Privacy Policy
Last updated: June 2025
Sixpack Design Studio d.o.o.
Hrizantema 8d, 11000 Belgrade, Serbia
PIB: 105368192
Email: privacy@adintelhq.io
This Privacy Policy explains how Sixpack Design Studio d.o.o. ("we", "us", "our") collects, uses and protects your personal data when you use AdIntelHQ ("the Service") at adintelhq.io.
1. Data We Collect
When you register and use the Service, we collect:
- Account data: full name, email address, encrypted password
- Usage data: analyses performed, city, country, business niche entered, plan type, timestamps
- Payment data: subscription status and Paddle subscription ID (we do not store full credit card numbers — payments are processed by Paddle)
- Technical data: IP address, browser type, session tokens stored in HTTP-only cookies
2. How We Use Your Data
- To provide and maintain the Service
- To manage your account and subscription
- To send transactional emails (verification, password reset, billing)
- To enforce usage limits per plan
- To improve the Service based on aggregated usage patterns
We do not sell your personal data to third parties. We do not use your data for advertising purposes.
3. Legal Basis (GDPR)
We process your personal data based on:
- Contract performance — to provide the Service you signed up for
- Legitimate interests — to prevent fraud and improve the Service
- Consent — for marketing communications, which you may withdraw at any time
4. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to retain it by law (e.g., billing records for 5 years under Serbian accounting law).
5. Third-Party Services
- Anthropic (Claude AI): Your market analysis queries are sent to Anthropic's API. Anthropic processes these as a data processor. Prompts contain only the city, niche and audience you enter — never your email or personal identity.
- Paddle: Payment processing. Paddle acts as Merchant of Record. See Paddle's Privacy Policy.
6. Cookies
We use a single HTTP-only session cookie (aiq_session) to keep you logged in. This cookie is strictly necessary for the Service to function and does not track you across other websites.
7. Your Rights
Under GDPR, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data ("right to be forgotten")
- Object to or restrict processing
- Data portability
- Lodge a complaint with a supervisory authority
To exercise any of these rights, email us at privacy@adintelhq.io.
8. Data Security
Passwords are stored using bcrypt hashing. Session tokens are stored in HTTP-only cookies. All data transmission uses HTTPS. Our database is not publicly accessible.
9. Children
The Service is not directed at persons under 16 years of age. We do not knowingly collect data from children.
10. Changes
We may update this policy from time to time. We will notify you by email of material changes. Continued use of the Service after the effective date constitutes acceptance.
11. Contact
For any privacy-related questions, contact us at: privacy@adintelhq.io