Privacy Policy

Last updated: April 2026

At 2brain, we are committed to protecting your privacy. This policy describes how we collect, use, and protect your personal information when you use our AI-powered personal assistant application.

Data Controller

Antonio Sánchez Ferrando

NIF: 44897414B

Paseo de la Alameda, 101, 1º, Valencia

Contact: support@2brain.app

Data We Collect

Account data

  • Email address
  • Username
  • Password (encrypted)

Usage data

  • AI conversations
  • Tasks, habits, notes, and reminders
  • Goals and user preferences

Technical data

  • Device identifier and push notification token
  • IP address and user-agent (security logs)
  • Purchase history and subscription status

Legal Basis for Processing

  • Contract performance: processing necessary to provide the service you subscribed to
  • Consent: for sending commercial communications and analytics cookies
  • Legitimate interest: for service improvement, security, and fraud prevention
  • Legal obligation: for compliance with applicable tax and legal obligations

Purpose of Processing

  • Provide the personal assistant service
  • Process queries through artificial intelligence
  • Improve user experience
  • Service-related communications
  • Ensure platform security and prevent fraud

Service Providers

AI Processing

  • OpenAI - Natural language processing
  • Anthropic - Natural language processing

Authentication

  • Google - Sign in with Google
  • Apple - Sign in with Apple

Payments

  • Google Play - In-app payments
  • App Store - In-app payments

Hosting and infrastructure

  • Vercel — web hosting (Germany/EU)
  • Hetzner — backend server (Germany/EU)

International Data Transfers

Some of our service providers (OpenAI, Anthropic) are located in the United States. These transfers are carried out in accordance with the appropriate safeguards established by the GDPR, including standard contractual clauses approved by the European Commission and the EU-US Data Privacy Framework where applicable.

Security Measures

  • All communications are encrypted via HTTPS/TLS
  • Authentication using secure JWT tokens
  • Optional biometric authentication in the app
  • Sensitive data encrypted at rest

Your Rights

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

  • Right to access your personal data
  • Right to rectify incorrect data
  • Right to delete your data
  • Right to data portability
  • Right to object to processing
  • Right to restriction of processing

If you believe your rights have not been properly addressed, you may file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

Data Retention

We retain your data as long as you maintain an active account. If you delete your account, all your personal data will be permanently removed from our systems within a maximum of 30 days. Security and audit logs may be retained for the legally required period.

Cookies

We use essential cookies for the operation of the service and analytics cookies (with your consent) to improve the experience. You can manage your cookie preferences at any time through the cookie banner.

Contact

To exercise your rights or for any privacy-related inquiries, contact us at:

support@2brain.app