Theia

Privacy Policy

Last updated: January 2025

1. Data Controller

Delphi Data Labs GmbH

Meiereistraße 14

1020 Vienna, Austria

Email: office@delphidata.io

Chief Executive: Lukas Strohmeier

Data Protection Contact: office@delphidata.io

2. Legal Basis for Processing

We process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (Datenschutzgesetz - DSG). The legal bases for processing are:

  • Your consent (Art. 6(1)(a) GDPR)
  • Performance of a contract (Art. 6(1)(b) GDPR)
  • Legitimate interests (Art. 6(1)(f) GDPR)
  • Legal obligations (Art. 6(1)(c) GDPR)

3. Data We Collect

3.1 Account Data

When you create an account, we collect:

  • Email address (required for account creation and communication)
  • Password (stored encrypted)
  • Account creation date

3.2 Personalization Data

To provide personalized content, we collect:

  • Reading preferences and interests
  • Preferred regions and categories
  • Articles viewed, saved, or liked
  • Search queries and filters

3.3 Technical Data

We automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Referral source
  • Pages visited and time spent

4. Purpose of Data Processing

  • Account Management: Creating and maintaining your user account
  • Personalization: Tailoring news content to your interests
  • Analytics: Understanding usage patterns to improve our service
  • Communication: Sending service-related notifications
  • Security: Protecting against fraud and unauthorized access
  • Legal Compliance: Fulfilling legal obligations

5. Third-Party Services

Vercel Analytics: For website usage analysis. Data is pseudonymized.

Supabase: For secure database hosting and authentication. Data is stored within the EU.

We do not sell or share your personal data with third parties for their marketing purposes.

6. Data Retention

Registered Users: We retain your data as long as your account is active. You may request deletion at any time.

Unregistered Users: Technical data and analytics are retained for up to 26 months.

7. Your Rights Under GDPR

  • Right of Access (Art. 15): Request a copy of your data
  • Right to Rectification (Art. 16): Correct inaccurate data
  • Right to Erasure (Art. 17): Request deletion of your data
  • Right to Restriction (Art. 18): Limit how we use your data
  • Right to Data Portability (Art. 20): Receive your data in a structured format
  • Right to Object (Art. 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent (Art. 7): Withdraw consent at any time

To exercise any of these rights, contact us at office@delphidata.io

8. Data Security

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Regular backups

9. International Data Transfers

Your data is primarily stored within the European Union. Where data is transferred outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Right to Lodge a Complaint

If you believe we have not handled your data properly, you may lodge a complaint with:

Österreichische Datenschutzbehörde

Barichgasse 40-42

1030 Vienna, Austria

Phone: +43 1 52 152-0

Email: dsb@dsb.gv.at

11. Contact

For questions about this privacy policy, contact us at office@delphidata.io