Privacy Policy

Hello Emma AB ("we", "us", or "our") is the data controller responsible for your personal data. We are registered in Sweden and operate in accordance with the EU General Data Protection Regulation (GDPR).

We collect the following types of personal data:

• Account information: Email address, name (if provided)
• Product data: URLs and content you submit for analysis
• Usage data: How you interact with our service, features used, session duration
• Payment information: Processed securely through Stripe; we do not store card details
• Technical data: IP address, browser type, device information

We process your personal data for the following purposes:

• To provide and improve our marketing campaign generation service
• To process payments and manage your account
• To send service-related communications
• To send marketing communications (only with your consent)
• To analyze and improve our service
• To comply with legal obligations

Under GDPR, we process your data based on:

• Contract: Processing necessary to provide our services to you
• Consent: For marketing communications and newsletter subscriptions
• Legitimate interest: To improve our services and prevent fraud
• Legal obligation: To comply with applicable laws and regulations

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Account data: Until you delete your account, plus 30 days
• Campaign data: 2 years from creation, or until account deletion
• Payment records: 7 years (Swedish accounting requirements)
• Marketing consent: Until withdrawn

You have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Request limitation of how we use your data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at privacy@hellorevenue.me. We will respond within 30 days.

We use cookies and similar technologies to:

• Keep you signed in
• Remember your preferences
• Understand how you use our service
• Improve performance

You can control cookies through your browser settings. Note that disabling cookies may affect service functionality.

We use the following third-party services that may process your data:

• Stripe: Payment processing (US, EU SCCs in place)
• OpenRouter/AI providers: AI-powered analysis (product data only, no personal identifiers)
• Vercel: Hosting and infrastructure (US, EU data region available)

We ensure all third-party processors comply with GDPR through appropriate agreements and safeguards.

Some of our service providers are located outside the EU/EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Other approved transfer mechanisms under GDPR

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption in transit (TLS) and at rest
• Access controls and authentication
• Regular security assessments
• Employee training on data protection

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through our service. The "Last updated" date at the top indicates when the policy was last revised.

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY):