Sign inRegistration

Privacy Policy

Privacy Policy – dietspremium.com

Updated: 08 Mar 2025

§1. General

This Policy describes personal data processing under the GDPR.

§2. Data categories

  • Registration: first name, last name, e-mail, password.
  • Purchases: billing/delivery address, phone, order data (e.g., PDF invoices).
  • Profile images: avatar & background (see §7).
  • Technical: IP, timestamps, browser data, cookies, failed sign-in logs.
  • Search/filters: technical logs of search/access (see Terms §4).

§3. Purposes & legal bases (GDPR Art. 6)

  • Contract/account & invoicing (b).
  • Legal obligations incl. retention (c).
  • Legitimate interests: security, fraud prevention, statistics, service improvement (f).
  • Consent: newsletter/marketing cookies/profile images (a), where required.

§4. Recipients & transfers

  • No disclosure to third parties unless required by law or consented.
  • Processors bound by data-processing agreements (Art. 28 GDPR).

§5. Retention

  • For the contract term and statutory periods (tax/commercial).
  • Profile images: permanently deleted on removal; temporary uploads auto-deleted.

§6. Data subject rights

Access, rectification, erasure, restriction, portability, objection, complaint to a supervisory authority.

§7. User images (Avatar & Background)

  • On upload we create a “fit” version (EXIF may be removed) and store it first in a temporary folder.
  • When set as avatar/background it is stored with the profile; when removed it is permanently deleted. Unused temporary files are auto-deleted.
  • Formats: PNG/JPG/WebP; upload limits may apply.

§8. Security

Encrypted transfer, access/failed-attempt logs, IP blocking on suspected abuse, and appropriate technical/organisational measures.

§9. Cookies

Necessary/optional cookies (session/persistent) for sign-in, convenience, statistics. Browser settings can be changed; functionality may be affected. Google Ads preferences: google.com/ads/preferences/.

§10. Newsletter

Sent only with consent; unsubscribe at any time.

§11. Contact & complaints

Contact via the form; we typically respond within 14 days.

§12. Virtual Assistant Alicja

Alicja is our proprietary AI-powered digital assistant. We process your chat inputs, session identifiers, and (for registered users) basic account data to personalize advice. We utilize RAG (Retrieval-Augmented Generation) systems in combination with AI models via secure APIs. If you use the voice feature, temporary audio data is processed by the local AI model (data is not sent to third parties or other service providers) solely for speech-to-text conversion and is deleted within a maximum of 60 seconds. Conversation history is retained for 90 days to ensure continuity, and technical logs are deleted after 30 days. Your data is used ENTIRELY for the operation of the Alicja assistant and is NEVER used to train third-party public models. We also provide an API in the form of an MCP (Model Context Protocol) server. This service stores tokens and usage logs, and resets limits depending on the account type. It is strictly available to registered users only.

Effective date: 08 Mar 2025