Sereno Back to site

Legal

Privacy Policy

Last updated: 11 June 2026

Draft — pending legal review. Not yet binding.

This Privacy Policy explains how Serenocollects, uses, and protects your personal data when you use our renovation-management service, in line with the EU General Data Protection Regulation (GDPR). We’ve written it to be readable, not just compliant.

1.Who is responsible for your data (controller)

The data controller is Frameless Design Ltd, registered at [registered address — placeholder], company number [company no. — placeholder]. For any privacy question or to exercise your rights, contact us at [privacy/DPO contact email — placeholder].

2.What personal data we collect

  • Account data — your email address and basic profile/login details.
  • Project & renovation content — the rooms, budgets, tasks, notes, documents, and photos you upload. Photos and documents may contain personal data (e.g. of your home), which we process to provide the Service.
  • Usage data — aggregate, cookieless analytics about how the app is used (page views, feature usage), via Plausible.
  • Billing data — held and processed by Stripe. We do not store your full card number; we receive limited details such as plan, status, and the last few digits.
  • Support communications — messages you send us.

3.Why we use it & our lawful bases

  • To provide the Service — create your account, store your project, generate AI proposals you approve, process payments. Lawful basis: performance of a contract (Art. 6(1)(b)).
  • To keep the Service secure and improve it — prevent abuse, debug, and understand aggregate usage. Lawful basis: our legitimate interests (Art. 6(1)(f)) in running a reliable, secure product.
  • To communicate with you — service messages, and optional digests/alerts you can turn off. Lawful basis: contract and/or legitimate interests; consent where required.
  • Analytics — we use cookieless, aggregate analytics. Where local law requires consent for any analytics, consent (Art. 6(1)(a)) applies; otherwise legitimate interests.
  • Legal compliance — to meet tax, accounting, and other legal obligations. Lawful basis: legal obligation (Art. 6(1)(c)).

4.AI processing of your content

To generate proposals and answer your questions, we send relevant text and images you provide to our AI sub-processor (Anthropic), and, for image rendering, to Replicate. We do not sell your content and do not use it to train public AI models. AI output is advisory and applied only when you approve it — see our Terms of Service.

5.Sub-processors we share data with

We use carefully chosen service providers to run Sereno. Each processes personal data only on our instructions and under appropriate data-protection terms:

ProviderPurposeRegion
SupabaseAuthentication, database & file storage (your account, project data and uploaded photos)EU
AnthropicAI processing of photos and text to generate proposals and answer questionsUS / EU
StripePayment processing and subscription billingUS / EU
ResendTransactional & digest email deliveryUS / EU
ReplicateAI image rendering (e.g. visualising renovation options)US
Fly.ioApplication hosting & infrastructureEU region
PlausibleCookieless, privacy-friendly usage analytics (aggregate only)EU

We do not sell your personal data or share it with advertisers.

6.International transfers

We aim to keep data within the EU/EEA where practical. Some sub-processors may process data outside the EEA (e.g. in the US). Where they do, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision, so your data keeps an equivalent level of protection.

7.How long we keep it

We keep your personal data for as long as your account is active and as needed to provide the Service. When you delete your account, we delete or anonymise your project content within a reasonable period, except where we must retain limited records to meet legal obligations (for example, billing and tax records held via Stripe).

8.Your rights

Under the GDPR, you have the right to:

  • Access — get a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data (much of which you can edit directly in the app).
  • Erasure — delete your data. You can delete your account in-app from your account settings, which removes your project content as described above.
  • Portability — receive your data in a portable format. You can export your data in-app (e.g. CSV / PDF) at any time.
  • Objection & restriction — object to or restrict certain processing based on legitimate interests.
  • Withdraw consent — where we rely on consent, you can withdraw it at any time without affecting prior processing.
  • Complain — lodge a complaint with a supervisory authority. In the EU this is the data-protection authority in your country of residence (in Bulgaria, the Commission for Personal Data Protection / КЗЛД).

To exercise any right, use the in-app tools or contact us at [privacy/DPO contact email — placeholder]. We respond within the timeframes the GDPR requires.

9.Security

We use technical and organisational measures appropriate to the risk — including encryption in transit, access controls, and reputable infrastructure providers — to protect your data. No system is perfectly secure, but we work to keep your information safe and to respond promptly to any incident.

10.Children

Sereno is not intended for children. The Service is for adults (18+), and we do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will remove it.

11.Changes to this policy

We may update this Privacy Policy from time to time. We’ll change the “Last updated” date above and, for material changes, give reasonable notice (in-app or by email).

12.Contact & how to exercise your rights

Frameless Design Ltd — [privacy/DPO contact email — placeholder], or by post at [registered address — placeholder]. See also our Cookies Policy for how we use cookies.

© Sereno — a Frameless Design Ltd product.
TermsPrivacyCookies