Privacy Policy

1. Introduction and Principles

Welcome to xPrivo.

Protecting your privacy is not just a legal obligation for us, but the foundation of our service. We have developed our AI assistant based on the principles of "Privacy-by-Design" and "Privacy-by-Default". This privacy policy explains what (very little) data we process, why we do it, and how we protect your anonymity.

Our service is fully compliant with the European Union's General Data Protection Regulation (GDPR).

2. Our Definition of "Personal Data"

Our definition of personal data is based on the strict data protection laws of the EU, particularly the GDPR. We consider any information that relates to an identified or identifiable natural person, or can be traced back to you, as personal data.

Our approach: We do not collect personal data.
If this information is not collected in the first place, it cannot be stolen, requested, shared, or misused.

3. Principles of Data Processing When Using the Service

No Storage of Your Chats on Our Servers: Your conversations with the AI assistant are not stored, logged, or archived on our servers.
Real-Time Processing, No Storage: To generate AI responses, the text prompts and files you submit within the app are transmitted securely in real-time to our servers and AI partners for processing. However, these conversations are not stored, logged, or archived on our servers after the response is generated.
Local Storage on Your Device: Your chat histories are stored exclusively locally on your own device (using IndexedDB in your browser). You alone have control over this. You can delete or download your chats at any time.
Responsibility for Local Data: Please note: Since chats are stored locally, they will be irretrievably lost if you clear your browser cache, LocalStorage, or IndexedDB.
No Logging of Your IP Address: We do not log your IP address during the normal use of our service.
- Exception – Abuse prevention: The only exception is automated requests (e.g., bots, DDoS attacks) that send a disproportionate number of requests to our servers in a short period of time. If our security software (e.g., Bunny.net Shield) detects potential abuse, the IP address in question may be temporarily blocked to avert danger. In this case, the IP address will be isolated for a maximum of 24 hours and stored without the possibility of tracing it back to you personally (pseudonymized). The legal basis for this processing to ensure network and information security is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.
No Recording of Search Queries: When the AI assistant performs searches for you, your queries are automatically stripped of all unnecessary metadata (including your IP address and other identifying information). We send the anonymized search query to our content providers and return the result to you. We do not log these searches.
No Training with Your Data: We do not use your inputs or the generated responses to train our AI models.
No Tracking, No Profiling, No Personalized Advertising: We do not use any analytics, marketing, or tracking cookies. We do not create user profiles. No personalized advertising is displayed on our website.
Rate-Limiting: To prevent abuse (e.g., by bots), we use anonymizing measures to enforce the number of requests (Rate Limits) per user without creating a personal profile.

4. Data Collection on xprivo.com

a) Cookies and Local Storage (LocalStorage / IndexedDB)

We use only technically necessary cookies and local storage technologies that are essential for the basic functionality, security, and the settings you request. The legal basis is Art. 6(1)(b) GDPR (service provision) or Art. 6(1)(f) GDPR (legitimate interest in a secure and functional website).

This includes:

Cookies:
- bunny_shield_...: A cookie from our partner Bunny.net. This is a purely technical security cookie that is mandatory for DDoS defense and the Web Application Firewall (WAF) to protect the website from attacks (Abuse Mitigation).
LocalStorage:
- theme: Stores your preferred display setting (Light/Dark/System) to ensure accessibility and user-friendliness.
- assistantIcon: Stores your chosen icon for the assistant (User preference).
- sp_token: A security token used to verify session integrity and defend against manipulation attempts (Session security).
IndexedDB:
- Storage of your chat histories and more detailed user preferences. This is mandatory for the service to function as you expect (Storage of your conversations).

b) Subscriptions (Premium Features)

We offer premium features (e.g., "PRO") that can be unlocked via a subscription.

No User Account: In line with our Privacy-by-Design approach, purchasing or using a subscription requires no user account (no email, no password) with us.
Anonymous Premium Key: Upon purchase, you will receive a unique, anonymous "Premium Key". With this key, you can unlock your premium features on different devices.
Responsibility for the Key: This key is confidential and should be treated like cash. You are solely responsible for keeping this key safe (digitally or physically in a non-public place).
No Sharing: The key must not be passed on, shared, or resold.
Management: Anyone in possession of the key can manage the associated subscription (e.g., cancel it). We have no way to verify the legitimate owner, as we do not store any personal data about you.

5. Our EU Partners (Hosting and Processors)

In our standard configuration, we consistently rely on exclusively European infrastructure and technology partners. This guarantees the highest level of data sovereignty, ensures that data does not leave the European legal jurisdiction, and maximizes independence from non-European political influence factors.

However, users with a PRO Upgrade have the option to actively select extended AI models from international providers (e.g., Microsoft or Google). Even when choosing these optional models, we ensure, both technically and contractually, that processing takes place on servers within the European Union.

We have concluded the Data Processing Agreements (DPA) required under Art. 28 GDPR with all technical service providers acting as data processors.

a) Hosting & Computing Power (Infrastructure)

To provide our service, the specific data you submit within the app (text prompts, chat messages, and any uploaded files/images) is transmitted to and processed by external hosting and AI providers in real-time. This processing is mandatory for the operation of the service to generate your AI responses (Art. 6(1)(b) and (f) GDPR).

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
(We have concluded a DPA with Hetzner. The servers are powered by renewable energy.)

netcup GmbH
Emmy-Noether-Straße 10
76131 Karlsruhe
Germany
(We have concluded a data processing agreement (DPA) with netcup.) You can find further information on data processing by netcup in their privacy policy: https://www.netcup.com/de/kontakt/datenschutzerklaerung

Scaleway S.A.S
8. Arrondissement, Île-de-France
Paris 75008
France
(We have concluded a DPA with Scaleway. The servers are powered by renewable energy.)

