Privacy Policy

Last updated: March 2026 · Äctvli Responsible Consulting

1. Who we are

Figuri is a product of Äctvli Responsible Consulting. Contact: reachout@actvli.com. We are the data controller for the personal data you provide when using Figuri.

2. What data we collect

  • Account data: your email address, practice name, and authentication credentials (or OAuth token if you sign in with Google/GitHub).
  • Practice settings: your reply-to email, logo URL, default booking link, and currency preference.
  • Client data: client names, email addresses, business type, language setting, context notes, and booking links. This data belongs to you — we process it on your behalf.
  • Financial figures: the monthly figures you enter for each client (revenue, expenses, profit, cash position, etc.). We do not verify or validate these figures.
  • Generated narratives: the text generated by Claude and any edits you make before sending.
  • Billing data: managed entirely by Stripe. We store only your Stripe customer ID and subscription status. We never store card details.
  • Usage data: standard server logs (IP address, browser type, pages visited). We do not use third-party analytics trackers.

3. How we use your data

  • To provide the Figuri service (narrative generation, email dispatch, client management).
  • To send you transactional emails (account confirmation, password reset, monthly reminders).
  • To process subscription payments via Stripe.
  • To improve the service and fix technical issues.

We do not sell your data. We do not use your financial figures or narratives to train AI models.

4. Data storage and security

All data is stored in Supabase (EU West region — Frankfurt, Germany). Row-Level Security is enabled on all tables — you can only access your own data. Data is encrypted at rest and in transit. We use Supabase's managed infrastructure, which maintains SOC 2 Type II compliance.

5. Data retention

Your data is retained for as long as your account is active. If you delete your account, all associated data (clients, figures, narratives) is permanently deleted within 30 days. You may request earlier deletion by emailing reachout@actvli.com.

6. Third parties

  • Supabase: database and authentication (EU West).
  • Anthropic (Claude API): AI narrative generation. Financial figures and client names are sent to Anthropic's API to generate narratives. Anthropic's API data policy applies.
  • Resend: email dispatch. Client email addresses are passed to Resend to send the narrative email.
  • Stripe: payment processing. Subject to Stripe's privacy policy.
  • Vercel: hosting and CDN (EU-proximal edge).

7. Your rights (GDPR)

Under GDPR you have the right to: access your data, correct inaccurate data, request deletion, object to processing, and data portability. Exercise these rights by emailing reachout@actvli.com. We will respond within 30 days.

8. Cookies

Figuri uses only strictly necessary cookies for authentication (Supabase session cookies). No advertising or tracking cookies are set.

9. Changes to this policy

We will notify you by email of material changes to this policy. Continued use after notification constitutes acceptance.

10. Contact

Questions? Email reachout@actvli.com.