This Privacy Policy explains how KORELVISION SRL ("we") processes personal data when you use Delixor. We process data in accordance with the EU General Data Protection Regulation (GDPR).
1. Our role: controller and processor
For your account and the data you provide about your business, we are the data controller. For the personal data your published website collects from its visitors (for example contact-form messages or booking requests), we act as a processor on your behalf — you are the controller for that data and are responsible for informing your end users and having a lawful basis. This policy describes the data for which we are the controller.
2. Categories of data subjects
- Account holders — the person and business that registers and uses Delixor.
- Prospects — people who contact us or sign up for information.
- End users of your website — your visitors and customers (we process their data only as your processor).
3. Data we process
- Account data: name, email, password (hashed), organization details.
- Business data: information you provide about your business to generate and run your website.
- Billing data: plan, transactions and invoice data (card data is handled by our payment processor, not stored by us).
- Usage data: log data, device/browser information, and basic analytics needed to operate and secure the service.
- Contacts collected by your website: messages, quote/booking requests and newsletter sign-ups your visitors submit — processed on your behalf.
4. Purposes and legal bases
- Providing the service and your account — performance of a contract (Art. 6(1)(b)).
- Billing and bookkeeping — legal obligation (Art. 6(1)(c)).
- Security, fraud prevention and product improvement — legitimate interest (Art. 6(1)(f)).
- Optional integrations, analytics and marketing communications — consent (Art. 6(1)(a)), where applicable.
5. AI processing
To generate website content, the business information you provide is sent to AI providers (see the list below). We do not use this data to train public models and we send only what is needed to produce your content.
6. Automated decision-making
We use AI to generate content and suggestions, but we do not make decisions that produce legal or similarly significant effects about you solely by automated means. AI output is a draft that you review and control.
7. Processors and sub-processors
We use trusted providers who process data on our behalf under data-processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| Contabo GmbH | Hosting / operation | DE |
| Cloudflare, Inc. | CDN / DNS / security | EU/US |
| Brevo (Sendinblue SAS) | Email delivery | EU |
| Stripe Payments Europe, Ltd. | Payment processing | EU/US |
| OpenAI Ireland Ltd. | AI content generation | EU/US |
| Anthropic PBC | AI content generation | US |
| OpenProvider (Hosting Concepts B.V.) | Domain registration | EU |
| Unsplash / Pexels | Stock images | US |
8. International transfers
Some providers may process data outside the EEA (e.g. in the US). Such transfers are protected by appropriate safeguards, such as the EU Standard Contractual Clauses.
9. Security
We apply appropriate technical and organisational measures to protect personal data, including encryption in transit, encrypted storage of secrets, access controls and regular backups. No method of transmission or storage is completely secure, but we work to protect your data and to notify you of a breach where required by law.
10. Retention
We keep account and business data for the duration of your subscription and a reasonable period afterwards. Billing records are kept as required by law. Contacts collected by your website are retained while your account is active or until you delete them.
11. Your rights
You have the right to access, rectify, erase, restrict and object to the processing of your data, and to data portability. Where processing is based on consent, you may withdraw it at any time. To exercise these rights, contact privacy@delixor.hu. You may lodge a complaint with your supervisory authority — in Romania, the National Supervisory Authority for Personal Data Processing (ANSPDCP); in Hungary, the NAIH.
12. Children
Delixor is intended for businesses and is not directed at children. We do not knowingly process the personal data of children for our own purposes.
13. Google services and Limited Use
If you choose to connect your Google account, Delixor requests access only to the following scopes, used solely to provide the features you enable:
- Google Analytics (analytics.edit) — to create and configure a Google Analytics 4 property for your website and connect it to your account.
- Google Search Console (webmasters) — to verify your website and connect it to Search Console so you can see indexing and search performance.
We access this data only with your explicit consent through Google's secure OAuth flow, store the resulting tokens encrypted, and use the data only to operate the features you requested. We do not use Google user data for advertising, do not sell it, and do not use it to train AI models. You can disconnect at any time, which revokes our access.
Delixor's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
14. Cookies
See our Cookie Notice for details on the cookies we use.
15. Changes to this policy
We may update this policy from time to time. The effective date above shows the latest version; material changes will be communicated where appropriate.
16. Contact
KORELVISION SRL — privacy@delixor.hu.