1. Data Controller
Noosphere Prime ("we", "us", "our") is the data controller responsible for your personal data. Contact: contact@noosphereprime.space
2. Data We Collect
Account Data
Email address, display name, authentication credentials (stored securely via Firebase Auth). Collected when you register.
Usage Data
API call logs (endpoint, timestamp, response time), query content submitted to the Platform, subscription tier and billing status. Collected automatically during use.
Technical Data
IP address, browser type, device type, operating system, referring URLs. Collected automatically via server logs.
Payment Data
Payment processing is handled by our third-party payment processor. We do not store card numbers or full payment details on our servers.
3. Legal Basis for Processing (GDPR)
- Contract performance — to provide and maintain your subscription and Platform access
- Legitimate interests — platform security, fraud prevention, service improvement, usage analytics
- Legal obligation — compliance with applicable laws, tax records, regulatory requirements
- Consent — marketing communications (you may withdraw at any time)
4. How We Use Your Data
- Authenticate you and provide access to the Platform
- Process subscription payments and maintain billing records
- Monitor API usage against your plan limits
- Detect and prevent abuse, fraud, and unauthorized access
- Send transactional emails (account alerts, invoices, platform updates)
- Improve Platform accuracy and performance through aggregate analytics
5. Data Sharing & Third Parties
We do not sell your personal data. We share data only with:
- Firebase (Google) — authentication and real-time database. Subject to Google's Privacy Policy and EU SCCs.
- Anthropic — AI analysis processing. Query content submitted to the Platform may be processed by Anthropic's API. Subject to Anthropic's Privacy Policy.
- Vercel — cloud hosting infrastructure. Subject to Vercel's Privacy Policy and EU SCCs.
- Payment processor — billing and subscription management.
- Legal authorities — when required by law, court order, or to protect our legal rights.
6. Data Retention
- Account data: Retained for the duration of your subscription + 3 years for legal compliance
- API logs: 12 months rolling retention
- Billing records: 7 years (Romanian/EU tax law requirement)
- Deleted accounts: All personal data deleted within 30 days of account closure, except where legally required to retain
7. Your Rights (GDPR)
Under the General Data Protection Regulation, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — correct inaccurate or incomplete data
- Erasure ("right to be forgotten") — request deletion of your data
- Portability — receive your data in a machine-readable format
- Restriction — limit how we process your data in certain circumstances
- Objection — object to processing based on legitimate interests
- Withdraw consent — for any processing based on consent
To exercise any right, email contact@noosphereprime.space. We will respond within 30 days. You also have the right to lodge a complaint with the Romanian supervisory authority (ANSPDCP) at dataprotection.ro.
8. International Transfers
Some of our third-party processors (Google, Anthropic, Vercel) may transfer data outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
9. Security
We implement appropriate technical and organizational measures to protect your data, including encrypted connections (TLS), authentication token management via Firebase, and access controls on our infrastructure. No system is 100% secure; we will notify you of any personal data breach within 72 hours as required by GDPR.
10. Cookies
We use cookies and similar technologies. For full details, see our Cookie Policy.