Privacy Policy

Last updated: March 2026

1. Data Controller

Krevato ("we", "us") is the data controller for the personal data we process. Contact: privacy@krevato.se

2. Personal Data We Collect

• Account data: name, email address, company name
• Brand data: website content, brand profile, content directives
• Social media: Facebook and Instagram account data via Meta API (with your consent)
• Payment data: handled by Stripe — we never store card numbers
• Usage data: how you interact with the platform

3. How We Use Your Data

• Account administration and authentication
• AI content generation tailored to your brand
• Publishing to your social media (with your approval)
• Performance analysis and weekly reports
• Improving our services

4. Third-Party Providers

• Supabase — database and authentication (EU-based)
• Anthropic (Claude) — AI text generation
• Google (Gemini) — AI image generation
• Meta — publishing to Facebook and Instagram
• Stripe — payment processing
• Vercel — hosting

5. Data Storage

All data is stored within the EU via Supabase. We retain your data for as long as your account is active. Upon cancellation, your data is deleted within 30 days.

6. Your Rights (GDPR)

You have the right to:

• Request access to your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Request restriction of processing
• Export your data (data portability)
• Object to processing

Contact us at privacy@krevato.se to exercise your rights.

7. Contact

Questions about our privacy policy? Contact us at privacy@krevato.se.