eustella.com privacy policy — score 87/100 (low risk)

Dernière analyse 25 May 2026

Le contenu du rapport (résumé, constats, citations) a été généré en anglais et n'est pas localisé.

Lancer une nouvelle analyse sur une autre politique

87score de confidentialité

Détails du rapport

low risque

eustella publishes a strongly EU-aligned privacy policy that explicitly bans AI training on user data and keeps all processing in the EU, but it is undermined by an internal contradiction over mandatory account fields and the unexplained absence of a Data Protection Officer.

eustella's policy is a privacy-first document that explicitly prohibits using customer data for AI model training, pledges to keep all data within the EU, and relies on EU-hosted infrastructure and sub-processors. It provides clear legal bases under GDPR, detailed retention schedules, and granular user controls over personalisation. However, the policy contradicts itself on whether date of birth is required at sign-up, does not name its payment processor, and omits any mention of a Data Protection Officer despite the scale and sensitivity of processing.

Dernière analyse25 May 2026

SourceURL

Longueur24,460 caractères

Évaluation par catégorie

Répartition de la politique selon les principaux domaines de conformité. Bon = solide, moyen = mitigé, faible = préoccupant.

Data Minimizationfair

The policy avoids sensitive data by design and does not use data for advertising, but it mandates date of birth for age verification while admitting such verification is technically impossible, and it contradicts itself on whether DOB is a required account field versus only name, email, and password.

Transparencygood

The document is written in plain language with specific GDPR legal bases, retention periods, and sub-processor disclosures, though it is undermined by the conflicting account-creation requirements and the failure to name the payment provider.

Third-party Sharinggood

Sharing is kept to a minimum with EU-based infrastructure providers, an EU-hosted analytics processor (PostHog), and professional advisors, but the unnamed payment processor and lack of detail on open-source LLM provenance leave small gaps.

International Transfersgood

The policy contains an explicit, repeated commitment that no personal data leaves the EU, including self-hosted open-source LLMs on EU infrastructure, which removes the need for SCCs or adequacy decisions.

AI/Model Traininggood

eustella makes a clear, prominent commitment that it does not use conversations, files, preferences, or connected-service data to train, fine-tune, or improve any AI models, eliminating the need for an opt-out toggle.

User Rightsgood

GDPR rights are comprehensively listed with specific exercise methods (email and in-app), a one-month response timeline, and the correct Austrian supervisory authority, though the absence of DPO contact details is notable.

Constats clés

Clauses notables, problèmes ou bonnes pratiques identifiées (critiques en premier)

Avertissement

Contradictory mandatory account fields

Section 2 states that account creation requires only name, email address, and password, while Section 12 states that users cannot create an account without providing name, email address, and date of birth. This inconsistency makes it impossible to know what data is actually required at sign-up.

Avertissement

Missing Data Protection Officer

Despite being an EU controller processing personal data at scale—including systematic monitoring via PostHog, content moderation with human review, and potential special category data—the policy does not mention the appointment or contact details of a Data Protection Officer as required by Article 37 GDPR.

Avertissement

Unverifiable age verification collects excessive data

Section 12 acknowledges that 'no currently available technical means can fully verify a person's age without disproportionately intruding on their privacy,' yet it still mandates collection of date of birth from all users and prohibits false entries. This creates a tension between the stated futility of verification and the data collected.

Info

Human review of conversation content

Section 7 discloses that 'a limited number of trained safety staff may review the flagged content,' but it does not quantify the number of staff, the scope of their access, or the specific internal access controls beyond 'strict confidentiality obligations,' leaving some uncertainty about insider risk.

Info

Unnamed payment provider

Section 8 states that payment is processed by 'our payment provider' without naming the entity or confirming its location, reducing transparency about who processes financial data and under what jurisdiction.

Synthèse pour l'utilisateur

eustella is a comparatively privacy-safe AI assistant because it promises not to train models on your chats and keeps everything in the EU, but you should ask why a date of birth is mandatory and whether a DPO exists before sharing sensitive information.

Posture de conformité

strong

Transferts UE

no-transfer

Signaux détectés

Données et pratiques spécifiques identifiées dans le texte

Données collectées

NameEmail addressPasswordProfile information from Google or AppleConversation inputs and outputsUploaded files, images, or documentsData from connected third-party services (e.g., Google Calendar, Google Drive)IP addressDevice typeOperating systemBrowser typeLanguage settingsGeneral location (country or city level derived from IP)Usage data and feature interaction dataPersonalisation preferencesDate of birth

Finalités du traitement

Providing and operating the serviceContent moderation and safetyImproving services via aggregated and anonymised dataProduct analyticsService-related communicationsMarketing communications (with consent)Legal complianceProtecting legal rights

Partage avec des tiers

Infrastructure and hosting providers (EU-based)PostHog analytics (EU-hosted, Frankfurt)Payment provider (unnamed)Legal and regulatory authoritiesProfessional advisors (legal, tax, audit)

Transferts internationaux

No transfers outside the EU are performedAll infrastructure, processing, and storage is within the EUThird-party services connected by users (e.g., Google) remain subject to their own policies

IA / Entraînement de modèles

Explicitly states user data is NOT used for AI model trainingConversations, files, preferences, and connected service data are excluded from trainingNo opt-out is necessary because training is prohibited by policy

Extraits probants

Citations directes de la politique à l'appui de ces constats

When you create an account, we collect your name, email address, and password.

You cannot create an account without providing your name, email address, and date of birth.

We do not train AI models on your data. We do not use your conversations, your files, your preferences, or any data from your connected third-party services to train, fine-tune, or improve AI models.

We do not transfer your data outside the European Union. All of our infrastructure, data processing, and storage takes place within the EU.

Where a flag is raised, a limited number of trained safety staff may review the flagged content.

Manquant ou flou

No mention of a Data Protection Officer (DPO) or their contact details
No cookie policy or consent mechanism described despite analytics usage
Identity and location of the payment processor not disclosed
Specific names of open-source LLMs used not provided
No mention of Data Protection Impact Assessment (DPIA) or records of processing activities

Questions à poser

Section 2 lists name, email, and password as required for account creation, while Section 12 adds date of birth; which fields are actually mandatory and why the discrepancy?
Is a Data Protection Officer appointed under Article 37 GDPR, and if so, why are their contact details not provided in the policy?
Which specific payment provider is used, and can you confirm it is also EU-based and bound by a data processing agreement?
Do the original developers or communities behind the open-source LLMs receive any telemetry, error reports, or model improvement signals derived from eustella's usage?
Given the admission that age cannot be technically verified without disproportionate intrusion, what is the legal basis and necessity for mandating date of birth collection under Article 5(1)(c) GDPR?

Cette analyse est générée par IA et ne constitue pas un avis juridique. Consultez toujours un professionnel du droit qualifié pour les décisions de conformité.

Partager cette analyse

Toute personne disposant de ce lien peut consulter le résultat ci-dessus.

Conçu par DentroChat

Chat IA 100 % européen pour tous

Discutez avec l'IA, travaillez avec des fichiers, générez des images et cherchez sur le web. Les données restent en Europe.

Infrastructure hébergée dans l'UETexte, fichiers, images et recherche webModes Rapide, Réflexion et CréatifConfidentialité par défautAucune donnée ne quitte l'Europe

Essayer gratuitement →