Privacy Policy

Last updated: 20.08.2025

We respect your privacy and comply with the EU General Data Protection Regulation (GDPR). This Privacy Policy explains what personal data we process, why we do so, and how you can exercise your rights.

1. Controller

The controller under Art. 24 GDPR is:

amara care GmbH
Trautenwolfstraße 5
80802 München, Germany

Email: info@userhive.ai

2. Your rights

You have the following rights regarding your personal data:

  • Right of access and to receive a copy (Art. 15 GDPR)

  • Right to rectification (Art. 16)

  • Right to erasure (“right to be forgotten,” Art. 17)

  • Right to restriction of processing (Art. 18)

  • Right to object to processing (Art. 21)

  • Right to data portability (Art. 20)

  • Right to withdraw consent at any time (Art. 7)

You may also lodge a complaint with your local Data Protection Authority.

3. Data we process and purposes

3.1 Website and platform use

  • Data: IP address, device/browser type, access times, pages visited

  • Purpose: operating the website and ensuring security

  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

  • Retention: log files stored up to 30 days

3.2 Account & project data

  • Data: name, email, company details, login credentials, project inputs (e.g. text, prototypes, uploads)

  • Purpose: providing access, running research projects, generating results

  • Legal basis: Art. 6(1)(b) GDPR (contract performance)

  • Retention: deleted after account closure (max. 12 months)

3.3 Communication & support

  • Data: messages, email contact details

  • Purpose: handling inquiries and support

  • Legal basis: Art. 6(1)(b) or (f) GDPR

  • Retention: up to 12 months after request completion

3.4 Marketing & outreach

  • Data: email address, interaction with emails

  • Purpose: sending updates or outreach messages

  • Legal basis: consent (Art. 6(1)(a) GDPR)

  • Retention: until withdrawal of consent

4. Sub-processors and recipients

We use trusted service providers to deliver our platform:

  • Hosting & runtime: Railway (EU/EEA)

  • Automation workflows: n8n self-hosted on Railway (EU/EEA)

  • Database & authentication: Neon (EU/EEA)

  • Analytics: Posthog (EU/EEA or with SCCs if outside)

  • CRM / outreach: Apollo (with SCCs for transfers outside EU/EEA)

  • Payment: invoice (no processor)

  • Support: email only

Where providers process data outside the EU/EEA, we rely on EU Standard Contractual Clauses (SCCs).

5. Data retention

  • Account data: as long as you maintain an account

  • Project data: deleted after account closure (max. 12 months)

  • Technical logs: 30 days

  • Legal retention: where required (e.g. invoices under tax law)

6. Security

We use encryption, access controls, logging, and regular reviews to protect your data against unauthorized access, misuse, or loss.

7. Cookies & tracking

We keep use of cookies minimal. Essential cookies may be required for platform security. Analytics (via Posthog) is used to improve service performance.

8. Contact

For privacy questions or to exercise your rights, please contact:

info@userhive.ai