Brandly LogoBrandly

Privacy Policy

Your privacy is important to us. Learn how we collect, use, and protect your information.

Last updated: July 2025

1) Information About the Collection of Personal Data and Contact Details

1.1

We are pleased that you are using our application (hereinafter referred to as the "App"). In the following, we inform you about how we handle your personal data when you use our App.

Personal data means any information that relates to an identified or identifiable natural person.

1.2

The data controller for data processing related to this App within the meaning of the General Data Protection Regulation (GDPR) is: BetterVue e.U., Sobieskigasse 25/24, 1090 Vienna, Austria, Email: hello@getbrandly.app

Data Protection Officer: Not required for our operations scale, but privacy inquiries can be directed to hello@getbrandly.app

Austrian Data Protection Authority: If you believe we have violated data protection law, you can file a complaint at dsb.gv.at

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Categories of Personal Data and Retention

2.1 Account Data

Data collected: Email address, account preferences, subscription status

Retention period: Until account deletion or 3 years after last activity

2.2 Payment Data

Data collected: Transaction IDs, subscription details (payment details are processed by RevenueCat/Apple/Google)

Retention period: 7 years for tax/accounting purposes

2.3 Generated Content

Data collected: Brand information, prompts, generated results

Retention period: Until you delete the content or close your account

2.4 Technical Data

Data collected: Device identifiers, IP addresses, app usage logs, crash reports

Retention period: 1 year for logs, crash reports deleted after 90 days

2A) Principles (No Sale, No Ads)

We do not sell your personal data. We do not use advertising trackers and do not serve personalized ads within our App.

We do not run marketing analytics. We use crash reporting only to maintain and improve App stability.

3) Contact

When contacting us (e.g. via contact form or email), personal data is collected. The nature of this data depends on the form used. This data is used exclusively for the purpose of responding to your inquiry and the associated technical administration.

Legal basis: Article 6 (1)(f) GDPR (legitimate interest)

If your inquiry is related to a contract: Article 6 (1)(b) GDPR

Data is deleted after final resolution unless legal retention obligations apply.

4) Data Processing for Contract Fulfillment

4.1

To fulfill contracts concluded via the App, we work with the following service providers who support us in whole or in part. We pass on certain personal data to them as necessary.

Shipping and delivery: If applicable, your delivery data may be passed on to shipping providers.

Payment processing: Your payment details may be shared with financial institutions or payment processors.

Legal basis: Article 6 (1)(b) GDPR.

4.2 – RevenueCat

In-app purchases are processed via: RevenueCat Inc., 300 Euclid Avenue, San Francisco, CA 94118, USA.

We share order-related data with RevenueCat exclusively for payment processing.

Legal basis: Article 6 (1)(b) GDPR

We have a data processing agreement (DPA) in place with RevenueCat

More info: RevenueCat Privacy Policy. Cross-border transfers are safeguarded via Standard Contractual Clauses (SCCs) where applicable, and a data processing agreement (DPA) is in place.

4.3 AI Content Generation

When you use our AI-powered content generation features, your prompts and brand information are sent to our AI processing partners to generate your results.

AI Provider: DeepSeek (via OpenRouter API)

Data transferred:

  • Your text prompts and instructions
  • Brand information you provide
  • Generated content requests

Legal basis: Article 6 (1)(b) GDPR (contract fulfillment)

International transfers: Data may be transferred to China (DeepSeek) and/or outside the EU. This transfer is necessary for contract performance. We rely on Standard Contractual Clauses (SCCs) and other lawful transfer mechanisms where applicable, and implement supplementary measures.

Retention: Prompts and generated content are only used for generation and are not stored by the AI service provider.

Data minimization: Only the minimum necessary information is sent to generate your requested content.

5) Analytics & Crash Reporting

We use Firebase Crashlytics (Google Ireland Ltd., Barrow Street, Dublin 4, Ireland) to collect anonymous crash reports to improve the app's stability.

Data sent may include:

  • App state at the time of crash
  • Crash trace
  • Device model and OS version
  • Log messages
  • Anonymized installation ID

Legal basis: Article 6 (1)(f) GDPR (legitimate interests) to ensure service stability, diagnose errors and protect the security of the App. You may exercise your right to object under Article 21 GDPR (see Your Rights below).

Transfers to the US (Google LLC) may occur

Privacy policy: Firebase Privacy & Security

5A) Data Security

  • Encryption in transit (TLS) and at rest for personal data
  • Role-based access controls and least-privilege access
  • Regular secure backups and restoration tests
  • Security monitoring and vulnerability management

6) Your Rights

You have the following rights under the GDPR:

  • Art. 15 GDPR: Access to your personal data and related information
  • Art. 16 GDPR: Correction of inaccurate or incomplete data
  • Art. 17 GDPR: Deletion of your data ("Right to be forgotten")
  • Art. 18 GDPR: Restriction of processing under certain conditions
  • Art. 19 GDPR: Notification to third parties if your data has been corrected or deleted
  • Art. 20 GDPR: Right to data portability
  • Art. 7(3) GDPR: Right to withdraw your consent at any time
  • Art. 77 GDPR: Right to file a complaint with a supervisory authority

How to Exercise Your Rights

To exercise any of these rights, contact us at hello@getbrandly.app with your request. Please include:

  • Your full name and email address
  • Specific right you wish to exercise
  • Any relevant details about your request

Response time: We will respond within one month of receiving your request. In complex cases, we may extend this by up to two months.

Cost: Exercising your rights is free of charge, unless your request is manifestly unfounded or excessive.

6.2 Right to Object (Art. 21 GDPR)

You may object at any time to the processing of your data based on legitimate interests (Art. 6 (1)(f) GDPR) if your situation justifies it.

If your data is processed for direct marketing purposes, you can object at any time. After objection, we will no longer process your data for these purposes.

7) Children's Privacy

Our Service is intended for users aged 18 and above. We do not knowingly collect personal data from anyone under 18 years of age.

If you become aware that a child has provided us with personal data, please contact us at hello@getbrandly.app and we will take steps to remove such information.

8) Updates to this Privacy Policy

We may update this Privacy Policy as necessary to reflect changes in law or our services. The current version is always accessible in the App and/or on our website.

For material changes, we will notify you via in-app notice or email before the changes take effect.

9) Contact

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us at:

📧 hello@getbrandly.app