Delaware, and Maryland).
  • The right to get a list identifying the specific third parties we have shared personal data with (where applicable law provides this right, including the privacy laws of Minnesota and Oregon).
  • The right to get a list of third parties to whom we have sold personal data (where applicable law provides this right, including Connecticut's privacy law).
  • The right to review, understand, and question how your personal data has been used for profiling, and depending on where you live, to correct that profiling (where applicable law provides this right, including the privacy laws of Connecticut and Minnesota).
  • The right to restrict how we use and share your sensitive personal data (where applicable law provides this right, including California's privacy law).
  • The right to opt out of the collection of sensitive data and personal data gathered through voice or facial recognition technology (where applicable law provides this right, including Florida's privacy law).

Exercising your rights: You can submit a request to access your personal data, send an email to dwilhelm@athilion.com, or use the contact information at the beginning of this document. If you live in a US state with its own data protection law, you may appoint an authorized representative to submit a request on your behalf. We may decline a request from a representative who does not provide adequate proof of their legal authority to act for you.

Verification: When we receive your request, we need to confirm your identity. We will use only the personal information included in your request. If the information we already have on file is insufficient for verification, we may ask for additional details to confirm your identity and prevent unauthorized access.

If an authorized agent submits a request on your behalf, we may need to collect additional information to verify your identity. Your agent must provide written, signed permission from you authorizing them to make the request.

Appeals: If we decline to act on your request, certain U.S. state laws give you the right to appeal. To do so, email your appeal to support@athilion.com. We will respond in writing, explaining what steps we took or chose not to take and the reasons for our decision. If we deny your appeal, you may file a complaint with your state's attorney general.

Rights for Residents of Australia, New Zealand, and South Africa

Australia and New Zealand

We handle your personal information in accordance with Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020 (together, the "Privacy Acts"). This policy meets the notification requirements under both Privacy Acts β€” it explains what personal information we gather about you, where we get it from, why we use it, and who else may receive it.

If you choose not to provide the personal information needed for its relevant purpose, this may limit what we can do for you. Specifically, we may be unable to:

  • offer you the products or services you are looking for
  • respond to your questions or assist with your requests
  • manage your account
  • verify your identity and keep your account secure

You have the right, at any time, to request access to your personal information or to ask that it be corrected. To do so, please submit a data subject access request or contact us directly.

If you believe we are handling your personal information unlawfully, you have the right to file a complaint. For a breach of the Australian Privacy Principles, you may complain to the Office of the Australian Information Commissioner. For a breach of New Zealand's Privacy Principles, you may complain to the Office of the New Zealand Privacy Commissioner.

Republic of South Africa

At any time, you have the right to request access to your personal information or to ask that it be corrected. To do so, submit a data subject access request or contact us directly.

If you are not satisfied with how we handle any complaint about the way we process your personal information, you may contact the relevant regulatory authority:

The Information Regulator (South Africa) General enquiries: enquiries@inforegulator.org.za Complaints (submit a completed POPIA/PAIA Form 5): PAIAComplaints@inforegulator.org.za & POPIAComplaints@inforegulator.org.za

Withdrawing Consent

If we process your personal information based on your consent β€” whether express or implied, depending on applicable law β€” you can withdraw that consent at any time by contacting us. Withdrawing your consent does not affect the lawfulness of any processing we carried out before that point. Where the law permits, it also does not prevent us from continuing to process your personal information under other lawful bases.

Opting Out of Marketing Communications

You can stop receiving our marketing and promotional messages at any time by:

  • Clicking the unsubscribe link included in our marketing emails;
  • Replying "STOP" or "UNSUBSCRIBE" to any marketing text messages we send; or
  • Contacting us using the details in the "About Athilion and This Policy" section above.

Once you opt out, we will remove you from our marketing lists. We may still send you non-marketing messages, such as communications related to managing your account, responses to your service requests, or other operational notices.

We do not share mobile-related information with third parties or affiliated companies for marketing or promotional use. We may share mobile information with subcontractors who help provide support services, such as customer service. Text messaging opt-in data and consent information are never shared with any third party for any purpose.

Managing Your Account

You can review, update, or delete the information in your account at any time by:

  • Logging in and making changes through your account settings, or
  • Reaching out to us using the contact details provided.

If you ask us to close your account, we will deactivate or remove your account and your information from our active databases. We may retain certain information in our records to prevent fraud, resolve problems, support investigations, enforce our legal terms, or meet applicable legal obligations.

