Privacy Policy

Last updated: 26 December 2025

View Terms of Service →

Saturalabs is operated by:

Socialcap AB
Hornsgatan 85, 117 26 Stockholm, Sweden
Email: saturalabs@protonmail.com

1) Data controller

Socialcap AB is the data controller for personal data processed through the Service.

Contact: saturalabs@protonmail.com
Address: Hornsgatan 85, 117 26 Stockholm, Sweden

2) What personal data we collect

Depending on how you use the Service, we may collect:

Account data

  • email address
  • account identifiers
  • authentication data (for example hashed passwords or tokens)
  • basic account settings

Payment and transaction data

  • purchase history (plans, credits purchased)
  • billing status, invoices/receipts
  • limited transaction metadata needed for support and accounting

Note: payments are processed by Polar.sh. We generally do not store full payment card details.

Usage data

  • IP address, device and browser information
  • timestamps, pages/features used, credits usage
  • error logs and performance data

Content you provide

  • prompts, inputs, uploads, and related metadata
  • outputs generated for your requests (linked to your account and usage)

Support communications

  • messages you send to support and any attachments you include

Cookies / similar technologies

  • essential cookies needed for login and core functionality
  • analytics cookies (where enabled)

3) Analytics (PostHog)

We use PostHog to understand usage of the Service (for example which features are used, performance issues, and how to improve UX).

PostHog may collect usage and device data via cookies or similar technologies. Where required by law, we only enable non-essential analytics with your consent, and you can withdraw consent via your browser settings and/or any cookie controls we provide.

4) How we use personal data (purposes)

We process personal data to:

  • provide and operate the Service (authentication, generating outputs, credit accounting)
  • process purchases and manage billing (via Polar)
  • provide customer support
  • maintain security, prevent abuse/fraud, and debug issues
  • analyze usage and improve the Service (including via PostHog)
  • comply with legal obligations (for example bookkeeping and tax)

5) Legal bases (GDPR / EU/EEA users)

Where GDPR applies, we rely on:

  • Contract: to provide the Service you request
  • Legitimate interests: to secure, maintain, and improve the Service; prevent abuse/fraud; operate analytics in a privacy-respecting way where permitted
  • Legal obligation: accounting, tax, and compliance obligations
  • Consent: where required (for example certain cookies/analytics, and marketing communications if applicable)

6) How we share personal data

We may share personal data with:

  • Payment processor / Merchant of Record: Polar.sh (to process transactions and handle payment-related compliance)
  • Analytics provider: PostHog (to analyze product usage and improve the Service)
  • Infrastructure and service providers: hosting, databases, monitoring, email delivery, and support tooling (as processors)
  • Authorities or advisors: when required by law or necessary to protect rights, safety, and security
  • Business transfers: if we undergo a merger, acquisition, or sale of assets (with appropriate safeguards)

We do not sell your personal data.

7) AI processing and third-party providers

To provide AI outputs, your inputs (and sometimes uploads) may be processed by underlying AI and infrastructure providers acting as our processors/subprocessors. We use providers we believe are appropriate for operating the Service and protecting data.

8) International transfers

Your personal data may be processed outside Sweden and/or the EEA (for example depending on where providers operate). Where required, we use appropriate safeguards for international transfers (such as Standard Contractual Clauses or other lawful mechanisms).

9) Data retention

We keep personal data only as long as necessary for the purposes described above, including:

  • as long as you maintain an account
  • as needed to provide the Service and resolve issues
  • as required by law (for example accounting and tax records)
  • for legitimate security and dispute-handling needs

You can request deletion (see "Your rights"). Some data may be retained where legally required or where we have a compelling legitimate reason (for example fraud prevention).

10) Security

We use reasonable technical and organizational measures designed to protect personal data. No system is perfectly secure, and you use the Service at your own risk.

11) Your rights

Depending on your location (and especially in the EU/EEA/UK), you may have rights to:

  • access your personal data
  • correct inaccurate data
  • delete data (right to erasure)
  • restrict or object to processing
  • data portability (in certain cases)
  • withdraw consent where processing is based on consent
  • lodge a complaint with your data protection authority

To exercise rights, contact: saturalabs@protonmail.com

12) Children

The Service is not intended for children, and we do not knowingly collect personal data from children.

13) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version and update the "Last updated" date. If changes are material, we will take reasonable steps to notify you.

14) Contact

Privacy questions or requests:

saturalabs@protonmail.com