Privacy Policy

The processing of your personal information or the personal information that you provide will be always performed in accordance with Regulation (EU) 2016/679 or General Data Protection Regulation (the “Regulation”) and any other applicable statutory act.

Please note that our Website and may contain links to and from websites that can be held by our partners, advertisers and affiliates. If you follow a link to any of these websites or use third party services, you should be aware that they have their own privacy policies and that we do not assume any liability for their processing of your personal data. Therefore, please make sure to read their privacy policies before providing your personal data to them.

1. Controller information

The website at https://dreamgf.ai is owned and managed by DreamAI SRL, a limited liability company duly incorporated and existing under the laws of the Republic of Romania, with headquarters in Romania, Bucharest, Sector 1, 11 C. C. ARION Str., ground floor, cam. 3, bir. 4a, ap. 1, registered with the Trade Registry Office of the Bucharest Tribunal, under no. J40/12952/2023, unique European identification number (EUID), ROONRC.J40/12952/2023, sole registration no. 48479324. For the purposes of data protection legislation, we are a controller in the processing of your personal data.

2. Personal data

Personal data is any information relating to a natural person who is identified or identifiable directly or indirectly by one or more specific features.
Personal data that have undergone pseudonymization but can be linked to a natural person by using additional information are considered to be information about an identifiable individual and are therefore also protected.
Anonymous information that does not allow anyone to identify the natural person is not subject to protection.

3. Categories of personal data we process

As described in detail in our Terms and Conditions intended to explain how our Website functionate and interact with you, the Services made available through the Website are intended to give you the best user experience while using our proprietary AI technology.

We may process different categories of personal data about you, depending on whether you chose to log in to our Website or to visit it without login; to use our Services to generate content or communicate with us etc.

Personal data of Website visitors without login

If you choose to visit our Website without login, we might process information about how you use our Website and interact with our content, including the pages you visit in our Websites, and the referring web page from which you arrived at our Websites. We process browser and operating system information, devices you use to access the Website (Mobile or Desctop) and your time zone setting. We also set cookies as explained below in our Cookies Policy.

Personal data of Website visitors with login

If you choose to log in to our Website, we will request you to provide your email address (respectively – your Google or Patreon login email) in order to keep you logged on our Website.

Once you are logged, in order to be able to use our Services, we need to collect and process more information about you. Depending on the type of Services used on the Website, this may include:

• The registration information you provide when creating a profile, such as username, email, picture and password. You can correct or update this information through the "Profile" menu on the Website;
• You can, by your choice, sign up for our Website through your Patreon or Google account. If you select this option, you will be directed to the Patreon / Google LLC page, where you will be notified about the transmission of your personal data from your Patreon / Google LLC page to us. When integrating your Patreon account, we can access your email and profile photo (if you have one). Permissions to access this information are governed by Google and Patreon's privacy policies and can be configured through their privacy mechanisms;
• In certain cases, you may also provide us with special categories of personal data within the meaning of the Regulation (also known as "sensitive" data) relating to you such as data concerning your sex life or sexual orientation. Such data is provided by you on a completely voluntary basis. This data is not provided to third parties and you solely and independently decide to what extend you shall reveal these data in order to profit our Services, i.e. the exact scope of sensitive data disclosed is managed by you. When submitting data about your sex life or sexual orientation, we will process it lawfully on the grounds of Art. 9 (2) (a) of the Regulation (subject to your consent), as the nature and essence of the Services offered through the Website imply your voluntary provision of such data;
• We do not collect or process consciously sensitive personal data, so you should decide by yourself whether and how you provide us with such information;
• Information on any queries or transactions you make through the Website. We are partnering with other payment processors and the payment information you provide is collected and used by them in accordance with their privacy policies. We do not have access to card data as well as authentication data with a bank card payment and in no way registers or stores it;
• Information you submit to or to the Website in the form of comments or generated content, chats, voice messages etc.;
• When you contact us for any reason by e-mail or through the functionalities of the Website, we may process any information you provide us with. All emails sent to us, as well as any messages received through our on-line contact form, are recorded and forwarded to our respective staff handling the request, and we can save them to improve our services and Website.
• We may collect and subsequently process certain information about your browsing behaviour on the Website, such as the content you view or post, how often you use our Services and your preferences in this connection.
• We have the right to review the chat correspondence you conduct with AI only if you have reported a problem related to it in our support center.

4. The principles on the basis of which we process your personal data:

• Principle of legality, integrity and transparency in the processing of personal data - the collection of personal data must be within the necessary limits. Information is collected in a legal and objective manner;
• Principle of data minimization as well as limitation of purposes and storage - personal data should not be used for purposes other than those for which they were collected, except with the consent of the person or in the cases expressly provided for by the law. Personal data must be kept for no longer than is necessary for the purposes for which personal data are processed;
• Principle of accuracy - Personal data must be accurate, accurate, complete and up to date as far as is necessary for the purposes for which it is being processed.
• Principle of completeness and confidentiality - Personal data must be processed in such a way as to ensure an adequate level of security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage by applying appropriate technical or organizational measures.

5. How we collect personal data

You may give us your personal data directly, for example when you register to our Website and create a user profile needed for accessing our Services, ask for user support, or contact us for any reason.

We may automatically collect personal data when you interact with our Website. We may collect information about your devices and browsing actions and interests by using cookies and similar technologies, as described in detail in our Cookies Policy

6. How we use the personal data and what our purposes are

We process your personal data for the following purposes and on the following legal basis:

For creation or performance of a contract and/or based on your consent:

• to register your user profile on the Website and to administrate your account;
• to provide and maintain the Services;
• to allow you to use our Website, including to fulfill your requests, improve your experience of our Services and to administrate our contractual relationship with you;
• to respond to your inquiries and to communicate with you;
• to monitor and analyze usage of the Services;
• to personalize and improve the Services;
• to communicate with you about your plans, your account or your purchases;
• to carry out analysis on an aggregated level to improve our Website;
• for bulling purposes.

For our legitimate interest:

• to communicate legal information to you;
• to ask you to take part in surveys or other researches about our Website and other products and services;
• for analyzing and statistical purposes necessary to improve our Services;
• to administrate and protect our business including troubleshooting, data analysis, testing, system maintenance, user support, reporting and hosting data, administration and IT services, network security, fraud prevention, customer services and business reorganization;
• to provide information in a merger & acquisition processes, for the reasons of business and strategic management;
• for the establishment, exercise or defense of legal claims.

To comply with a legal obligation or authority decision:

• to comply with applicable laws, regulations and legal and regulatory processes;
• to communicate with you about our Terms and conditions and our Privacy Policy, notify you about changes to them and communicate with you about non-compliance.

7. With whom we share your data

We may share your personal data to the extent necessary with third party suppliers who provide services to us as required or necessary to fulfill our services and/or for performance of our obligations. For example, we may share personal data with our partners who:

• provide the infrastructure and IT services;
• provide the data storage services such as Digital Ocean: https://www.digitalocean.com.
• provide accounting, legal and financial services;

In the performance of these services the third-party suppliers may have access to your personal data but are only authorized to process such data strictly on our behalf and in accordance with our instructions. We maintain ownership and control of the information so used.

We may also disclose your personal data to third parties, if we reasonably believe that disclosure of such personal data is necessary:

• to comply with valid legal obligations including subpoenas, court orders, governmental requests or search warrants, and as otherwise authorized by law;
• to protect our rights or property, or the safety of our customers or employees;
• to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of our Website and Services;
• to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere;
• as part of potential mergers & acquisitions, provided that the prospective buyer or seller agree to respect your personal data in a manner consistent with our Privacy Policy;
• to outside lawyers, external auditors or advisors, professional consultants and regulators.

We will require any third party to whom we disclose your personal data or who may obtain it on our behalf to ensure its confidentiality, and to handle it in accordance with the applicable legislation.

