PRIVACY POLICY

Last updated: September 22, 2025

I. General Information

Your privacy is important to us. This Privacy Policy explains how S.C. SILVERCARE S.R.L., with registered office in Cosâmbești, Str. Valea Pezenului, nr. 4, Ialomița, Romania (the “Controller” or “Eldie”), collects, uses, and shares your personal data when you use the Eldie mobile application (the “App”).

We process personal data in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation – “GDPR”) and other applicable laws.

II. Categories of Personal Data We Process

We process the personal data you provide to us when you use the App. You are not required to provide data; however, if you choose not to, we may be unable to deliver our services.

When you create an account and use the App, we may process: name and surname, phone number, email address, billing address, delivery address, and information about how you use the App (e.g., behavior/preferences). If you sign up using Facebook, Google, Apple or similar providers, we may receive public profile data from those services (e.g., user name, email address).

We also process the information you provide while chatting with the AI companion (“Virtual Friend”). Conversation content may be summarized after a certain number of interactions and stored in Eldie’s database to improve your experience.

Special category data (health data). If you voluntarily share health-related information via the Virtual Friend, we may collect and store it only with your explicit consent and solely to enhance your experience with the Virtual Friend.

III. Purposes and Legal Bases

We process your personal data to:

  • Provide and operate the App, identify you as a user, and respond to requests (Art. 6(1)(b) GDPR – contract).
  • Improve our services, ensure security, prevent fraud, and resolve disputes (Art. 6(1)(f) GDPR – legitimate interests).
  • Send marketing communications where permitted (Art. 6(1)(a) GDPR – consent or Art. 6(1)(f) legitimate interest, as applicable).
  • Comply with legal obligations (Art. 6(1)(c) GDPR).
  • Process special category data (health data) only with your explicit consent (Art. 9(2)(a) GDPR).

IV. Android Permissions & SDK Disclosures

To operate certain features, the App may request device permissions. We only request what is necessary and we explain the purpose at the time of request:

  • Notifications – to deliver account and service alerts.
  • Camera / Microphone (if enabled) – for optional voice or image features you initiate.
  • Storage / Photos (if enabled) – to let you upload or save content you choose.

If we integrate third-party SDKs (e.g., analytics, crash reporting, authentication), we will list them in this policy or in an in-app notice, including their purpose and data types they access. We do not sell your personal data.

V. Data Sharing

We may share data with trusted partners that help us operate the App (e.g., IT service providers, cloud hosting, accounting), commercial partners, and with public authorities where required by law. Examples include:

  • Operating, maintaining, personalizing, and improving the App.
  • Analytics, testing, research, safety features, and user authentication.
  • Marketing communications within legal limits and based on your choices.
  • Legal compliance requests.

When we appoint a processor, we sign a written agreement requiring them to process data only under our instructions and to implement appropriate security measures.

VI. International Transfers

Your data may be transferred within the EU/EEA or to countries recognized by the European Commission as providing an adequate level of protection. If we transfer data to other countries, we will use appropriate safeguards (e.g., Standard Contractual Clauses).

VII. Data Security

We implement technical and organizational measures to protect your data, follow the principle of data minimization, restrict access to authorized personnel, and provide ongoing training on security and privacy.

VIII. Retention

We keep your personal data only as long as necessary for the purposes described above or as required by law. If you delete your account, we will stop sending marketing messages. Account deletion does not automatically erase all data. You can request deletion or other rights as described below. Records required by law (e.g., accounting) are retained for the legally mandated period.

IX. Children’s Privacy

Our App is not directed to children under the age where parental consent is required by local law. If you are a parent or guardian and believe your child provided personal data, please contact us so we can take appropriate action. Where applicable, we will obtain verifiable parental consent before processing a child’s data.

X. Your Rights

Subject to GDPR and applicable law, you have the right to:

  • Access your data and obtain information about our processing.
  • Rectify inaccurate or incomplete data.
  • Erase data (“right to be forgotten”) where grounds apply.
  • Restrict processing in certain circumstances.
  • Data portability for data you provided and we process by automated means.
  • Object to processing based on our legitimate interests.
  • Not be subject to solely automated decisions, including profiling, without consent.
  • Withdraw consent at any time (this does not affect prior lawful processing).
  • Lodge a complaint with a supervisory authority.

XI. Contact

For questions or to exercise your rights, contact us at: [email protected].

XII. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes and, where required, obtain your consent. The latest version is always available at https://eldie.ro/gdpr.