Last updated: February 2026
Privacy Policy
We respect your privacy. This page explains what data we collect and how we use it.
Data Controller
TelcaVoIP International EU
- Registered office
- Ul. Zbozowa 4A, 70-653 Szczecin, Poland
- VAT
- PL8513242072
- Privacy contact
- privacy@telcavoip.eu
1. Data we collect
- Account data: email, name, password hash (bcrypt), preferred language, optional referral code.
- Usage data: messages sent, images generated, documents uploaded, code projects, current plan, billing history.
- Content: chat history, generated images, code projects, uploaded PDFs and extracted text.
- Technical: IP address, browser type, session tokens.
2. Legal bases (GDPR Art. 6)
- Contract: processing necessary to provide the Service you subscribed to.
- Legal obligation: billing/tax records retention.
- Legitimate interest: abuse prevention, quota enforcement, fraud detection.
3. How we use your data
- To provide the Service (authentication, AI processing, billing).
- To enforce quotas and detect abuse.
- To comply with legal obligations (e.g. accounting records under Polish law).
4. Third-party processors
Your prompts may be sent to AI providers for inference: Anthropic (Claude), OpenAI (GPT, GPT-Image-1), Google (Gemini, Nano Banana). Payments are processed by Stripe. Hosting is provided by our EU cloud infrastructure partner (EU regions where possible). Each processor is bound by a data-processing agreement compliant with GDPR Art. 28.
5. International transfers
Some AI providers (Anthropic, OpenAI, Google) process data in the United States. Transfers rely on EU Standard Contractual Clauses and additional technical safeguards (TLS encryption, minimisation).
6. GDPR rights
You have the right to: access, rectify, delete ("right to be forgotten"), restrict processing, object, and port your data. Contact us at privacy@telcavoip.eu. You may also lodge a complaint with the Polish Personal Data Protection Office (UODO).
7. Data retention
- Account data: kept while your account is active.
- AI conversation history & generated content: until you delete them (per-item or via account deletion).
- Billing records: 5 years from end of the accounting year (Polish Accounting Act).
- Server logs: 90 days.
8. Cookies & local storage
We use one httpOnly session cookie for authentication. LocalStorage holds your language preference and JWT token. No third-party tracking or advertising cookies.
9. Security
All data is encrypted in transit (TLS 1.2+) and at rest. Passwords are bcrypt-hashed (cost โฅ 12). Access to production systems is limited to authorised personnel.
10. Children
The Service is not directed to children under 18. We do not knowingly collect personal data from minors.
11. Updates
We may update this Policy; the current version is always available on this page. Material changes will be notified by email at least 14 days in advance.
12. Contact
Privacy: privacy@telcavoip.eu ยท Support: support@telcavoip.eu