Legal
Privacy Policy
This policy explains how Sarsa Formation OÜ ("we") handles personal data when you use Chora and related services (the "Service"). We act as the data controller. For any privacy question, contact harri@sarsa.art.
1. What we collect
- Account data — name, email, and organisation you provide when requesting access or registering.
- Usage data — the inputs you submit and outputs you receive, plus logs, timestamps, and technical metadata needed to run and secure the Service.
- Payment data — handled by Stripe. We receive transaction metadata (e.g. amount, status, last four digits) but not full card numbers.
2. Why we process it (legal bases)
- To provide the Service — performance of a contract (GDPR Art. 6(1)(b)).
- To secure, debug, and improve the Service — our legitimate interests (Art. 6(1)(f)).
- To take payment and meet accounting duties — contract and legal obligation (Art. 6(1)(b), (c)).
- With your consent — where we ask for it, e.g. for optional communications (Art. 6(1)(a)).
3. Sub-processors
We share data with providers who process it on our behalf:
- Anthropic — model inference (Claude) to deliver Chora's functionality. Our primary processor.
- OpenRouter — a gateway used to route inference to other model providers where a request calls for one.
- Stripe — payment processing.
- GitHub — hosting of this website (GitHub Pages); it receives your IP address and request metadata when you load these pages.
- Google — this website loads typefaces from Google Fonts, so your browser makes a request to Google and discloses your IP address to them when a page loads. No cookie is set by this.
- Fly.io — application hosting and compute for the Chora service.
- Neon — managed Postgres database hosting for the Chora service.
Some providers are outside the EEA; where so, transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses.
4. Retention
We keep personal data only as long as needed for the purposes above, or as required by law. In practice:
- Account data — while your account is open, and for up to 12 months after you close it.
- Inputs, outputs, and service logs — up to 12 months, after which they are deleted or aggregated so they no longer identify you.
- Payment and accounting records — seven years from the end of the financial year in which the transaction was recorded, as required of Estonian companies by § 12 of the Accounting Act (raamatupidamise seadus).
You may request deletion as described below.
5. Security
Personal data is encrypted in transit, and access to production systems is restricted to what operating the Service requires. No transmission or storage is perfectly secure; if a breach occurs that affects your rights, we will notify you and the supervisory authority as the GDPR requires.
6. Your rights
Under the GDPR you may request access, rectification, erasure, restriction, portability, and object to certain processing, and withdraw consent at any time. To exercise these rights, email harri@sarsa.art. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local authority.
We do not use your personal data to make automated decisions that produce legal or similarly significant effects about you.
7. Cookies
This website sets no cookies and runs no analytics or tracking. It does load typefaces from Google Fonts, which means your browser contacts Google and your IP address is visible to them — see the sub-processors above. If we later introduce analytics or any non-essential cookie, we will put a consent notice in place before it runs.
8. Changes & contact
We may update this policy; material changes will be notified by a reasonable means. Controller: Sarsa Formation OÜ, registry code 17290516, Lõõtsa tn 1a, 11415 Tallinn, Estonia — harri@sarsa.art.