← Back to Solen

Privacy Policy

Last updated: April 2026

Solen ("we," "us," or "our") operates the Solen platform at solenai.ca. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our services. By using Solen, you agree to this policy.

1. Information we collect

We may collect the following categories of information:

  • Account and identity: email address, name (if provided), and authentication-related data needed to operate your account.
  • Usage data: how you interact with the platform (e.g. features used, requests, approximate timestamps, and technical logs) to operate, secure, and improve the service.
  • Generated app code and project data: prompts, specifications, generated source code, deployment metadata, and related artifacts produced through the Solen product, so we can build, deploy, monitor, and repair applications on your behalf.
  • Billing: when you purchase paid plans, payment processing is handled by our payment provider; we do not store full payment card numbers on Solen servers.
  • Communications: messages you send us (e.g. support) and transactional emails we send to you.

2. How we use information

We use the information above to:

  • Provide, operate, and maintain accounts and the Solen platform;
  • Generate, deploy, host, monitor, and repair software you request;
  • Authenticate users, prevent fraud and abuse, and enforce our Terms of Service;
  • Analyze usage in aggregate to improve reliability, performance, and product experience;
  • Process payments and communicate about billing (via Stripe);
  • Send service-related and transactional emails (via Resend or similar providers);
  • Comply with legal obligations and respond to lawful requests.

3. Where data is stored and processed

Solen infrastructure is hosted on servers operated by Hetzner (or subprocessors they use in supported regions). Application and platform databases for core product data may be stored using Supabase (PostgreSQL) and related services as configured for your workspace. Data may be processed in jurisdictions where our providers operate. We implement appropriate technical and organizational measures to protect your information.

4. Third-party services

We rely on vendors that may process data on our behalf, including:

  • Stripe, payment processing for subscriptions and purchases. Stripe's privacy policy applies to payment data they handle.
  • Resend (or comparable email infrastructure), delivery of transactional email (e.g. verification, billing notices, product messages).
  • AI providers (e.g. Groq, Anthropic), to generate code, plans, and related outputs, user prompts and context you submit may be sent to these APIs as part of providing the service. Do not submit secrets, regulated health data, or other categories of sensitive information unless you have a separate agreement with us that permits it.

Each provider has its own terms and privacy policy. We select providers with appropriate safeguards but are not responsible for their independent practices beyond our agreements with them.

5. Cookies and similar technologies

We use cookies and similar technologies for:

  • Session and authentication: e.g. cookies or HTTP-only tokens to keep you signed in and secure API access;
  • Preferences and security: basic functionality, CSRF protection where applicable, and abuse prevention.

You can control cookies through your browser settings; disabling cookies may limit certain features.

6. Your rights

Depending on where you live, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing. You may also have the right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at [email protected]. We will respond within a reasonable timeframe and may need to verify your identity before fulfilling requests.

7. GDPR and UK users

If you are in the European Economic Area or the UK, we process personal data where we have a lawful basis, such as performance of a contract, legitimate interests (e.g. security and product improvement), or consent where required. You have the rights described above under the GDPR, including data portability and restriction in certain cases.

8. California (CCPA/CPRA) residents

California residents may have additional rights under the CCPA/CPRA, including to know categories of personal information collected, to delete personal information subject to exceptions, and to opt out of certain "sales" or "sharing" (we do not sell personal information for money). You may designate an authorized agent to make a request subject to verification. We will not discriminate against you for exercising these rights.

9. Data retention

We retain personal information only as long as needed for the purposes described in this policy, unless a longer period is required by law. Typical practices include: account data retained while your account is active; after closure or deletion request, data may be deleted or anonymized within a reasonable period (e.g. up to 90 days) except where we must retain certain records for legal, security, or dispute resolution purposes. Aggregated or de-identified data may be retained longer.

10. Security

We use industry-standard safeguards including encryption in transit, access controls, and secure hosting practices. No method of transmission or storage is 100% secure; we encourage strong passwords and caution when submitting prompts that may contain confidential information.

11. Children

Solen is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take steps to delete it.

12. International transfers

If you access Solen from outside Canada, your information may be processed in Canada and other countries where we or our providers operate. Where required, we use appropriate safeguards for cross-border transfers.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Last updated" date. Material changes may be communicated by email or in-product notice where appropriate.

14. Contact

For privacy questions, data deletion requests, or general support: [email protected]

See also: Terms of Service