Privacy Policy
- Data controller
- Plant science, MB
- Registration code
- 305655144
- Registered address
- Antakalnio g. 48A-508, LT-10304 Vilnius, Lithuania
- Privacy contact
- info@getprolifik.com
- Supervisory authority
- State Data Protection Inspectorate (VDAI), Lithuania — vdai.lrv.lt
1. Who We Are
This Privacy Policy explains how Plant science, MB ("Prolifik", "we", "us", "our") collects, uses, and shares personal data when you visit getprolifik.com or use our Service. We act as data controller under Regulation (EU) 2016/679 (the "GDPR") and the Lithuanian Law on Legal Protection of Personal Data.
2. Data We Collect
2.1 You provide to us
- Account data: name, email address, password hash, company, role.
- Billing data: billing name, address, VAT number, and a payment-method token issued by our payment processor. We do not store full card numbers on our servers.
- Content inputs: prompts, URLs, uploaded text, images, audio, video, and brand assets you submit to generate Output.
- Communications: messages you send to support, survey responses, feedback.
2.2 Collected automatically
- Usage data: features used, pages viewed, actions taken, timestamps, session duration, error logs.
- Device & technical data: IP address, browser type and version, operating system, device identifiers, referring URLs.
- Cookies and similar technologies — see Section 10.
2.3 From third parties
- Connected platforms: when you connect Instagram, TikTok, YouTube, or LinkedIn, we receive the minimum profile data and publishing permissions needed to post on your behalf.
- Payment processor: transaction status, last four digits of your card, and fraud signals.
- Analytics and advertising partners (aggregated and pseudonymized data only).
3. Why We Use It
- Provide, operate, and improve the Service.
- Generate and deliver Output in response to your prompts.
- Manage accounts, process payments, issue invoices.
- Publish content to third-party platforms you authorize.
- Provide customer support and respond to your requests.
- Detect, prevent, and investigate fraud, abuse, and security incidents.
- Comply with legal, accounting, and tax obligations.
- Send service announcements, and, with your consent, marketing emails.
- Analyse aggregated usage to improve product quality and measure performance.
4. Legal Basis (GDPR Article 6)
- Performance of a contract (Art. 6(1)(b)) — to provide the Service you subscribe to.
- Legal obligation (Art. 6(1)(c)) — tax, accounting, and regulatory requirements.
- Legitimate interests (Art. 6(1)(f)) — improving the Service, securing our systems, preventing abuse, direct marketing to existing customers within reasonable limits.
- Consent (Art. 6(1)(a)) — non-essential cookies, marketing emails where consent is required, and any processing that legally requires consent.
You may withdraw consent at any time without affecting the lawfulness of earlier processing.
5. Sharing & Processors
We share personal data only with carefully selected partners under written contracts that meet GDPR requirements. Categories of recipients:
- Cloud infrastructure & hosting (e.g. AWS, Google Cloud, or similar EU/EEA providers).
- AI model providers used to generate Output — inputs are transmitted for inference only and are not used for model training unless you explicitly consent.
- Payment processors (e.g. Stripe, Paddle, or equivalent) for secure card handling.
- Email & notification providers for transactional and marketing messages.
- Analytics providers for product usage and performance measurement.
- Connected publishing platforms you authorize.
- Professional advisors (lawyers, auditors) under confidentiality obligations.
- Authorities where required by law, court order, or to protect rights, property, or safety.
We do not sell personal data.
6. AI Processing & Training
Your prompts, inputs, and generated Output are processed by third-party AI model providers solely to generate the response to your request. Under our contracts with these providers, your content is not used to train their foundation models unless you opt in separately.
We may use aggregated, anonymized telemetry (e.g. which features are used, error rates) to improve the Service. We do not use your identifiable personal data or content to train our own models without your consent.
7. International Transfers
Some of our processors may be located outside the European Economic Area. Where this is the case, we rely on:
- European Commission adequacy decisions where available;
- Standard Contractual Clauses (SCCs) adopted by the Commission; and
- Supplementary measures where required (e.g. encryption in transit and at rest, access controls).
You may request a copy of the relevant safeguards by contacting us.
8. Retention
- Account data — for as long as your account is active, plus up to 12 months after deletion for dispute resolution.
- Billing records — 10 years, as required by Lithuanian accounting law.
- Content inputs and generated Output — until you delete them, or for up to 12 months after account closure.
- Support communications — up to 3 years from last contact.
- Security and fraud logs — up to 24 months.
9. Your Rights
Under the GDPR you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate or incomplete data.
- Request erasure ("right to be forgotten") where conditions apply.
- Restrict or object to processing based on legitimate interests.
- Data portability for data you provided.
- Withdraw consent at any time.
- Lodge a complaint with the State Data Protection Inspectorate (VDAI) in Lithuania, or your local EU supervisory authority.
To exercise these rights, contact info@getprolifik.com. We respond within one month and may extend by two further months for complex requests, with notice.
10. Cookies & Tracking
We use cookies and similar technologies to operate the Service, remember preferences, measure performance, and (with consent) for marketing.
- Strictly necessary — authentication, security, load balancing. Always on.
- Functional — language, UI preferences.
- Analytics — aggregated usage measurement. Set only with consent where required.
- Marketing — attribution and advertising. Set only with consent.
You can manage your preferences in the cookie banner or your browser settings. Rejecting non-essential cookies will not affect core Service functionality.
11. Security
We implement technical and organizational measures appropriate to the risk, including encryption in transit (TLS), encryption at rest, access controls based on least privilege, regular backups, logging, and incident response procedures. No system is 100% secure; we cannot guarantee absolute security.
We will notify you and the competent supervisory authority of a personal data breach in line with GDPR Articles 33 and 34.
12. Children
The Service is not directed to children under 16 (or the applicable age of digital consent in your country). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact info@getprolifik.com and we will delete it.
13. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email or in-product notice at least 14 days before taking effect. The "Last updated" date above reflects the most recent revision.
14. Contact
- Privacy contact
- info@getprolifik.com
- General contact
- info@getprolifik.com
- Postal address
- Plant science, MB, Antakalnio g. 48A-508, LT-10304 Vilnius, Lithuania