Last updated: October 7, 2025
This Privacy Policy describes how Di11a ("we," "our," or "us") collects, uses, and protects your information when you use our AI-powered business co-pilot service.
Contact Information: Business Name: Roman Gorbunov, Individual Entrepreneur (trading as "Di11a"). Email: contact@di11a.com. Service: AI-Powered Business Analysis Platform.
1. Information We Collect
In accordance with GDPR and data protection regulations, we collect the following types of information: Personal Information including email address (for account creation and communication), name (provided during registration), authentication data (via Google OAuth), and payment information (processed securely through Paddle). Business Data including project information and business ideas you input, AI-generated analysis reports and personas, market research data and insights, and user-generated content and annotations. Technical Data including usage analytics via Google Analytics, device information and browser data, IP addresses and location data (approximate), and session data and interaction patterns.
2. How We Use Your Information
We use your information for Service Provision to provide AI-powered business analysis and insights, Account Management to create and maintain your user account, Payment Processing to handle subscription billing through Paddle, Communication to send service updates and support communications, Analytics to improve our service quality and user experience, and Security to protect against fraud and ensure platform security.
3. Third-Party Services
We integrate with the following trusted third-party services: Authentication & Data services including Google OAuth for secure user authentication, Supabase for database and backend services, and Google Gemini API for AI analysis capabilities. Analytics & Payments services including Google Analytics for usage analytics and Paddle for payment processing. Payment processing for paid subscriptions is handled by Paddle (https://www.paddle.com). We do not store full payment card numbers on our servers. For Paddle domain verification we host verification artifacts and support Paddle's verification methods (DNS TXT or site verification file / meta-tag). Our verified production domain is: di11a.com.
4. Data Security & Storage
We implement industry-standard security practices to protect your data including Encryption with SSL/TLS encryption for all data transmission, Secure Storage with data stored in SOC 2 compliant infrastructure, Access Control with row-level security and user data isolation, Regular Audits with security assessments and vulnerability testing, and Data Backup with regular backups with disaster recovery procedures.
5. Your Rights (GDPR)
Under GDPR, you have the following rights regarding your personal data: Right to Access to request a copy of your personal data, Right to Rectification to correct inaccurate personal data, Right to Erasure to request deletion of your personal data, Right to Restrict Processing to limit how we use your data, Right to Data Portability to export your data in a portable format, Right to Object to object to processing of your personal data, and Right to Withdraw Consent to withdraw consent at any time. To exercise these rights, contact us at contact@di11a.com.
6. Data Retention
Account Data is retained while your account is active. Business Projects are retained for the duration of your subscription. Analytics Data (aggregated data) is retained for 26 months. Deleted Accounts have personal data purged within 30 days.
7. International Data Transfers
Your data may be processed in countries outside the European Economic Area. We ensure adequate protection through Standard Contractual Clauses with service providers, Adequacy decisions from the European Commission, and Industry-standard security measures and certifications.
8. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any material changes by sending an email notification to registered users, posting a notice on our website, and updating the "Last updated" date at the top of this policy.
9. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at Email: contact@di11a.com with Subject Line: "Privacy Policy Inquiry". We will respond to your inquiry within 72 hours during business days. For payment handling questions, include any Paddle order id and we will coordinate with Paddle support as needed.