Privacy Policy of TREORAí

Latest update: February 2026

Welcome to the privacy policy of TREORAí. This policy will help you understand what data we collect, why we collect it, and what your rights are in relation to it.

Owner and Data Controller

TREORAí
Contact email: hello@treorai.app

Type of Data we collect

Among the types of Personal Data that this Application collects, by itself or through third parties, there are:

Usage Data
Trackers
IP address
Browser fingerprint
Browser information
Email address
First name

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.

Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.

Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services.

Mode and place of processing the Data

Methods of processing

The Owner takes appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties.

Place

The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

The purposes of processing

The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests, detect any malicious or fraudulent activity, as well as the following:

Hosting and backend infrastructure
Registration and authentication
Spam and bots protection
AI and Generative Content Services

Detailed information on the processing of Personal Data

Hosting and backend infrastructure

This type of service has the purpose of hosting Data and files that enable this Application to run and be distributed or to provide a ready-made infrastructure to run specific features or parts of this Application.

Fly.io

Fly.io is a global application platform provided by Fly.io, Inc.
Place of processing: United Kingdom, United States (and globally distributed)
Personal Data processed: Usage Data, various types of Data as specified in the privacy policy of the service.

OpenAI API

The OpenAI API provided by OpenAI, L.L.C. is a service that helps the Owner to automate tasks through its AI engine.
Place of processing: United States
Personal Data processed: Trackers, Usage Data, Input Data (Text/Prompts).

Anthropic API (Claude)

The Anthropic API provided by Anthropic, PBC is a service that helps the Owner to generate text and automate tasks through its AI engine.
Place of processing: United States
Personal Data processed: Usage Data, Input Data (Text/Prompts).

Google Gemini API

Google Gemini is a service provided by Google LLC that helps the Owner to generate text and automate tasks through its AI engine.
Place of processing: United States (and globally)
Personal Data processed: Usage Data, Input Data (Text/Prompts).

xAI API (Grok)

The xAI API provided by xAI Corp. is a service that helps the Owner to generate text and automate tasks through its AI engine.
Place of processing: United States
Personal Data processed: Usage Data, Input Data (Text/Prompts).

Integration with external platforms

Registration and authentication

By registering or authenticating, Users allow this Application to identify them and give them access to dedicated services.

Spam and bots protection

Cloudflare

Cloudflare is a security service provided by Cloudflare, Inc.
Place of processing: United States
Personal Data processed: browser fingerprint, browser information, IP address, Trackers, Usage Data.

Further information about the processing of Personal Data

localStorage

localStorage allows this Application to store and access data right in the User's browser with no expiration date.

Further Information for Users in the European Union

Legal basis of processing

The Owner may process Personal Data relating to Users if one of the following applies:

Users have given their consent for one or more specific purposes.
provision of Data is necessary for the performance of an agreement with the User.
processing is necessary for compliance with a legal obligation to which the Owner is subject.

The rights of Users based on the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding their Data processed by the Owner. In particular, Users have the right to do the following:

Withdraw their consent at any time.
Object to processing of their Data.
Access their Data.
Verify and seek rectification.
Restrict the processing of their Data.
Have their Personal Data deleted or otherwise removed.
Receive their Data and have it transferred to another controller.
Lodge a complaint.

Definitions and legal references

Personal Data (or Data): Any information that directly, indirectly, or in connection with other information allows for the identification or identifiability of a natural person.
Usage Data: Information collected automatically through this Application, which can include: the IP addresses, the URI addresses, the time of the request, the method utilised to submit the request to the server, etc.
Data Controller (or Owner): The natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.