Privacy Policy

Last Updated: November 2025

Introduction

At Damasiom ("we", "us", or "our"), your privacy is important to us. This Privacy Policy explains how we collect, use, protect, and process your personal data when you use our products, including all Damasiom applications and services.

Damasiom is a small business (Kleinunternehmen) based in Germany, specializing in AI solutions and AI as a service. We create innovative applications powered by artificial intelligence to make everyday tasks easier and more efficient.

This Privacy Policy applies to all websites, applications, and services provided by Damasiom. Our services are available globally and comply with the European Union's General Data Protection Regulation (GDPR) and other applicable data protection laws.

What We Collect

We collect the following types of data to provide and improve our services:

Account Information

  • Name
  • Email address (collected via registration form or third-party login with Google/GitHub)
  • Account creation date
  • Authentication credentials (securely hashed)

Application Data

  • App settings and preferences
  • Usage history (for cross-platform synchronization)
  • API usage and request logs
  • Feature interaction data

Usage Analytics

  • Page views and navigation patterns
  • Feature usage statistics
  • Performance metrics
  • Error logs and diagnostic data

Note: We implement our own first-party analytics system. We do not use third-party analytics services like Google Analytics. All analytics data is stored securely in our own databases.

Communication Preferences

  • Newsletter subscriptions
  • Marketing communication preferences
  • Support ticket history

What We Do NOT Collect

  • Sensitive personal information (health data, racial or ethnic origin, political opinions, religious beliefs)
  • Financial information (credit card details are handled exclusively by Stripe)
  • Precise geolocation data
  • Biometric data

Why We Collect Data

We collect and process data only for the following functional purposes:

  • Account Management: Create and authenticate your account, manage your profile
  • Service Delivery: Provide AI-powered features and functionality
  • Synchronization: Enable cross-device synchronization of your settings and preferences
  • Communication: Send service-related updates, feature announcements, and support responses
  • Marketing: Send optional promotional communications (only with your consent)
  • Analytics & Improvement: Understand how users interact with our services to improve features and user experience
  • Security & Fraud Prevention: Protect against abuse, unauthorized access, and misuse of free trials
  • Legal Compliance: Meet regulatory and legal requirements

We practice data minimization and only collect what is necessary for these purposes. We do not sell your personal data to third parties.

Cookies & Tracking

We use cookies and similar technologies to provide and improve our services. Here's what you need to know:

Essential Cookies (Required)

We use essential cookies for authentication and session management. These cookies are necessary for our services to function and cannot be disabled.

  • Session cookies (temporary, deleted when you close your browser)
  • Authentication tokens (keep you logged in)
  • Security cookies (prevent CSRF attacks)

What We DON'T Use

  • Third-party advertising cookies
  • Third-party tracking cookies
  • Social media tracking pixels
  • Third-party analytics services (like Google Analytics)

Managing Cookies

You can control cookies through your browser settings. However, disabling essential cookies will prevent you from logging in and using our services. Most browsers allow you to:

  • View what cookies are stored
  • Delete cookies
  • Block cookies from specific sites
  • Block all third-party cookies

Third-Party Services

We use trusted third-party providers to deliver our AI-powered services. When you use our services, your data may be processed by the following providers:

AI & Functionality Providers

  • OpenAI - GPT models and embeddings
  • Anthropic - Claude AI models
  • Google AI - Gemini and other AI services
  • OpenRouter - AI model routing
  • ElevenLabs - Voice and speech services
  • And other AI service providers as needed

Important: When you use our AI features, your input data (prompts, requests) is sent to these providers to generate responses. Each provider has their own privacy policy and data handling practices. We select providers that prioritize user privacy and data security.

Payment Processing

Stripe - All payment and subscription data is handled exclusively by Stripe, a PCI-DSS compliant payment processor. We do not store, access, or process your credit card information or financial data.

Authentication Services

When you choose to log in with Google or GitHub, we receive only the basic profile information you authorize (name, email). Your password is never shared with us.

We carefully select third-party providers who maintain high security standards and comply with applicable data protection laws. We do not sell your data to third parties.

Children's Privacy

Age Requirement

Our services are intended for users who are at least 16 years of age in accordance with GDPR requirements.

We do not knowingly collect personal information from children under 16 years of age. If you are under 16, you may not use our services or provide any personal information to us.

If You're a Parent or Guardian

If you believe we have inadvertently collected information from a child under 16, please contact us immediately at privacy@damasiom.com. We will promptly investigate and delete such information from our systems.

By creating an account, you confirm that you are at least 16 years old or have reached the age of majority in your jurisdiction.

Marketing Communications

We may send you marketing communications about our products, features, updates, and promotional offers. Your consent and preferences matter to us.

What We May Send

  • Product updates and new feature announcements
  • Tips and best practices for using our services
  • Special offers and promotional campaigns
  • Newsletter content about AI technology and trends
  • Company news and important service changes

Your Control

You have complete control over marketing communications. You can:

  • Unsubscribe at any time by clicking the unsubscribe link in any marketing email
  • Manage your communication preferences in your account settings
  • Contact us at privacy@damasiom.com to update your preferences

Service-Related Emails

Note: Certain service-related emails (account security alerts, billing notifications, critical service updates) are essential to your use of our services and cannot be unsubscribed from.

