Privacy Policy

Last updated: January 27, 2026

1. Introduction

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal data when you use our AI-powered knowledge base and automated support system ("Service"), and informs you about your privacy rights under the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1.1 Data Controller

IE Petr Guskov
Merab Kostava 26 4
Tbilisi, 0105
Georgia
Email: service@yogavarta.com

2. Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Consent: Where you have given explicit consent for specific processing activities
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, provided your interests and rights do not override
  • Legal Obligation: Where we are required to process data by law

3. Data We Collect

We may collect the following categories of personal data:

  • Identity Data: first name, last name, username
  • Contact Data: email address, telephone numbers
  • Technical Data: IP address, browser type and version, time zone setting, operating system and platform
  • Usage Data: information about how you use our website and services
  • Communication Data: your interactions with our AI systems, chat messages, and support requests
  • Document Data: files and documents you upload for processing through our knowledge base system
  • Payment Data: transaction information (processed by Stripe)

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain our AI-powered services
  • Process documents and enable semantic search
  • Generate AI responses and provide automated support
  • Improve our AI models and service quality
  • Communicate with you about service updates
  • Process payments and manage subscriptions
  • Ensure security and prevent fraud
  • Comply with legal obligations

5. AI Processing

Our Service uses artificial intelligence technologies. This means:

  • Your interactions may be used to train and improve our AI models
  • Document content is processed to create embeddings and enable semantic search
  • Privacy safeguards are implemented during AI processing
  • Personal identifiers are removed or pseudonymized when possible

You have the right to object to automated decision-making that significantly affects you (GDPR Article 22).

6. Data Sharing

We may share your personal data with:

  • Service Providers: cloud hosting (Google Cloud), AI services (OpenAI, Anthropic), payment processing (Stripe)
  • Legal Authorities: when required by law or to protect our rights
  • Business Transfers: in connection with a merger, acquisition, or sale of assets

We do not sell your personal data to third parties.

7. International Data Transfers

Your data may be transferred to countries outside the EEA. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs) approved by the EU Commission
  • Other appropriate safeguards as required by GDPR

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Staff training on data protection

9. Data Retention

We retain your personal data only as long as necessary:

  • Account data: while your account is active and for a reasonable period afterward
  • Communication data: for support and service improvement purposes
  • Technical data: for security and analytics, typically 12-24 months
  • Legal requirements: as required by applicable law

9.1 Account Deletion

You may delete your account at any time through the mobile application:

  • Your account will enter a 14-day grace period
  • After 14 days, all associated data will be permanently deleted, including chat history, documents, and preferences
  • You will receive email confirmation when deletion is complete
  • This action cannot be undone after the 14-day period

10. Your Rights Under GDPR

Under the General Data Protection Regulation, you have the following rights:

  • Right of Access: Obtain confirmation of processing and access to your data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right Not to be Subject to Automated Decision-Making: Request human intervention in automated decisions

To exercise your rights, contact us at service@yogavarta.com or delete your account through the mobile app.

11. Cookies

We use cookies and similar technologies to improve your experience. You can manage cookie preferences through your browser settings. For more information, see our cookie settings.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

13. Supervisory Authority

If you are in the EU/EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

14. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact:

IE Petr Guskov
Data Protection Contact
Merab Kostava 26 4
Tbilisi, 0105
Georgia

Email: service@yogavarta.com