This is a draft outline of the Privacy Policy (GDPR-oriented). Fill in your data controller and sub-processor details.

• Data Controller: specify the legal entity.
• Purposes: account, billing, product improvement, security.
• Legal bases: contract, legitimate interest, consent for analytics.
• Sub-processors: Supabase, Vercel, AI providers (Google/OpenAI).
• Retention periods and GDPR rights (access, deletion, objection).
• Cookies: essential for session, optional analytics (PostHog).
• Contact for exercising rights: hello@wizia.ai