Delaria

Privacy Policy — Delaria

Delaria GDPR privacy policy: data collection, use, sharing, security, and your rights.

Terms of UseBack to home
PART B — PRIVACY POLICY (GDPR) ══════════════════════════════════════ B.1 Data controller [Legal entity name] [Registered address] [VAT / Tax ID] Email: privacy@delaria.app B.2 Data Protection Officer If appointed: [DPO contact] — otherwise privacy@delaria.app B.3 Categories of data • Identity and contact data (email, nickname, optional name) • Optional profile data (bio, country, city, language) • User-created content and diary metadata • Technical data (IP, logs, device IDs, essential cookies) • Payment data (processed by Stripe; we do not store full card numbers) • Aggregated usage and, if opted in, anonymous preference signals B.4 Purposes and legal bases (GDPR Art. 6) | Purpose | Legal basis | | Account, archives, cloud diary | Contract (Art. 6.1.b) | | Moderation, security, abuse prevention | Legitimate interest (Art. 6.1.f) | | Legal and accounting obligations | Legal obligation (Art. 6.1.c) | | Anonymous preference signals (opt-in) | Consent (Art. 6.1.a), revocable in Profile | | Service communications | Contract / legitimate interest | | Marketing (only if explicitly enabled) | Consent (Art. 6.1.a) | B.5 Retention Data is kept as long as necessary for the purposes and legal obligations. User-deleted content is removed from active systems within reasonable technical timeframes; backups may persist for a limited period. B.6 Recipients and transfers Recipients may include Firebase/Google hosting (US/EU), AI providers, Stripe, advisors, and authorities when legally required. Extra-EU transfers use appropriate safeguards (EU Standard Contractual Clauses or adequacy decisions). B.7 Your rights Access, rectification, erasure, restriction, portability, objection (where applicable), and withdrawal of consent without affecting prior processing. You may lodge a complaint with your supervisory authority (in Italy: Garante Privacy — www.garanteprivacy.it). Requests: privacy@delaria.app — we respond within legal timeframes (typically 30 days). B.8 Mandatory data Email and minimum account data are required for the Service. Other fields are optional; refusal may limit features. B.9 Automated processing Moderation may use automated systems with human review when reported. We do not make solely automated decisions with significant legal effects under GDPR Art. 22. B.10 Cookies We use necessary cookies/technologies and, where required, analytics with consent. B.11 Minors The Service is not directed at users below the age threshold in § A.1. We will remove accounts if we learn of non-compliant use. B.12 Security We apply appropriate technical and organizational measures. No system is fully secure. B.13 Policy updates Updates are published in-app with date. Continued use after material changes implies acknowledgment, unless new consent is required. — End of document —