Last updated: June 2026 · Effective: June 2026
Plain English first: We collect your email to keep you updated about Stavlos. We collect basic usage data to make the product better. We don't sell your data. Ever.
Stavlos is an AI-powered study tool built and operated as a sole proprietorship registered in the Netherlands.
Business address: Netherlands (full address provided upon KVK registration)
Contact: privacy@stavlos.com
When you join the Stavlos waitlist, we collect:
Email address
To send you waitlist updates, launch notifications, and product emails. You can unsubscribe anytime.
Messages & uploaded files
To provide the AI study service. Your messages are sent to our AI provider (Groq/OpenRouter) to generate responses. They are not used to train AI models.
Usage data
To understand how people use Stavlos and make it better. We look at patterns, not individual users.
Payment data
To process your subscription. Handled entirely by Stripe. We only see that you paid and when.
Referral data
To track referrals and apply your €5 price lock or free month bonus reward. That's it.
We don't sell your data. We only share with services that help us run Stavlos:
Supabase
Database hosting
Vercel
Website hosting
Resend
Sending emails to you
Stripe
Processing payments
Groq
AI responses for chat
OpenRouter
AI responses for syllabus analysis
Upstash
Caching (speeds up the app)
All US-based services are covered by Standard Contractual Clauses (SCCs) as required by GDPR.
Right to Access
Ask us what data we have about you. We'll send it within 30 days.
Right to Correction
Ask us to fix incorrect data about you.
Right to Deletion
Ask us to delete all your data ('right to be forgotten').
Right to Portability
Ask for your data in a machine-readable format.
Right to Object
Object to how we process your data.
Right to Restrict
Ask us to stop processing your data temporarily.
Right to Withdraw Consent
Unsubscribe from emails or delete your account anytime.
To exercise any of these rights, email privacy@stavlos.com. We respond within 30 days. You can also file a complaint at autoriteitpersoonsgegevens.nl.
Waitlist data
Until launch + 90 days, or until you ask us to delete it
Account data
As long as you have an account, plus 30 days after deletion
Payment records
7 years (required by Dutch tax law)
AI chat messages
90 days, then automatically deleted
Uploaded files (syllabuses)
Until you delete them, or when you close your account
Usage/analytics data
12 months, then anonymized
We use minimal cookies. No advertising cookies, no tracking pixels, no Google Analytics.
Session cookie
Keeps you logged in
Preference cookie
Remembers your settings
Analytics cookie
Understands how you use the app (anonymized)
Found a vulnerability? Report it to security@stavlos.com.
Stavlos is designed for students aged 13 and older. If you are under 16, you may need parental consent depending on your country's laws.
We do not knowingly collect data from children under 13. Contact us at privacy@stavlos.com if you believe this has happened.
For significant changes, we'll email you at least 14 days in advance. The date at the top of this page always shows when it was last updated.
© 2026 Stavlos. All rights reserved.