top of page
BrandostroDigiLogoWhtTXT1.png
Start for Free

Privacy Policy

April 2026

Privacy Policy


Effective Date: May 21, 2026


Brandostro ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we process and protect it, and the rights you have regarding your personal information.


1. Data We Collect


We limit our data collection to what is strictly necessary to provide you with a seamless experience on our platform.

  • Account Data: When you register, we collect your email address. Strict email verification is mandatory before platform access is granted.

  • Brand Data: This includes the business descriptions, industry preferences, keywords, and inputs you provide to generate your brand content.
    Our AI Safety Commitment: This data is used solely to generate your custom brand system. It is never used to train underlying AI models, nor is it shared with third parties for marketing purposes.

  • Usage Data: We collect anonymized information regarding how you interact with the platform (e.g., pages visited, features utilized, and generation events). This data is used exclusively to analyze performance and improve the product.

  • Payment Data: All financial transactions, billing details, and subscription management are handled exclusively by Polar (https://polar.sh), acting as our Merchant of Record. Brandostro does not store, process, or have access to your raw credit card details or payment credentials.


2. How We Use Your Data


We process your information under clear legal bases, primarily to fulfill our contract with you and to pursue our legitimate business interests. Specifically, we use your data:

  • To provision, maintain, and optimize the Brandostro service.

  • To facilitate secure payment processing and subscription management via Polar.

  • To dispatch critical transactional emails (e.g., account verification, receipts, and system alerts).

  • To detect, prevent, and mitigate fraud, abuse, or unauthorized automated activity.

  • To comply with global legal and regulatory obligations.

Data Sharing Restrictions: We do not sell, rent, or trade your data. We only share information with trusted third-party service providers required to deliver our service (such as Polar for billing and secure email infrastructure providers for transactional delivery).


3. Data Security & Integrity


We employ industry-standard technical and organizational measures to safeguard your information:

  • Encryption: All data is encrypted in transit using Transport Layer Security (TLS) and encrypted at rest on our secure cloud infrastructure.

  • Access Control: Access to production environments is strictly restricted to authorized personnel, authenticated via multi-factor authentication, and fully audited.

  • Platform Defense: We implement advanced rate limiting and CAPTCHA protection to defend against brute-force attacks and automated platform abuse.

  • Account Verification: Mandatory email verification ensures that only verified owners can access and manage account profiles.


4. Data Retention & Deletion


  • Active Term: Your brand data and generation history are retained for as long as your account remains active, allowing you ongoing access to your assets.

  • Account Deletion: You may request the deletion of your account and associated data at any time. Upon receiving a formal deletion request, your personal data will be permanently purged from our active databases within 30 days.

  • Analytics: Fully anonymized usage metrics, which cannot be traced back to an individual user, may be retained indefinitely for historical product analytics.


5. Global Privacy Rights (Including GDPR & UK GDPR)


Depending on your location (such as the European Economic Area or the United Kingdom), you possess specific statutory rights regarding your personal data. These include the right to:

  • Access the personal data we hold about you.

  • Rectify inaccurate or incomplete information.

  • Erasure ("Right to be Forgotten") of your personal data.

  • Restrict or Object to certain data processing activities.

  • Data Portability to export your account information in a structured, machine-readable format.

To exercise any of these rights, please contact our privacy compliance team at info@brandostro.com.


6. Cookies & Tracking


We use a minimal cookie structure to ensure platform stability and performance:

  • Essential Cookies: Strictly necessary for secure user authentication, session maintenance, and security enforcement.

  • Analytics Cookies: Used to gather aggregate, non-identifiable insights on how users navigate the platform.

You can manage or disable cookie preferences directly through your web browser settings; however, disabling essential cookies may impact platform functionality.


7. Contact Us


For any privacy-related inquiries, data requests, or questions regarding this policy, please contact us at:

bottom of page