Data Security

We take the security of your personal data seriously and implement industry-standard security measures to protect your information from unauthorized access, disclosure, alteration, or destruction.

Security Measures

Encryption in Transit

All data transmitted between your device and our servers is encrypted using HTTPS/TLS protocols.

Encryption at Rest

Your data is encrypted when stored in our databases and file systems.

Access Controls

Strict access controls and authentication mechanisms limit who can access your data.

Regular Security Audits

We conduct regular security assessments and updates to our systems.

Password Security

Passwords are hashed using strong cryptographic algorithms (never stored in plain text).

Secure Infrastructure

Our infrastructure is hosted on secure, enterprise-grade cloud platforms.

Your Responsibility

While we implement strong security measures, you are responsible for keeping your account credentials secure. Never share your password, and use a strong, unique password for your Damasiom account.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR, providing details about the breach and the steps we're taking to address it.

Your Rights

Under GDPR and other applicable data protection laws

You have the following rights regarding your personal data. These rights are provided under GDPR and other applicable privacy laws:

Right to Access

You can request a copy of all personal data we hold about you, including how it's being used.

Right to Rectification

You can correct or update inaccurate or incomplete personal information.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data. However, we may retain your email address to prevent abuse of free trials and protect our service from misuse.

Right to Restriction of Processing

You can request that we limit how we use your data in certain circumstances.

Right to Data Portability

You can request your data in a structured, commonly used format to transfer to another service.

Right to Object

You can object to certain types of processing, including marketing communications and processing based on legitimate interests.

Right to Withdraw Consent

Where we process data based on consent, you can withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of these rights, please contact us using one of the following methods:

  • Email: privacy@damasiom.com
  • Submit a support ticket through our platform
  • Manage some settings directly in your account dashboard

Response Time: We will respond to your request within 30 days as required by GDPR. We may need to verify your identity before processing certain requests to protect your privacy.

Important Note About Data Retention After Deletion

When you request account deletion, we will delete most of your data. However, we retain your email address to prevent abuse of free trials and multiple account creation. This is based on our legitimate interest in protecting our service from misuse. This practice helps us maintain fair access to our services for all users.

Supervisory Authority

If you believe we have not adequately addressed your privacy concerns or exercised your rights, you have the right to lodge a complaint with a data protection supervisory authority.

For Users in Germany

As we are based in Germany, you can contact the German Federal Commissioner for Data Protection and Freedom of Information:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)

Graurheindorfer Str. 153

53117 Bonn, Germany

Website: www.bfdi.bund.de

For Users in Other EU Countries

You can also contact your local data protection authority in your country of residence. A list of EU data protection authorities can be found at: European Data Protection Board

We are committed to working with data protection authorities to resolve any privacy concerns. However, we encourage you to contact us first so we can address your concerns directly.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Active Accounts

While your account is active, we retain your data to provide continuous service and maintain your preferences across sessions.

After Account Deletion

When you delete your account, most personal data is permanently deleted within 30 days. However, we retain your email address for up to 4 years to prevent abuse of free trials and fraud prevention.

Legal Requirements

Some data may be retained longer if required by German or EU law (e.g., tax records, transaction history for up to 10 years).

Backups

Backup copies may persist for up to 90 days after deletion for disaster recovery purposes, but are not accessible for normal operations.

Anonymized Data

We may retain aggregated, anonymized data indefinitely for analytics and improvement purposes. This data cannot be used to identify you personally.

International Transfers

Our services are provided globally, and we may transfer your personal data to trusted service providers located outside the European Union, particularly to AI service providers based in the United States.

How We Protect Your Data in International Transfers

We ensure that all international data transfers comply with GDPR through appropriate safeguards:

  • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our service providers
  • Adequacy Decisions: We transfer data to countries recognized by the EU as providing adequate protection
  • Provider Commitments: Our providers (OpenAI, Anthropic, Google, etc.) commit to strong data protection practices
  • Encryption: Data is encrypted in transit and at rest during international transfers

Service Providers Outside the EU

Your data may be processed by:

  • OpenAI (United States) - for GPT models
  • Anthropic (United States) - for Claude AI models
  • Google (United States) - for Google AI services
  • ElevenLabs (United States) - for voice services
  • Other AI providers as necessary for service delivery

By using our services, you acknowledge and consent to these international transfers. We work only with providers who maintain high data protection standards and are committed to protecting your privacy.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or for other operational, legal, or regulatory reasons.

How We'll Notify You

  • Email Notification: For significant changes that affect your rights, we'll send you an email notification
  • Website Notice: We'll post a notice on our website about policy updates
  • In-App Notification: You may see a notification when you log in to your account

When Changes Take Effect

Changes become effective 30 days after we notify you or post the updated policy on our website, whichever is earlier. Your continued use of our services after the effective date constitutes acceptance of the updated policy.

Access to Previous Versions

The latest version of this Privacy Policy will always be available on our website at this URL. The "Last Updated" date at the top of this page indicates when the policy was last revised.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Questions About Your Privacy?

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, we're here to help.

Email: privacy@damasiom.com

Or submit a support ticket through our platform

Back to top