Nebius B.V.
Schiphol Boulevard 165
1118 BG Schiphol
Netherlands
(We have concluded a Data Processing Agreement (DPA) with Nebius. The servers are powered by renewable energy.)

Mistral AI SAS
15 rue des Halles
75001 Paris
France
(We have concluded a Data Processing Agreement (DPA) with Mistral AI. Mistral AI is a French company based within the European Union and processes data exclusively within the European Union. We use Mistral models for selected beta features as well as a technical fallback. Data is processed in accordance with Mistral AI's Data Processing Agreement (DPA), available at https://legal.mistral.ai/terms/data-processing-addendum . Technical and organisational measures are documented in Mistral AI's Trust Center at https://trust.mistral.ai/ . Personal data is not processed for commercial purposes beyond service delivery and is neither sold nor shared with third parties.)

Optional High-Performance AI Models (Enterprise Cloud)

insofar as you explicitly select models in the settings that do not run on our own infrastructure by default (e.g., GPT series or Gemini models), our system functions as a technical proxy. This means we forward your request via our secured servers to the enterprise interfaces of the providers listed below. There is no direct contact between your browser and the third-party provider.

In contrast to the direct use of these services (e.g., via the ChatGPT web interface), processing here takes place exclusively in data centers within the EU and excludes training purposes.

Microsoft Ireland Operations Ltd. (for GPT models)
One Microsoft Place, South County Business Park
Dublin D18 P521
Ireland

For the lawful processing of personal data when using GPT models (e.g., GPT-4, GPT-5+), we have concluded a Data Processing Agreement with Microsoft Ireland Operations Limited in accordance with Art. 28 GDPR. This contractual regulation ensures that Microsoft, as our data processor, complies with all data protection provisions of the GDPR. The Data Processing Agreement bindingly regulates:

That your data (prompts and outputs) are not used for training, improvement, or fine-tuning of Microsoft or OpenAI models.
That data processing takes place exclusively within the European Union region.

Google Cloud EMEA Ltd. (for Gemini models)
70 Sir John Rogerson's Quay
D02 R296, Dublin 2
Ireland

For the lawful processing of personal data when using Google models (e.g., Gemini Pro/Flash), we have concluded a Data Processing Agreement with Google Cloud EMEA Ltd. in accordance with Art. 28 GDPR. This contractual regulation ensures that Google, as our data processor, complies with all data protection provisions of the GDPR. The Data Processing Agreement bindingly regulates:

That input and output data are not incorporated into the training of Google's foundation models.
That data sovereignty remains with us and processing takes place on servers within the EU.

b) CDN and Security (DDoS Protection)

We use the services of Bunny.net to deliver our website's content quickly (Content Delivery Network - CDN) and to protect ourselves from DDoS attacks and other threats. This serves our legitimate interest in a secure, high-performance, and reliable website (Art. 6(1)(f) GDPR).

BunnyWay d.o.o.
Cesta komandanta Staneta 4A
1215 Medvode
Slovenia (EU Member State)
(We have concluded a DPA with BunnyWay d.o.o.)

c) Payment Processing (Reseller)

For the sale of our digital products (subscriptions), we use a reseller. When you purchase a subscription, you enter into the purchase contract directly with this reseller.

Armitage Labs OÜ (Creem.io)
Kreiukse tee 5 Randvere
74016 Viimsi vald Harju maakond
Estonia

Armitage Labs OÜ (Creem.io) acts as our reseller and is your direct contractual partner for the purchase. In this context, Armitage Labs OÜ is the independent controller for data processing (e.g., payment data, billing address). If you reach Creem.io via a link from us, our servers do not transmit any data to Creem.io; rather, your web browser establishes a direct connection.

Information on data processing by Creem.io can be found in their privacy policy: https://www.creem.io/privacy

d) Search

We use European Search Perspective (EUSP) from Qwant for search queries and web responses. This serves our legitimate interest in providing a user-friendly and high-performing website (Art. 6(1)(f) GDPR).

Qwant SAS
42 avenue de la Porte de Clichy
75017 Paris
France

6. Social Media

We maintain online presences within social networks (e.g., Facebook, Twitter, Instagram) to inform about our services and communicate with users.

When visiting these platforms, the terms and conditions and data processing policies of the respective operators apply. We point out that user data may be processed outside the European Union.

If users communicate with us within these networks (e.g., comments, messages), we process this data based on our legitimate interest in effective information and communication (Art. 6(1)(f) GDPR).

Details on the respective processing and opt-out possibilities can be found here:

Facebook / Instagram (Meta Platforms Ireland Limited, Ireland):
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads
Twitter (Twitter International Unlimited Company, Ireland):
Privacy Policy: https://twitter.com/en/privacy
Opt-Out: https://twitter.com/personalization

7. External Links (Disclaimer)

Our AI assistant may generate links to external third-party websites (e.g., in search results). As soon as you click on such a result or any other external link, you leave our website and thus the scope of this privacy policy. We have no influence on the content or privacy practices of these third-party providers.

8. Your Rights as a Data Subject

Since we deliberately do not store any personal data about you, most of these rights are "void" with us. For the sake of completeness (and in case you contact us via email, for example, which would mean we process your email address), you have the following rights:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure / "Right to be forgotten" (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is the Commission Nationale pour la Protection des Données (CNPD) in Luxembourg.

9. Responsible Body (Controller)

The controller responsible for data processing is:
Restoflix S.a r.l.-s
Luxembourg
Email: data@xprivo.com

10. Final Provisions

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services. The new privacy policy will then apply to your next visit.