Information We Collect

Information You Provide Directly

We collect personal information that you voluntarily share with us β€” for example, when you create an account, ask about our products or Services, participate in activities through the Services, or get in touch with us.

The specific personal information we collect depends on how you interact with us and which features you use. We may collect:

  • Names
  • Phone numbers
  • Email addresses
  • Mailing addresses
  • Passwords
  • Contact or authentication data
  • Debit/credit card numbers
  • Billing addresses
  • Apple Health information
  • Biometric data
  • Nutrition-related information, such as allergies, dietary preferences, and diet type
  • Training and physical data, such as preferred training location, strength metrics for exercises, and similar details
  • Injury history and special physical conditions

Sensitive Information. Where needed, and either with your consent or as allowed by applicable law, we collect and process the following categories of sensitive information:

  • Health data
  • Biometric data
  • Nutrition habits and preferences
  • Injury history and special physical conditions
  • Training habits, experience, and preferences

Payment Data. If you make a purchase, we may collect the information needed to process your payment, including your payment card number and its security code. All payment data is handled and stored by Stripe. You can review Stripe's privacy notice here: https://stripe.com/privacy.

Social Media Login Data. We may let you create an account using an existing social media login, such as Facebook, X, or another platform. If you choose this option, we will receive certain profile information about you from that provider. See the "Social Logins" section below for more details.

App-Specific Data. If you use our app(s), we may also collect the following when you grant us access or permission:

  • Mobile Device Access. We may ask permission to use features on your mobile device, including Bluetooth, calendar, camera, contacts, microphone, reminders, sensors, SMS messages, social media accounts, storage, and other features. You can change these permissions at any time through your device's settings.

  • Mobile Device Data. We automatically collect certain device information, such as your device ID, model, and manufacturer; your operating system and version; system configuration details; device and app identification numbers; browser type and version; hardware model; internet service provider or mobile carrier; and your IP address (or proxy server). If you use our app(s), we may also collect information about your phone network, operating system or platform, device type, unique device ID, and which app features you accessed.

  • Push Notifications. We may ask your permission to send push notifications about your account or specific app features. You can disable push notifications through your device's settings.

We use this information primarily to keep our app(s) secure and running properly, to diagnose problems, and for internal analytics and reporting.

All personal information you provide must be truthful, complete, and accurate. You are responsible for notifying us of any changes to your personal information.

Information Collected Automatically

When you visit, use, or browse our Services, we automatically collect certain information. This does not directly identify you (such as your name or contact details), but may include details about your device and how you use our Services β€” for example, your IP address, browser type, device characteristics, operating system, language settings, the website that referred you, your device name, country, general location, details about when and how you use our Services, and other technical data. We use this information primarily to keep our Services secure and functioning, and for our own analytics and reporting.

Like most online services, we gather information using cookies and similar tracking technologies.

The information we collect includes:

  • Log and Usage Data. Our servers automatically capture log and usage data whenever you access or use our Services. This data relates to service operation, performance, and your usage patterns β€” including diagnostic information. Depending on how you interact with us, this may include your IP address, device details, browser type and settings, and information about your activity within the Services (pages and files viewed, searches, features used, dates and times of access, and other actions). It may also include device event data such as system activity, error reports, and hardware settings.

Information from External Sources

To provide you with more relevant marketing, offers, and services β€” and to keep our records current β€” we may gather information about you from outside sources. These include public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and other third parties. The types of information we may collect include mailing addresses, job titles, email addresses, phone numbers, intent data (data about your online behavior), IP addresses, social media profiles, social media URLs, and custom profiles. We use this information for targeted advertising and event promotion.

If you engage with us through a social media platform using your account (for example, Facebook or X), that platform may share personal information about you with us, such as your name, email address, and gender. The specific information we receive depends on the privacy settings you have chosen on that platform. The social media platform's own use of your information is governed by its own policies, not this Privacy Policy.

Google API Data

When we receive information through Google APIs, we handle it in accordance with the Google API Services User Data Policy, including its Limited Use requirements.

Categories of Personal Information (US Disclosure)

The following table lists the types of personal information we have collected over the past 12 months, presented in accordance with US state privacy law requirements. The examples illustrate what falls within each type and do not necessarily reflect every piece of personal information we collect. For a full description, see the rest of this "Information We Collect" section.

