Privacy Policy – Salomo

Date: 13 August 2025
© 2025 Felix Mai, Sole Proprietor. All rights reserved.

1. Introduction

The following provides information on the processing of personal data when using our mobile app “Salomo”, our website salomo.world, and our profiles on social media. Personal data is any information relating to an identified or identifiable natural person, e.g., name or email address.

1.1 Contact Details

Controller pursuant to Art. 4 (7) GDPR:
Felix Mai, Sole Proprietor
Zeppelinstraße 44
14471 Potsdam, Germany
Email: info@salomo.world

1.2 Scope of Data Processing, Purposes, and Legal Bases

The following legal bases apply in particular:

• Art. 6 (1) (a) GDPR – Consent
• Art. 6 (1) (b) GDPR – Contract performance / pre-contractual measures
• Art. 6 (1) (c) GDPR – Compliance with legal obligations
• Art. 6 (1) (f) GDPR – Legitimate interest

1.3 Data Processing Outside the EEA

Where we transfer data to service providers in third countries (e.g., OpenAI in the USA), this is based on adequacy decisions of the European Commission (where available) or, in all other cases, on Standard Contractual Clauses pursuant to Art. 46 (2) (c) GDPR, supplemented by safeguards such as pseudonymisation and encryption.

1.4 Storage Period

Unless otherwise specified, we delete personal data once it is no longer required for its intended purpose and no statutory retention obligations apply. If deletion is not possible, processing will be restricted.

1.5 Data Subject Rights

You have the right to: access, rectification, erasure, restriction of processing, objection, data portability, and to withdraw consent at any time. You may also lodge a complaint with a supervisory authority.

1.6 Obligation to Provide Data

To use Salomo, you must provide the data required for account creation and contract performance (e.g., email address). Without this data, we cannot create or provide an account.

1.7 No Automated Decision-Making

We do not use fully automated decision-making within the meaning of Art. 22 GDPR.

1.8 Contacting Us

When you contact us by email or via the in-app support form, we process the data you provide to handle your request (Art. 6 (1) (f) GDPR). Data is deleted when no longer required.

2. Data Processing in the “Salomo” App

2.1 Categories of Data

• Profile Data: Email, User ID, optional name/gender
• User Content: Dream texts, reflections, uploaded images, optional audio (transcribed by OpenAI Whisper, if used)
• Analysis/Output: Archetype analyses, AI-generated images (OpenAI image generation)
• Usage Data: Sessions, onboarding status, anonymised statistics
• Subscription / Payment Status: Subscription status, product ID, transaction identifiers and similar metadata needed to validate entitlements (processed via Apple/Google and RevenueCat)

2.2 Purposes and Legal Bases

• Account creation and app use: Art. 6 (1) (b) GDPR
• Providing AI-based features (text/image): Art. 6 (1) (b) GDPR (service provision), and where applicable Art. 6 (1) (a) GDPR (consent, e.g., optional audio processing)
• Security, fraud prevention, and app stability: Art. 6 (1) (f) GDPR
• Subscription management / entitlement validation: Art. 6 (1) (b) GDPR

2.3 Recipients / Service Providers

Depending on use, data may be processed by the following categories of recipients:

• OpenAI (text and image generation; USA)
• Supabase (authentication/database hosting; EU hosting, if configured accordingly)
• RevenueCat (subscription management/entitlement validation; processes subscription metadata)
• Apple App Store / Google Play (in-app purchases and payment processing under their own responsibility)

2.4 Account Deletion

Account deletion via the in-app “Delete account” function removes personal data from live systems immediately. Backups and sub-processors may technically require up to 30 days before deletion is fully completed.

3. Data Processing on Our Website

3.1 No Cookies

We do not use cookies or similar tracking technologies on our website.

3.2 Server Logs

When you visit the website, our hosting provider may process server log data (e.g., IP address, date/time, requested page, browser, operating system). Legal basis: Art. 6 (1) (f) GDPR (security and technical operation). Deletion: Typically within 14 days, unless longer retention is required for security purposes.

3.3 Payments on the Website

We do not process payments directly on the website. Subscriptions are handled via Apple App Store / Google Play (see Section 2).

3.4 Data Protection Seal / Tools

If a data protection seal provider (e.g., HeyData GmbH) is used on the website, the display and verification of the seal may involve processing technical access data. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in documentation and trust).

4. Social Media

We operate profiles on Facebook, Instagram, TikTok, X (Twitter), and LinkedIn. Processing is carried out by the platform operators under their respective privacy policies. We may receive aggregated statistics (e.g., reach, interactions) depending on the platform.

5. Changes

We may update this Privacy Policy in the future. The current version is always available at salomo.world.