HomePrivacy Policy

Privacy Policy

Last updated: 3. oĹľujka 2025.

Summary: We only collect data necessary to provide the service. We never sell your data. You can request deletion at any time at info@phv-solutions.com.

1. Data Controller

The controller of your personal data is PharmaVision Solutions d.o.o. (hereinafter "we", "us" or "CreaticoAI"). For any privacy-related questions, contact us at:

2. Data We Collect

Data you provide

  • Name, email address (at registration)
  • Payment information (processed by Stripe — we never store card data)
  • Content you enter in the app (posts, text, media)
  • Brand and company information (optional)

Data we collect automatically

  • IP address, browser type, operating system
  • App usage data (pages, clicks, session duration)
  • Cookies and similar identifiers (see Cookie Policy)

3. Purposes and Legal Basis

  • Performance of contract — providing the CreaticoAI service you subscribed to
  • Legitimate interests — platform security, fraud prevention, analytics
  • Consent — marketing communications (you can opt out at any time)
  • Legal obligation — keeping accounting records under Croatian law

4. Data Sharing

We share your data only with trusted service providers acting as our data processors:

  • Stripe — payment processing
  • Anthropic / OpenAI — AI content generation (prompts are processed but not used for model training)
  • Cloudflare — media storage and CDN
  • Vercel — application hosting

We do not sell, rent, or trade your personal data with third parties for marketing purposes.

5. International Transfers

Some of our service providers (e.g., Anthropic, Vercel) are based outside the European Economic Area (EEA). We ensure appropriate safeguards (EU Standard Contractual Clauses) to protect your data at a GDPR-equivalent level.

6. Retention Periods

  • Account data — until account deletion + 30 days
  • Posts and media — until account deletion
  • Accounting records — 11 years (legal obligation)
  • Security logs — 90 days

7. Your Rights

Under GDPR you have the right to:

  • Access — obtain a copy of your data
  • Rectification — correct inaccurate data
  • Erasure — request deletion ("right to be forgotten")
  • Restriction — temporarily limit processing
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Withdrawal of consent — withdraw marketing consent at any time

Submit requests to info@phv-solutions.com. We will respond within 30 days. You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP) at azop.hr.

8. Data Security

We implement technical and organizational security measures: HTTPS encryption, encryption at rest, role-based access control, regular security audits, and employee training.

9. Changes to This Policy

We will notify you of significant changes by email or in-app notification at least 14 days in advance. Continued use of the service after changes take effect constitutes acceptance.

10. Contact

For all privacy inquiries: info@phv-solutions.com