Solfast
Buy credits
Legal

Privacy Policy

Last updated: May 20, 2026

Solfast sp. z o.o. ("Solfast", "we", "us") respects your privacy. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and the rights you have over it. It applies to our website, dashboard, agents and APIs (collectively, the "Service").

1. Data we collect

1.1 Information you provide

  • Account data: name, email, password hash, company, role.
  • Billing data: billing address, VAT/Tax ID, last four digits of payment instrument. Full card data is processed by our PCI-compliant payment processor and never stored on Solfast servers.
  • Content: prompts, domains, competitors, agent configurations and any files you upload.
  • Support data: messages you send us, attachments, call recordings (with consent).

1.2 Information we collect automatically

  • Device, browser, IP address, language and approximate location.
  • Usage events: pages visited, features used, credits consumed, error logs.
  • Cookies and similar technologies — see our Cookie Policy.

2. How we use your data

  • Provide, secure and improve the Service.
  • Process payments, calculate credit usage and issue invoices.
  • Send transactional emails (receipts, security alerts, product updates).
  • Detect, prevent and respond to fraud, abuse and security incidents.
  • Comply with legal obligations and enforce our Terms of Service.

3. Legal bases (GDPR)

We rely on the following lawful bases: performance of a contract, legitimate interests (operating and securing the Service), consent (marketing cookies and emails) and legal obligation (tax, accounting, anti-fraud).

4. Sharing

We do not sell personal data. We share data only with:

  • Sub-processors that operate the Service (cloud hosting, email delivery, payments, analytics, AI model providers). A current list is available on request.
  • Authorities when required by law or to protect rights, safety and security.
  • Acquirers as part of a merger, acquisition or asset sale, under equivalent protection.

5. International transfers

Personal data may be processed in the EU, UK and US. Where data leaves the EEA/UK, we rely on Standard Contractual Clauses and supplementary safeguards.

6. Retention

We keep account data while your account is active and for up to 24 months after closure. Billing records are retained for the period required by tax law (up to 10 years). Logs are kept up to 12 months.

7. Your rights

Subject to applicable law, you can access, correct, port, restrict or delete your personal data, withdraw consent and lodge a complaint with your supervisory authority. To exercise a right, email [email protected].

8. Security

We use encryption in transit (TLS 1.2+) and at rest, role-based access, audit logging, backup and disaster recovery. No system is 100% secure — please report concerns to [email protected].

9. Children

The Service is not directed to children under 16, and we do not knowingly collect their data.

10. Changes

We may update this policy. Material changes will be announced via email or in-product notice at least 30 days before they take effect.

11. Contact

Solfast sp. z o.o. · [email protected] · 10A Środkowa St, 34-405 Białka Tatrzańska, Poland · +48 18 534 43 70