Shield with data center inside. Data have a padlock on it. Symbolising the security and safety of Superlines services.

Superlines Privacy Policy

Last updated: 2025-01-07

Grew Oy (Business ID: 3121383-4), located in Helsinki, Finland ("we," "our," or "us"), operates the Superlines platform (available at platform.superlines.io) and website (superlines.io). This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect
1.1 Information You Provide
  • Account information (name, email, password)
  • Company information
  • Payment information (processed securely by our payment providers)
1.2 Connected Services Data
  • Google Analytics data
  • Google Ads data
  • Google Search Console data
1.3 Automatically Collected Information
  • Usage data and analytics
  • Device and browser information
  • IP address and location data
2. How We Use Your Information
  • To provide and maintain our services
  • To process and analyze marketing data using AI technologies (including Google's Gemini AI, OpenAI, Anthropic, and Mistral)
  • To communicate with you about our services
  • To improve our services and develop new features
  • To comply with legal obligations
3. Data Processing and Storage
  • Data is processed and stored in the European Union
  • We use Google Cloud Platform and Firebase for data storage and processing
  • All data is encrypted in transit and at rest
  • We implement strict access controls and security measures
4. Data from User-Authorized Integrations:

We do not store raw data from user-authorized integrations unless necessary. Instead, we store "conversation logs" that are used to enhance our AI's ability to provide strategic insights and improve user outcomes. These logs may include reporting data such as click-through rates or conversion metrics.

Data Usage:

The data collected from integrations is used to process and analyze marketing data using AI technologies. This includes generating recommendations and insights to improve marketing strategies.

Data Sharing with AI Providers:

When generating recommendations, we may need to pass data extracted from your marketing sources/integrations to our AI providers. This data is securely transferred via API calls and is not used to train the AI models.

Data Security:

All data transmissions are encrypted using TLS, and data is encrypted at rest. We implement strict access controls and conduct regular security audits to ensure data protection.

AI Model Training:

By default, your data will not be used to train our AI models without your explicit consent. You can review the data policies of our AI model providers for more information.

5. Third-Party Services

We use the following third-party services:

  • Google Analytics and Simple Analytics (website analytics)
  • Hubspot (CRM and tracking)
  • Mixpanel (analytics and CRM)
  • Mailgun (email communications)
  • DeepL (translations)
  • Lemon Squeezy (Payments)
6. Your Rights Under GDPR
  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights related to automated decision making and profiling
7. Data Security
  • All data transmission is encrypted using TLS
  • Database information is encrypted at rest
  • User credentials are pseudonymized
  • Passwords are hashed
  • Strict access controls through Security Rules
  • Regular security audits and monitoring
8. AI Processing

Our service uses artificial intelligence to analyze marketing data. This processing:

  • Complies with EU AI Act requirements
  • Uses high-quality AI models from reputable providers
  • Includes human oversight and quality control
  • Does not make automated decisions affecting legal rights
9. Model training

By default, we, our AI model providers, will not use your data to train our models without your consent. You can read more about the data policies of our AI model providers below:

Google Gemini

https://cloud.google.com/gemini/docs/discover/data-governance/

Open AI

https://openai.com/enterprise-privacy/

Mistral AI

https://help.mistral.ai/en/articles/156194-does-mistral-ai-exploit-users-data-to-train-its-models

Anthropic

https://privacy.anthropic.com/en/articles/10023555-how-do-you-use-personal-data-in-model-training

10. International Data Transfers

While we process and store data in the EU, some of our third-party service providers may transfer data internationally. All such transfers are conducted in compliance with GDPR requirements and appropriate safeguards.

11. Data Retention Policy

We retain your data for as long as it is necessary to fulfill the purposes outlined in our Privacy Policy, including providing and improving our services, complying with legal obligations, resolving disputes, and enforcing our agreements.

The duration for which we retain your data depends on the type of information and its relevance to our business operations. When data is no longer needed for these purposes, we securely delete or anonymize it in accordance with applicable laws and regulations.

If you have any questions or specific requests regarding data retention, please contact us at privacy@superlines.io.

12. Contact Information

For any privacy-related queries, you can contact our Data Protection Officer at:

Grew Oy / Superlines
Helsinki, Finland
Email: hello@superlines.io

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.