SMILESIM S.R.L. (hereinafter "We" or "the Company") takes the protection of personal data very seriously. In accordance with Regulation (EU) 2016/679 (GDPR) and App Store requirements, we provide users with transparent information regarding the collection and processing of personal data.

This policy applies to both the illusim.com website and the Illusim mobile application.

Data controller

SMILESIM S.R.L., headquartered in Bucharest, Romania, is the controller of personal data collected through the illusim.com website and the Illusim application. Contact: [email protected]

Part I: Website (illusim.com)

Data collected through the website

The illusim.com website is a presentation website and collects a minimum of data:

• Server technical logs - IP address, browser type, date and time of access. These are temporarily stored for system security and abuse detection. Retention: maximum 30 days.
• Contact form - If you send us a message through the contact form, we collect: your name, email address, and message. Purpose: responding to inquiries and support. Retention: up to 12 months after completion of correspondence.

The website uses analytics cookies (Google Tag Manager / Google Analytics) only with the user's explicit consent. No tracking script is loaded before cookies are accepted through the consent banner. For details, see the Cookie Policy.

Website accounts

The website does not offer account creation functionality. There is no authentication, registration, or payment processing on the website.

Part II: The Illusim Application

Data collected through the application

Through "Sign in with Apple ID" authentication, we obtain the user's first name and email address (as long as the user has chosen to share them).

In addition, the application may synchronize progress data and self-awareness results. Some of this data is kept in the user's Apple ecosystem for cross-device continuity, and certain questionnaire result summaries may be associated with the user profile in our systems.

These summaries may include the questionnaire identifier, total score, dimension scores, interpretive level, and completion time. Payment data is not collected by us, being managed exclusively by Apple.

We do not collect other extensive categories of personal data such as phone number, postal address, banking data, continuous location, or medical data provided directly by the user in the application.

Purpose of application data processing

Account data and result summaries are used for:

• Creating and managing the user account
• Contacting with service-related administrative notifications (e.g., subscription confirmations)
• Saving and displaying personal progress and descriptive questionnaire results
• Comparing results over time for experience continuity and personal progress
• Technical support upon request

Questionnaire scoring is calculated on-device, and the application may transmit to our servers certain result summaries necessary for personal profile, history, and cross-session continuity.

We do not use personal data for marketing or advertising purposes. We do not share data with third parties for advertising.

Consent and legal basis

By creating an account and using the application, the user expresses consent for the processing of the data mentioned above, in accordance with this policy.

Processing is necessary for the execution of the requested service (authentication, provision of application features, and retention of descriptive results associated with the account), and where the law requires it, we also rely on the user's consent.

Retention and deletion

We retain personal data only as long as necessary for the specified purposes.

Upon account deletion at the user's request, we will delete personal data and result summaries associated with the profile from our databases, except in cases where temporary retention is necessary for legal obligations or for the defense of a right. For iCloud and other data remaining in the Apple ecosystem, the user can manually delete files associated with the application from their account.

In certain cases (e.g., legal obligations), we may retain certain data for longer, but only within the limits permitted by law.

Part III: Common provisions

Data security

SMILESIM S.R.L. uses standard technical and organizational security measures to protect data (e.g., encryption in transit, secure storage). Access to our servers is restricted and controlled.

However, we note that no method of Internet transmission or electronic storage is 100% secure.

Data subject rights (GDPR)

In accordance with GDPR, users have the following rights regarding their data:

• Access - the right to request details about processing
• Rectification - correction of inaccurate data
• Erasure - the right to be forgotten
• Restriction of processing
• Objection - the right to refuse further processing
• Portability - receiving personal data in a standard format
• Complaint - the right to file a complaint with the national supervisory authority (ANSPDCP)

To exercise any right, you can contact us at [email protected]. We will respond to the request within the legal timeframe (maximum 30 days).

These rights also apply to data associated with descriptive questionnaire results, insofar as they are stored in our systems and can be associated with your profile.

Cookies and tracking technologies

The illusim.com website uses strictly necessary cookies for operation and, with your consent, analytics cookies (Google Tag Manager / Google Analytics). No analytics or marketing scripts are loaded without explicit consent. For the complete list and management options, see the Cookie Policy.

The Illusim application does not use internet cookies. No analytical or advertising tracking activity is performed.

Data transfers

We do not transfer personal data to countries outside the European Economic Area, except in situations where Apple (as a processor for authentication) may store data according to its own policies.

We do not distribute or sell personal data to third parties.

Policy changes

We may update this policy to reflect legislative changes or changes in our practices. The date of the last update will be communicated on the website and in the application.

We recommend periodically checking the privacy policy. Continued use of the website or application after a modification implies acceptance of the updated policy.

Contact

For additional questions regarding data protection, you can contact us at:

• Email: [email protected]
• SMILESIM S.R.L., Bucharest, Romania

We will promptly respond to privacy-related requests.