8. International transfer of data

We process your data within the European Economic Area (EEA), which includes all EU member states plus Iceland, Liechtenstein and Norway. In the event that any personal data that we collect from you is transferred to and stored at a destination outside the EEA, including at destinations that are not subject to a decision by the European Commission establishing an adequate level of protection of personal data, we will take all reasonable necessary steps to ensure that your personal data is treated securely and in accordance with this Policy and that appropriate safeguards have been adopted to protect it. If you wish to have further information on or a copy of these safeguards, please contact us using the contact information provided at the end of this Policy.

9. Protecting your personal data

Safeguarding your personal data is a priority for us. Any personal data that you provide to us is stored on secure servers and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure, or destruction of your personal data. Our security measures are regularly audited to ensure that they remain effective. Your personal data may only be accessed by our employees, agents, contractors and other third parties who need to access it and are bound by a duty of confidentiality.

Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data. However, we maintain security and incident response plans in the event of a physical or technical incident to handle this in a timely manner and limit any negative effect of such incident.

10. Children's privacy

Our Website and Services are not intended for children under the age of 18, and we do not knowingly collect personal information from children under 18. If we learn that we have collected personal information of a child under 18, we will take steps to delete such information from our systems.

11. Data retention periods

We only keep your personal data for as long as necessary for the fulfilment of our purposes, that we have described above, after which we will securely delete or in some cases anonymize so that it can no longer be associated with you (for research or statistical purposes).

When we decide how long we will keep your personal data we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, why we need it, and any relevant legal requirements.

We do regular status checks to review when personal data needs to be deleted.

12. Privacy rights

If you are a resident of the EEA, Switzerland, or the United Kingdom (“UK”), you have the following data protection rights:

• Right to access your personal data: you have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and if yes, you can ask us for a copy of your personal data you provided in machine readable format;
• Right to rectification of personal data: you have the right to ask us to correct incomplete or inaccurate information about you;
• Right to erasure of personal data (right to be forgotten): under certain circumstances, such as if your personal data has been unlawfully processed or you have withdrawn your consent (if the processing of your personal data is based on consent), you can ask us to erase or delete all or some of your personal data;
• Right to individual decision making, including profiling: you have the right not to be subject to a decision based solely on an automated processing, including profiling;
• Right to restriction of processing: under certain circumstances, such as if you question the accuracy of your personal data or you have objected to our legitimate purpose to process your personal data, you have the right to request that we restrict the processing of your personal data until a solution has been found;
• Right to object to processing: under certain circumstances, such as if you question our legitimate interest to process your personal data, you have the right to object, on grounds relating to your particular situation, to such processing;
• Right to withdraw consent: if our processing of your personal data is based on your consent, you have the right to withdraw such consent at any time (this will however not affect the processing based on your consent before its withdrawal) by contacting us;
• Right to data portability: if your personal data is processed by automated means based on your consent or for the fulfilment of our contractual relationship, you have the right to request that we provide you with your personal data on a machine-readable format for transmission to another data controller;
• Right to lodge a complaint with a supervisory authority: if you believe that we are violating your rights or the applicable legal framework, please contact us to clarify the matter. Of course, you have the right to file a complaint with the supervisory authority established by a member state of the EEA, to protect the fundamental rights and freedoms of natural persons in relation to the processing of personal data within the EEA, the contact details of which are listed here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Please contact us using the contact details provided below to make a request in respect of your rights. We will use commercially reasonable efforts to respond to your request within 30 days of receiving such request. If we cannot honor your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfil your request. We may have an overriding lawful basis for processing your personal data, or certain exemptions may apply. If we refuse your request we will explain why. You can also exercise this right at any time by contacting us at [email protected].

13. Changes to this Policy

Our Policy may change from time to time. Therefore, you should make sure to review the latest version of this policy on a regular basis. We will post any Policy changes here and, if the changes are significant, we will provide you with a more prominent notice such as an email notification. If we change this Policy in a way that will affect how we use your personal data, we will advise you of the choices you may have as a result of those changes. We will also keep prior versions of this Policy in an archive for your review.

14. Governing law

This Privacy Policy shall be governed by and construed under and in accordance with the laws of Romania.

15. Contact us

If you have any questions or concerns regarding this Privacy Policy or your privacy when visiting the Website, please send us a detailed message to [email protected]. We will make every effort to resolve your concerns.