Type Examples Collected
A. Identifiers Contact details such as real name, alias, mailing address, phone or mobile number, unique personal identifier, online identifier, IP address, email address, and account name YES
B. Personal information under the California Customer Records law Name, contact information, education, employment, employment history, and financial information YES
C. Characteristics protected under state or federal law Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic information YES
D. Commercial information Transaction information, purchase history, financial details, and payment information NO
E. Biometric information Fingerprints and voiceprints NO
F. Internet or similar network activity Browsing history, search history, online behavior, interest data, and interactions with our websites, apps, systems, and advertisements (as well as those of others) NO
G. Geolocation data Device location NO
H. Audio, electronic, visual, or similar information Images, audio recordings, video recordings, or call recordings made in connection with our business activities NO
I. Professional or employment-related information Business contact details we need to provide our Services at a business level, or job title, work history, and professional qualifications if you apply for a position with us NO
J. Education information Student records and directory information NO
K. Conclusions drawn from collected personal information Profiles or summaries we create based on any of the personal information listed above β€” for example, about a person's preferences and characteristics YES
L. Sensitive personal information Biometric data, account login credentials, health data, and information about sex life or sexual orientation YES

We collect sensitive personal information only as permitted by applicable privacy laws, or with your consent. We may use sensitive personal information β€” or share it with a service provider or contractor β€” only for the specific purposes the law allows. You may have the right to restrict how we use or share your sensitive personal information. We do not use or process sensitive personal information to draw conclusions or make assumptions about you.

We may also collect personal information outside these categories when you interact with us in person, online, or by phone or mail β€” for example, when you request help through our customer support channels, take part in customer surveys or contests, or work with us to arrange delivery of our Services.

Retention timelines by type:

  • Types A and K β€” We keep this information for as long as you maintain an account with us.
  • Types B, C, and L β€” We will use personal information such as exercise data combined with biometric details (weight, height, age, injuries, special conditions) on a long-term basis to train our own AI model. Before doing so, we will remove the link between this data and the account that contains your personal information.

How and Why We Use Your Information

We use your personal information for the reasons described below, depending on how you interact with our Services. We will only use your information for purposes not listed here if we first obtain your clear, specific consent.

  • Account management. We may use your information to let you create and sign in to your account and to keep it functioning properly.
  • Delivering our Services. We may use your information to provide the services you have requested.
  • Customer support. We may use your information to respond to your inquiries and help resolve problems you experience.
  • Feedback and user experience. We may use your information to request feedback and learn about your experience with our Services.
  • Marketing communications. We may use the personal information you provide for marketing purposes, consistent with your communication preferences. You can unsubscribe at any time (see the "Opting Out of Marketing Communications" section).
  • Personalized advertising. We may use your information to create and display content and ads tailored to your interests, location, and other factors.
  • Security and fraud prevention. We may use your information to protect our Services, including monitoring for and preventing fraud.
  • Usage analytics. We may use information about how you interact with our Services to understand usage patterns and make improvements.
  • Marketing effectiveness. We may use your information to evaluate and improve our marketing and promotional campaigns.
  • Vital interests. We may use your information when necessary to safeguard a person's vital interests, such as preventing serious harm.

Legal Grounds for Processing

For individuals in the EU or UK:

The General Data Protection Regulation (GDPR) and UK GDPR require a valid legal basis for processing your personal information. We rely on the following:

  • Consent. We may process your information when you have given us permission to use it for a specific purpose. You can withdraw your consent at any time.

  • Performance of a Contract. We may process your personal information when necessary to fulfill our contractual commitments to you, including providing our Services, or taking steps you ask for before entering into a contract.

  • Legitimate Interests. We may process your information when reasonably necessary to pursue our legitimate business goals, provided those goals do not override your own interests, rights, and freedoms. Examples include:

    • Sending you information about special offers and discounts on our products and services
    • Creating and showing personalized, relevant advertising
    • Studying how people use our Services to make improvements and maintain engagement
    • Supporting our marketing efforts
    • Identifying problems and preventing fraud
    • Understanding how people use our products and services to improve the overall experience

  • Legal Obligations. We may process your information to comply with our legal obligations β€” for example, to cooperate with law enforcement or regulatory bodies, to exercise or defend our legal rights, or to provide information as evidence in legal proceedings.

