Privacy Policy

Your privacy matters to us. Learn how we protect your data.

Last updated: November 3, 2025

1. Introduction

Chime Stream B.V. ("we," "our," or "us") operates the Stravix website and application (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We are committed to protecting your privacy and ensuring you have a positive experience on our website and in using our products and services.

2. Information We Collect

2.1 Information You Provide

  • Account information (name, email address, password)
  • Profile information and preferences
  • Brand information and business details for content personalization
  • Content you create using our AI tools
  • Communications with our support team
  • Payment information (processed securely by third-party providers)

2.2 Information We Automatically Collect

  • Usage data and analytics
  • Device information (IP address, browser type, operating system)
  • Cookies and similar tracking technologies
  • Log files and error reports

2.3 Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases in accordance with the General Data Protection Regulation (GDPR):

Contract Performance

To provide our AI-powered content creation services, manage your account, and process payments

Consent

For marketing communications, non-essential cookies, and optional features (you can withdraw consent at any time)

Legitimate Interests

For service improvement, security monitoring, fraud prevention, and analytics

Legal Obligation

For compliance with tax, accounting, and other legal requirements

3. How We Use Your Information

We use the collected information for various purposes:

🛡️

To provide and maintain our Service

To improve and personalize your experience

💳

To process payments and manage your account

📧

To send you updates, newsletters, and promotional materials (with consent)

🎧

To provide customer support

🔧

To detect, prevent, and address technical issues

⚖️

To comply with legal obligations

3.1 AI-Powered Content Generation

When you use our AI content generation features, here's how your data is processed:

  • What we send to AI providers: Your brand profile information, content prompts, and business details you provide for content personalization
  • What we don't send: Your personally identifiable information (name, email address, payment details) is NOT shared with AI providers
  • Purpose: This data is used solely to generate customized content tailored to your brand and marketing needs
  • Storage: Generated content and your brand profile are stored securely in our Supabase database
  • Your control: You own all content generated using our Service and can delete it at any time

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following circumstances:

4.1 Third-Party Service Providers

We work with trusted third-party service providers to operate our Service. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data in accordance with GDPR and other applicable data protection laws.

Our Service Providers:

Supabase

Database hosting and storage for your account data, brand profiles, and generated content

AI Providers (OpenAI, Google Gemini, Groq)

API services for AI-powered content generation. We send only brand information and content prompts, not personal identifiers

OneSignal

Email and push notification delivery (only with your consent; you can unsubscribe anytime)

Firebase

Mobile push notifications (only with your consent; you can disable anytime)

Payment Processors

Secure payment processing for subscriptions (your payment details are processed directly by certified payment providers)

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., courts, law enforcement agencies).

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Here are our specific retention periods:

Active account data: Duration of your subscription plus 30 days
Deleted account data: Permanently deleted within 30 days of account deletion request
Generated content: Retained for 90 days after account deletion (for recovery purposes)
Analytics data: Aggregated and anonymized after 24 months
Backup data: Retained in secure backups for 90 days, then permanently deleted
Legal/accounting records: 7 years (as required by Dutch law)

7. Your Rights Under GDPR

As a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

Access

Request a copy of your personal data

Rectification

Correct inaccurate information

Erasure

Delete your personal information

Restriction

Limit how we process your data

Portability

Receive your data in a portable format

Object

Object to certain processing activities

Withdraw Consent

Revoke consent at any time

7.1 How to Exercise Your Rights

To exercise any of your rights, please contact us at:

Email: hello@stravix.app

We will respond to your request within 1 month (or 3 months in complex cases, with notification).

What You Can Request:

  • A copy of your data in JSON or CSV format (data portability)
  • Correction of inaccurate or incomplete information
  • Complete deletion of your account and associated data
  • Information about how your data is being processed

Right to Lodge a Complaint: You also have the right to lodge a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (AP). If you reside in another EU country, you can contact your local supervisory authority.

8. Cookies

Our website uses cookies to enhance your browsing experience. You can control cookie preferences through our cookie settings. For detailed information about our use of cookies, please see our Cookie Policy.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with GDPR and applicable data protection laws.

Data Transfer Locations:

  • United States: Data processed by Supabase, OpenAI, Firebase, and OneSignal
  • European Union: Primary data storage in EU regions where available

Transfer Safeguards:

We protect international data transfers through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • EU-US Data Privacy Framework certification (where applicable)
  • Data Processing Agreements with all third-party processors

10. Children's Privacy

Our Service is not intended for individuals under 16 years of age (or the minimum age required in your country). We do not knowingly collect personal information from children under 16 without verifiable parental consent.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@stravix.app so we can delete such information.

11. Automated Decision-Making and AI

Our Service uses AI to generate content based on your inputs and preferences. This does not involve automated decisions that produce legal effects or similarly significantly affect you.

All AI-generated content is provided for your review and approval before use. You maintain full control over whether to use, modify, or discard any AI-generated content. No automated decisions are made regarding your account status, access, or service provision without human review.

12. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware
  • Notify affected users without undue delay if the breach poses a high risk
  • Provide details of the breach, its likely consequences, and measures taken
  • Implement immediate measures to mitigate the breach and prevent future occurrences

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "last updated" date, and (where appropriate) sending you an email notification. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Chime Stream B.V.

Rotterdam, The Netherlands

Email: hello@stravix.app

Back to Home