Privacy Policy

Pheme operates a SaaS platform at app.phemeapp.com and website phemeapp.com. This policy explains data collection, use, storage, and protection practices in compliance with GDPR and Czech Act No. 110/2019 Coll.

Company: Pheme (operated by Filip Zakravsky) Email: privacy@phemeapp.com Address: Czech Republic

Account Data: Email address, full name, hashed passwords.

Project & Business Data: Brand/company name, website domain, competitor information, search queries.

Analytics Data: Scan results, aggregated metrics including visibility scores and sentiment.

Usage & Technical Data: IP address, browser type, pages visited, user actions.

Payment Data: Billing information processed by payment provider, subscription status.

Processing activities justified under GDPR Articles 6(1)(b) for contract performance, 6(1)(f) for legitimate interests, 6(1)(a) for marketing consent, and 6(1)(c) for legal obligations.

We use your data to provide and maintain AI visibility monitoring, generate reports and recommendations, process payments and subscriptions, communicate service updates, improve platform functionality, and prevent abuse and ensure security.

Data is shared with cloud infrastructure, payment processing, email delivery, and AI service providers. International transfers are protected via EU Standard Contractual Clauses and Data Privacy Framework decisions.

Implemented measures include encryption at rest and in transit, secure password hashing, access controls, rate limiting, and regular security reviews. Infrastructure is hosted within the EU.

Account data: retained until deletion. Project/analytics data: retained until deletion. Usage logs: 12 months. Payment records: as legally required.

Account deletion removes all data within 30 days.

You have the right of access, right to rectification, right to erasure, right to restriction, right to portability, right to object, and right to withdraw consent. Exercise your rights by contacting privacy@phemeapp.com — we guarantee a response within 30 days.

We use essential cookies for authentication and session management only. Local storage is used for theme preferences. No third-party tracking or advertising cookies are used.

The Service is not directed to anyone under 16. We do not knowingly collect data from children under 16.

Breaches posing risks to your rights will be reported to the supervisory authority within 72 hours. Affected users will be notified promptly.

Office for Personal Data Protection (UOOU) Pplk. Sochora 27, 170 00 Prague 7, Czech Republic www.uoou.cz

Updates will be notified to registered users via email with the date of changes reflected at the top of this page.

Privacy inquiries: privacy@phemeapp.com General inquiries: hello@phemeapp.com