  • Vital Interests. We may process your information when necessary to protect the life or safety of any person, such as in emergency situations.

Who Receives Your Information

Service Providers and Contractors

We may share your data with vendors, service providers, contractors, or agents ("third parties") who carry out work for us or on our behalf and who need access to your information to do so. We share your personal information with third parties only under written contracts. These third parties include companies that:

  • Provide AI processing and machine learning infrastructure
  • Perform data analysis and help us understand usage patterns
  • Host and store data on our behalf
  • Handle financial operations, accounting, and payment processing
  • Monitor service performance and uptime
  • Support our sales, marketing, and advertising campaigns (including affiliate programs and ad networks)
  • Facilitate social media integrations
  • Manage user account registration and authentication

We collect and share your personal information through targeting cookies, marketing cookies, and social media cookies.

We may also use your personal information for our own internal business purposes, such as conducting research related to technological development and demonstration. Using your information in this way does not constitute "selling" your personal information.

In the past twelve (12) months, we have not sold or shared any personal information with third parties for any business or commercial purpose. During that period, we have disclosed certain categories of personal information to third parties for a business or commercial purpose β€” the categories of recipients are described throughout this section.

Other Sharing Situations

  • Business Transfers. If our company goes through a merger, sale of assets, financing, or acquisition β€” or negotiates any of these β€” we may share or transfer your information to the other company involved.

  • Affiliates. We may share your information with our affiliates, including our parent company, subsidiaries, joint venture partners, or other companies we control or that are under shared control with us. If we do, we will require those affiliates to follow the terms of this Privacy Policy.

  • Business Partners. We may share your information with our business partners so they can offer you specific products, services, or promotions.

  • Offer Wall. Our application(s) may feature a third-party hosted "offer wall" β€” a display where outside advertisers let you earn virtual currency, gifts, or other rewards in exchange for viewing and completing an advertisement offer. An offer wall may appear in our application(s) and may be tailored to you based on information such as your geographic location or demographic details. When you interact with an offer wall, you will leave our application(s) and be taken to an external website run by another party. To prevent fraud and ensure you receive the correct reward, a unique identifier (such as your user ID) will be sent to the offer wall provider.

Cookies, Tracking, and Analytics

We may use cookies and similar tracking tools β€” such as web beacons and pixels β€” to collect information when you use our Services. Some of these tools help us keep our Services and your account secure, prevent crashes, fix technical problems, remember your preferences, and support basic website functions.

We also allow third parties and service providers to use tracking tools on our Services for analytics and advertising. This may include managing and displaying ads, personalizing ads based on your interests, or sending reminders about items left in your shopping cart (depending on your communication preferences). These third parties use their own technology to show you ads for products and services that match your interests, whether those ads appear on our Services or on other websites.

If any of these tracking practices qualify as a "sale," "sharing," or targeted advertising under applicable US state privacy laws, you have the right to opt out β€” see the "Rights for United States Residents" section above.

Most web browsers accept cookies automatically. You can typically adjust your browser settings to remove or block cookies. Keep in mind that doing so may limit certain features or functions of our Services.

For more details about how we use these technologies and how you can decline certain cookies, please see our Cookie Notice.

Product analytics (PostHog)

We use PostHog (operated by PostHog Inc., DPF-certified) to understand how visitors use our website. PostHog only runs after you give explicit consent in our cookie banner.

We capture a small set of explicit conversion events: when you click an app store button, submit the waitlist form, submit the contact form, or interact with referral links. We do not use autocapture, session recording, or screenshots. We do not store full page URLs, query parameters, or referrer URLs in these events.

  • Lawful basis: consent (Art. 6(1)(a) GDPR; Β§ 25(1) TTDDSG).
  • Storage region: PostHog Cloud US, under the EU-US Data Privacy Framework and Standard Contractual Clauses.
  • Withdrawal: click "Cookie preferences" in the footer of any page; your choice takes effect immediately.
  • Retention: PostHog's default retention applies; see PostHog's data retention documentation.

If you do not consent, no PostHog cookies are stored and no analytics events are sent.

Do-Not-Track Signals

Most web browsers and some mobile operating systems and apps offer a Do-Not-Track ("DNT") feature or setting that signals a preference against having online browsing activity tracked or collected. No universal technical standard for recognizing and acting on DNT signals has been established. Because of this, we do not currently take action in response to DNT browser signals or any other automated mechanism communicating a preference against online tracking.

