Privacy Policy
Last updated · 5 June 2026
At a glance
Quoven is operated by Mathieu Mafille from Switzerland. We process personal data to deliver the service, bill you, keep the product secure, and communicate with you. We never sell personal data and we do not run advertising on the service.
This policy explains, in plain terms, what we collect, why, how long we keep it, and what control you have. It is written for users in the European Union, Switzerland, the United Kingdom, and elsewhere, and is governed primarily by the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP / nLPD).
It applies to personal data we process when you visit quoven.io, create an account, use the Quoven service (including dossiers, briefs, and exports), receive emails from us, or contact us. It does not apply to third-party services we link to, which have their own privacy practices.
Who is the data controller
The data controller for the processing described in this policy is:
Mathieu Mafille, trading as QuovenRoute de Mont-Soleil 16
2610 Saint-Imier, Switzerland
privacy@quoven.io
What personal data we collect
Account and authentication
When you create an account we collect your name, email address, and (if you use a single sign-on provider) a profile photo. Our authentication provider Clerk stores password hashes, session tokens, and authentication metadata such as the last sign-in timestamp and IP.
If you sign in with Google, GitHub, or Apple, the SSO provider tells us your verified email address, your name, and a stable account identifier. We never receive your password.
Billing and orders
Payments and invoices are handled by Polar Software, Inc. acting as our Merchant of Record. When you subscribe, Polar collects your billing name, billing address, country, tax identifier (if applicable), and payment method. Polar shares with us only the data we need to deliver the service (your customer identifier, subscription status, and product). Polar is an independent data controller for the payment data it processes. Its privacy notice is at polar.sh/legal/privacy-policy.
Service content
When you use Quoven you submit briefs (product ideas, prompts, and parameters) and we generate dossiers (analyses, citations, charts, and exports). These artefacts are stored on your account and may contain personal data if you choose to include it. Please do not paste sensitive personal data, secrets, or confidential information that you do not have the right to share.
Usage and product telemetry
We log credits consumed, dossiers generated, features used, and error events so we can operate, debug, and improve the service. We also collect privacy-friendly web analytics through Vercel Analytics and Vercel Speed Insights, which do not set cookies and do not build a cross-site profile of you.
We use PostHog for product analytics and error tracking — which features are used, where users encounter friction, and which errors occur — so we can prioritise fixes and improvements. For signed-in users these events are linked to the account; for anonymous visitors they are not. By default PostHog runs cookieless (it sets no cookie). With your consent, we additionally enable analytics cookies (to recognise you across visits) and session replay — a masked recording of your interactions (clicks, navigation, scrolling) used to diagnose issues and improve usability. Replays block every form field and all confidential content, including your briefs and the dossiers we generate; if you decline, no cookie is set and no session is recorded. PostHog Cloud is hosted in the European Union. See our Cookie Policy and the sub-processors list.
Technical data
Like every web service, our hosting provider logs request metadata when you visit Quoven: IP address, user agent, request method and path, response status, and timestamp. We use this data for security, abuse prevention, and operational debugging.
Communications
If you write to us or we write to you, we keep the email content, attachments, and metadata so we can respond and keep a record of the conversation. Transactional emails are sent through Resend; inbound and outbound mail at @quoven.io addresses is hosted by Purelymail.
Why we process your data and on what legal basis
The lawful bases we rely on, under GDPR art. 6(1):
- Contract — art. 6(1)(b)
- Creating and maintaining your account, providing access to dossiers and exports, processing your subscription, and providing customer support.
- Legal obligation — art. 6(1)(c)
- Keeping invoicing and accounting records for ten years under article 958f of the Swiss Code of Obligations; responding to lawful requests from authorities.
- Legitimate interests — art. 6(1)(f)
- Operating the service securely (abuse prevention, fraud detection, rate-limiting); maintaining and improving product quality (debugging, error tracking, product and usage analytics); sending onboarding and service-related emails after you sign up; protecting our legal rights.
- Consent — art. 6(1)(a)
- Setting optional product-analytics cookies and recording masked session replays through PostHog, and sending optional marketing or research emails where applicable. You can withdraw consent at any time — for cookies and replay from the Cookie Policy page, and for emails from the email itself — or by writing to privacy@quoven.io.
When we rely on legitimate interests, we balance our need against your rights and freedoms. You can object to processing based on legitimate interests at any time.
How long we keep data
- Account data
- For as long as your account is active. Deleted within 30 days of account closure, unless a longer retention is required by law.
- Briefs, dossiers, and exports
- For as long as your account is active. Deleted within 30 days of account closure.
- Billing records and invoices
- Ten years from the end of the financial year in which the transaction occurred (art. 958f of the Swiss Code of Obligations).
- Inactive accounts
- Accounts with no sign-in or activity for 24 consecutive months are deleted automatically. We will send a warning email before deletion.
- Server and security logs
- Up to 30 days, then deleted or aggregated. Security incidents may be retained for longer where necessary to investigate or respond.
- Product analytics and error events
- Usage and error events collected through PostHog (hosted in the EU) are retained per the PostHog retention policy; we review and prune what we no longer need.
- Email correspondence
- Up to 24 months from the last message in the thread, unless we need to keep it longer to resolve a dispute.
- Backups
- Encrypted database backups are rotated; deleted data may persist in backups for up to 30 days before being overwritten.
Who we share data with
We do not sell personal data. We share it only with the parties listed below.
Sub-processors
We use a small number of third-party providers (hosting, database, authentication, email delivery, AI inference) to operate the service. They process personal data only on our documented instructions and, where the provider offers one, under a data processing agreement that meets GDPR art. 28. The current list, with locations and purpose, is published at /legal/sub-processors, which we keep current as providers change.
Polar (Merchant of Record)
Polar Software, Inc. is the Merchant of Record for our paid plans. Polar is an independent controller for the payment data it collects from you at checkout and on its dashboard. We receive only the operational subset (customer identifier, subscription status, product).
Authentication providers
If you choose to sign in with Google, GitHub, or Apple, your chosen provider shares limited profile data with us through Clerk. The provider is acting as an independent controller for the authentication step.
Legal authorities
We may disclose personal data when required by Swiss law, a court order, or another binding legal request. Where lawful, we will let you know before disclosing.
International transfers
Several of our sub-processors are based in the United States. When personal data is transferred outside the European Economic Area or Switzerland, we rely on the European Commission’s Standard Contractual Clauses (SCCs) and, where applicable, the EU–US Data Privacy Framework and the Swiss–US Data Privacy Framework. We assess each transfer for additional safeguards and document our analysis where the law requires it.
Your rights
Subject to local law, you have the right to access the personal data we hold about you, to ask us to correct it, to ask us to delete it, to ask us to restrict or object to processing, and to receive a portable copy of data you have given us. You can also withdraw consent at any time where we rely on it.
To exercise any of these rights, write to privacy@quoven.io. We respond within 30 days and may ask for information needed to confirm your identity before acting.
If you believe we have not handled your data correctly, you can complain to a supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC). In the European Union, this is the data protection authority of your country of residence.
How we secure your data
We rely on industry-standard safeguards: TLS in transit for every request; encryption at rest at the database, storage, and backup layers; access controls and audit logs; the principle of least privilege for everyone with operational access; and security patches applied through our providers’ managed services. We review our sub-processors’ security posture before onboarding and at regular intervals.
No method of transmission or storage is fully secure. If a breach affects your personal data and is likely to result in a risk to your rights, we will notify the relevant supervisory authority within 72 hours and notify affected users without undue delay.
Cookies
Quoven always sets the cookies needed to keep you signed in and to process payments, and never uses advertising cookies. Our analytics are cookieless by default; optional analytics cookies and session replay are set only with your consent and can be withdrawn at any time. See the Cookie Policy for details.
Automated decision-making
We do not make decisions that produce legal or similarly significant effects about you using solely automated means. The dossiers Quoven generates are decision support, not automated decisions: a human (you) is always in the loop.
Children
Quoven is not directed at children. You must be at least 18 years old to create an account. If you believe a child has provided us personal data, please contact privacy@quoven.io and we will delete it.
Changes and contact
We may update this policy from time to time. We will give you reasonable advance notice by email of any material change before it takes effect; minor changes, such as clarifications, may take effect immediately. The Last updated date at the top of this page always reflects the current version.
For any question about this policy or your personal data, write to privacy@quoven.io or to the postal address in our Legal Notice.