Privacy Policy

1.1 Information You Provide

• Email address (used for magic link authentication and account creation)
• Quiz responses (your answers about time, capital, skills, personality, and goals)

1.2 Information Generated By the App

• Your Vestero archetype, matched income streams, and DNA tags
• Roadmap content generated based on your quiz answers
• Pro Coach chat messages and conversation history
• Task completion status within your roadmap

1.3 Technical Information

• Anonymous session ID (stored locally before account creation)
• Device type and operating system (collected by Apple/Supabase)
• App usage data and crash reports

We use your information to:

• Authenticate you and maintain your account
• Generate personalized Vestero matches and roadmaps via AI
• Power the Pro Coach AI chatbot in the context of your roadmap
• Save and sync your progress across sessions
• Improve the app and fix issues
• Send transactional emails (e.g. magic link login emails)

We do not use your data for advertising and we do not sell your data to third parties.

Your data is stored securely using Supabase, a cloud database provider. Data is stored in the EU (eu-west-1 / Ireland region). We apply Row-Level Security (RLS) so that each user can only access their own data. Anonymous quiz sessions are linked to your account once you verify your email.

Vestero uses the following third-party services:

• Supabase — database and authentication (supabase.com)
• Resend — transactional email delivery (resend.com)
• Lovable AI Gateway — AI content generation
• Apple — in-app purchases and App Store distribution

Each of these services has its own privacy policy. We encourage you to review them.

We retain your data for as long as your account is active. If you delete your account (via Settings in the app), all your personal data, quiz answers, roadmaps, and chat history are permanently deleted from our systems within 30 days.

Depending on your location, you may have the following rights regarding your personal data:

• Right to access — request a copy of the data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your data (also available directly in the app via Settings > Delete Account)
• Right to data portability — request your data in a machine-readable format
• Right to object — object to certain types of data processing

To exercise any of these rights, contact us at: privacy@vestero.site

Vestero is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it immediately.

We take reasonable technical and organizational measures to protect your data against unauthorized access, alteration, or destruction. This includes encrypted data transmission (HTTPS), secure authentication via magic links, and row-level security on all database tables.

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Continued use of the app after changes constitutes acceptance of the updated policy.

If you have any questions or concerns about this Privacy Policy, please contact us at: privacy@vestero.site

Vestero is operated from Sweden and this policy is governed by Swedish and EU data protection law (GDPR).