Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.
Last Updated: July 5, 2025
1. Introduction
Welcome to Business Advisor! This Policy describes how we ("the Company") collect, use, disclose, and process personal data in connection with your use of our website and mobile application (the "Service").
By using the Service, you confirm that you have read and agree to this Policy and our Terms of Use.
2. What Data We Collect
We collect the following categories of data:
- Personal Information: name, email address, payment identifiers.
- Data Collected Automatically: IP address, device identifiers, cookies, activity logs, and performance metrics.
We do not knowingly collect sensitive categories of personal data, unless it is voluntarily provided by the user (e.g., in a support request).
3. Legal Basis and Purposes for Processing Data
We process your data only when we have a lawful basis to do so under the General Data Protection Regulation (GDPR).
- Performance of a Contract: To register you as a user and provide our services.
- Legitimate Interest: For analytics and fraud protection.
- Based on your Consent:
- To send you marketing materials you have opted-in to receive.
- To improve our Service and train our artificial intelligence algorithms on anonymized (pseudonymized) data, if you have provided separate consent for this.
4. Data Sharing with Third Parties
We do not sell your personal data. Data may be shared only with trusted third-party providers (Data Processors) to the extent necessary for the purposes described in this Policy and in strict compliance with confidentiality and security requirements.
| Provider | Purpose of Use | Cross-border Transfers |
|---|---|---|
| PostHog | Anonymous usage analytics and crash reports to improve stability. | Data may be processed outside the EEA (e.g., in the US) under the EU-US Data Privacy Framework; Standard Contractual Clauses (SCCs) or other GDPR-compliant safeguards are used. https://posthog.com/docs/privacy |
| OpenRouter | Sending and processing AI agent requests based on the described idea. | Data may be processed outside the EEA (e.g., in the US) under the EU-US Data Privacy Framework; Standard Contractual Clauses (SCCs) or other GDPR-compliant safeguards are used. https://openrouter.ai/privacy |
Data may be transferred to the following payment providers: Stripe, Google Pay, and Apple Pay, to the minimum extent necessary to process payments. You can review their privacy policies at the following links:
- Stripe: https://stripe.com/privacy
- Google Pay: https://policies.google.com/privacy
- Apple Pay: https://www.apple.com/legal/privacy/
5. Cookies and Analytics
We use our own and third-party cookies for authentication, analytics, and service improvement. Users can manage cookie or analytics settings in their browser or through application settings.
6. Data Security
We implement technical and organizational measures to protect data, including data encryption in transit (TLS 1.2 and above), access control, regular security audits, and incident response procedures with notification to users and relevant authorities within 72 hours. However, no method of data transmission over the Internet or electronic storage method provides 100% security guarantee.
7. Data Retention Period
- Personal data (Name, Email): stored as long as your account exists, or until you request deletion.
- Usage/device data: preserved in aggregated/anonymized form for statistics and Service improvement and cannot be linked to you.
Upon completion of the retention period, data is deleted or anonymized. Your data may be stored and processed in data centers located in:
- (a) The European Union;
- (b) The United Kingdom;
- (c) The United States.
8. Your Rights
You may request to access, correct, delete, or port your data, as well as to restrict or object to its processing. A response will be provided within 30 days, and the actual deletion of data will be completed no later than 30 days after the request is confirmed.
Users can withdraw their consent for the collection of analytical data at any time and request the complete deletion of their profile and all associated data through the application.
Please send your requests to support@vaultoria.com.
Important Note on Deletion from Trained Models: We are committed to deleting your personal data from all our operational systems, databases, and backups in accordance with your request. However, please be aware that data that has been used in an anonymized form to train our models (subject to your explicit consent) cannot be technically extracted from an already trained model. We take all necessary measures to minimize risks, including the pseudonymization of data before it is used in the training process.
8.1 Your U.S. Privacy Rights
If you are a resident of a state that grants specific privacy rights (e.g., California under CCPA/CPRA), you may have additional rights, including:
- Right to Opt-Out of Sale/Sharing: We do not sell your personal data for monetary consideration. However, the use of certain analytical tools may be considered "sharing" of data under California law. You can opt out of such sharing by using the cookie or analytics settings on our website or in the application.
9. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect data from children under 18 and will delete it if we become aware of it. If you believe a child has provided us with data, please contact us to have it deleted.
10. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices or the law. We will notify you of material changes via email or through an in-app notification. The "Last Updated" date at the top of this Policy reflects the current version.
Material changes to the Policy will be communicated via email 30 days before they take effect. Your continued use of the Service after such changes constitutes your consent to the new policy.
11. Contact Us
If you have any questions about this Policy or our data processing practices, please contact us at: