Predivora
PredivoraPrendila con calma. Ma in modo intelligente.

Legal

Privacy

Understand how CodeVera SRL collects, processes and protects personal data for predivora.ro and app.predivora.ro.

Last updated: 2025

1. Contact Information

CodeVera SRL is the data controller for Predivora.

2. Age Restrictions

The service is intended for individuals aged 16+. We do not knowingly collect personal data from children under 16.

3. Data We Collect

3.1 Account Data

  • Full name
  • Email address
  • Password (hashed with bcrypt)
  • JWT authentication tokens
  • Google / Apple social login identifiers

3.2 Usage Data

  • Prompts submitted to the AI
  • Generated analyses and history
  • App interaction logs
  • Session identifiers

3.3 Technical Data

  • IP address
  • Browser type and version
  • Device details
  • Operating system
  • Referrer URLs
  • Error logs and performance metrics

3.4 Cookies & Tracking

Non-essential cookies only load after you grant consent through our GDPR-compliant banner. Tools in use include:

  • Google Analytics
  • Plausible
  • Vercel Analytics
  • Cloudflare Analytics
  • LogRocket
  • Sentry
  • Hotjar

3.5 Payment Data

Payments may be processed via Stripe or similar providers. We do not store credit card details.

3.6 Marketing Data

Registered users (free and paid) may receive the following communications:

  • Promotional emails
  • Special offers
  • Product updates

We also track engagement metrics to understand campaign performance:

  • Email open rates
  • Link click rates
  • Engagement with email campaigns

4. How We Use Personal Data

  • Create and manage user accounts
  • Authenticate users with JWT tokens
  • Generate AI-based analyses
  • Improve platform performance and reliability
  • Send promotional communications
  • Process payments for premium features
  • Prevent fraud and maintain security
  • Comply with legal obligations

AI processing: Prompts may be sent to OpenAI (ChatGPT API) solely for generating responses. According to OpenAI's API policy, submitted data is not used for training their models.

5. Legal Basis (GDPR)

  • Contract performance — account access, AI processing and payments
  • Consent — analytics and marketing cookies
  • Legitimate interest — marketing emails to all registered users, fraud prevention, security and error monitoring

6. Data Sharing

We do not sell personal data. Information is shared only with trusted processors that help us operate the service:

  • OpenAI (AI processing)
  • Supabase (database hosting)
  • Google Cloud (backend infrastructure)
  • Analytics tools listed above
  • Payment processors such as Stripe

7. Data Retention

  • User accounts: deleted upon request and retained for two additional weeks for recovery
  • AI-generated analyses and history: 48 months
  • Error and server logs: retained indefinitely
  • Payment records: stored as required by financial law (5–10 years)

8. International Data Transfers

Some providers (e.g., OpenAI, Google, Stripe, Cloudflare, LogRocket, Hotjar, Sentry) may process data in the United States or other countries. Transfers rely on GDPR safeguards such as Standard Contractual Clauses (SCCs).

9. Security Measures

  • Bcrypt password hashing
  • JWT-based authentication
  • HTTPS encryption
  • Supabase access controls
  • Firewall and DDoS protection
  • Error monitoring tools

10. User Rights (GDPR)

Users may exercise the following rights at any time:

  • Access their data
  • Correct inaccurate data
  • Request deletion
  • Unsubscribe from marketing emails
  • Withdraw cookie consent
  • Export their data
  • Restrict or object to processing

Requests can be submitted via contact@codevera.ro.

11. Cookies

Our site uses a GDPR-compliant cookie banner. Essential cookies always remain active. Analytics and marketing cookies load only after explicit consent, which you may withdraw at any time.

12. AI Disclaimers

  • AI-generated content may not be fully accurate
  • Users should not rely solely on predictions for betting or financial decisions
  • Prompts and results are used only for response generation and feature improvement

13. Account Deletion

Account deletion requests are honored at any time. Data is soft-deleted for two weeks to allow recovery, then permanently removed.

14. Changes to This Policy

We may update this Privacy Policy when necessary. Updates will appear on this page, and significant changes may be communicated via email.

15. Contact

For privacy-related questions, contact:

CodeVera SRL
Bucharest, Romania
contact@codevera.ro