Under California law, we are required to disclose how we handle DNT signals. Because no accepted industry or legal standard currently exists for recognizing or honoring DNT signals, we do not respond to them at this time. If a recognized standard is adopted in the future, we will update this Privacy Policy to explain how we handle it.

Artificial Intelligence Products

As part of our Services, we provide products, features, or tools powered by artificial intelligence, machine learning, or comparable technologies (collectively, "AI Products"). These tools are designed to improve your experience and offer useful solutions. The terms in this Privacy Policy apply to your use of the AI Products within our Services.

AI Service Providers

We deliver our AI Products through third-party companies that provide AI services ("AI Service Providers"). These currently include Google Cloud AI, OpenAI, xAI, and Vercel. When you use our AI Products, we share your input, output, and personal information with these providers, who process it on our behalf for the purposes described in the "Legal Grounds for Processing" section. You must not use the AI Products in any way that violates the terms or policies of any AI Service Provider.

Capabilities of Our AI Products

Our AI Products perform the following functions:

  • Analyzing images, text, video content, and natural language
  • Operating AI-powered bots and AI applications
  • Generating AI-driven insights, predictive analytics, documents, images, and video content
  • Providing AI-enhanced search capabilities
  • Translating content
  • Automating tasks
  • Deploying and developing AI systems and solutions
  • Building and operating machine learning models
  • Conducting AI-assisted research
  • Connecting with Internet of Things (IoT) devices and systems

Data Handling in AI Processing

All personal information processed by our AI Products is managed in accordance with this Privacy Policy and any agreements we maintain with third parties. These measures are designed to uphold strong security protections and keep your personal information safe throughout every stage of processing.

Social Logins

Our Services let you sign up or log in using a third-party social media account (for example, Facebook or X). If you choose to do this, your social media provider will send us certain profile information about you. The specific information depends on the provider, but will typically include your name, email address, friends list, and profile picture, along with any other information you have chosen to make public on that platform.

We will use information received from your social media provider only for the purposes described in this Privacy Policy or otherwise clearly communicated to you through the relevant Services. We do not control β€” and are not responsible for β€” how your third-party social media provider separately uses your personal information. We encourage you to review your social media provider's own privacy notice to understand how they collect, use, and share your personal information and how you can adjust your privacy settings on their sites and apps.

International Data Transfers

Our servers are located in Germany, Singapore, and the United States. Regardless of where you are located, your information may be sent to, stored in, and processed at our facilities β€” as well as the facilities of third parties we share your personal information with β€” in the United States and in other countries.

If you live in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, some of these countries may not have data protection laws that are as comprehensive as those in your jurisdiction. We will take all necessary steps to protect your personal information in line with this Privacy Policy and all applicable laws.

Data Retention

We hold onto your personal information only for as long as needed to carry out the purposes described in this Privacy Policy, unless the law requires or allows us to keep it longer (for example, to meet tax, accounting, or other legal obligations). None of the purposes described here will require us to retain your personal information for longer than the period during which you maintain an account with us.

Once we no longer have a valid business reason to process your personal information, we will delete it or remove any details that identify you. If neither step is immediately possible β€” for instance, because your information is stored in backup systems β€” we will keep it securely isolated and prevent any further use until deletion is feasible.

Security Measures

We use reasonable technical and organizational security measures to protect the personal information we handle. However, no method of transmitting data over the Internet or storing it electronically can be guaranteed to prevent every unauthorized intrusion. While we make every reasonable effort to safeguard your personal information, you should be aware that some inherent risk accompanies any electronic transmission or storage of data. We recommend that you access the Services only within a secure environment.

Updates to This Policy

We may revise this Privacy Policy from time to time to remain in compliance with applicable laws. When we do, we will update the "Last updated" date shown at the top. If we make significant changes, we may post a prominent notice about the updates or send you a direct notification. We recommend checking this policy regularly so you stay informed about how we protect your information.

Reviewing, Updating, or Deleting Your Data

Depending on the laws that apply where you live (including US state laws), you may have the right to:

  • Ask us what personal information we have collected about you and how we have used it
  • Correct any personal information about you that is wrong or incomplete
  • Ask us to delete your personal information
  • Withdraw any consent you previously gave us to process your personal information

In some situations, the law may limit these rights. If you want to review, update, or delete your personal information, please submit a data subject access request using the form we provide.