Privacy Policy

Controller and contact

ABVentures SAS, 60 RUE FRANCOIS IER, 75008 PARIS, France, is the controller for the personal data described in this policy. Contact: [email protected].

Data we process

• Account data such as email, name and avatar from authentication providers.
• Authentication and session cookies.
• Billing, customer, subscription and invoice data handled with Stripe.
• Financial models, uploaded or imported files, mappings, formulas, outputs and exports.
• Prompts, chat messages, AI-generated responses and generated model changes where AI features are used.
• API key metadata, usage logs, rate-limit data, support messages and admin communications.
• Technical logs, security events, Sentry errors and Vercel Analytics events.

Purposes and legal bases

• Contract performance: account access, app features, model storage, collaboration, exports, API access and subscriptions.
• Legal obligations: invoicing, accounting, tax, security and compliance records.
• Legitimate interests: service reliability, security, abuse prevention, debugging and product improvement.
• Consent: non-essential cookies or analytics where consent is legally required.

Recipients and subprocessors

Data may be processed by infrastructure, authentication, billing, email, observability and AI providers used to operate the service, including Supabase, Vercel, Stripe, Sentry, Resend, Google/Supabase Auth and AI model providers when AI features process your prompts or model context.

International transfers

Some providers may process data outside the European Economic Area. Where required, transfers rely on appropriate safeguards such as adequacy decisions, standard contractual clauses or equivalent mechanisms.

Retention

Account and model data are kept while your account is active or as needed to provide the service. Billing records are kept for legal accounting periods. Logs, AI traces, support messages and backups are kept for limited periods appropriate to security, debugging, audit and legal needs.

Cookies and telemetry

Layerz uses necessary cookies for authentication and security. It may use Vercel Analytics and Sentry for audience measurement, reliability and error monitoring. Non-essential tracking will be consent-gated when required by law.

Your rights

Depending on applicable law, you may request access, rectification, deletion, restriction, portability, objection and withdrawal of consent. You may also lodge a complaint with the CNIL. To exercise rights, contact [email protected].

Security

Layerz uses access controls, authenticated sessions, API key protections, row-level security patterns, encryption in transit, restricted admin access and log redaction. No online service can be guaranteed completely secure.