Privacy Policy

Last updated: 12 June 2026

This Privacy Policy explains how [Full Legal Company Name] (“Äng,” “we,” “us,” or “our”) collects, uses, shares, and protects personal data when you use Äng, including our website, applications, boards, AI-assisted tools, and related services (the “Service”).

If you have questions about this Privacy Policy, you can contact us using the details at the end of this document.

1. Who we are

[Full Legal Company Name] is the provider of the Service and the controller of the personal data described in this Privacy Policy, unless stated otherwise.

Company details:
[Full Legal Company Name]
[Registered Address]
Registration number: [Number]
Contact email: hello@ang.studio
Privacy contact: privacy@ang.studio

2. The data we collect

We may collect the following categories of personal data.

Account and profile data

  • name
  • email address
  • login identifiers
  • profile information you choose to provide

Content and usage data

  • boards, prompts, text, images, comments, files, and other User Content you create, upload, or store
  • actions you take in the Service
  • feature usage and interaction data

Device and technical data

  • IP address
  • browser type
  • device type
  • operating system
  • log data
  • approximate location inferred from IP where relevant

Communications

  • messages you send to us
  • support requests
  • feedback
  • abuse or legal reports

Analytics and diagnostics data

  • product analytics data
  • error reports
  • crash and performance data
  • telemetry and security monitoring data

Payment and billing data

If paid features are introduced, we may collect billing-related information and transaction metadata. Payment card data is typically processed by third-party payment providers, not by us directly.

3. How we collect data

We collect personal data:

  • directly from you, when you create an account, use the Service, upload content, contact us, or provide feedback;
  • automatically, through your use of the Service and your device; and
  • from third-party providers, such as authentication providers, infrastructure providers, analytics providers, payment providers, and security providers.

4. How we use personal data

We use personal data to:

  • provide, operate, and maintain the Service;
  • authenticate users and secure accounts;
  • store, display, and process User Content;
  • enable collaboration and requested product functionality;
  • provide support and respond to inquiries;
  • monitor, debug, secure, and improve the Service;
  • detect abuse, fraud, unlawful activity, and security incidents;
  • comply with legal obligations;
  • enforce our Terms and protect our rights, users, and third parties;
  • analyze product usage and performance; and
  • communicate with you about the Service.

5. Legal bases for processing

Where EU/EEA data protection law applies, we rely on one or more of the following legal bases:

Performance of a contract

When processing is necessary to provide the Service to you.

Legitimate interests

When processing is necessary for security, fraud prevention, service administration, service reliability and error monitoring, support, and protection of our business and users, provided those interests are not overridden by your rights. Optional product and usage analytics are based on your consent, not legitimate interests (see the “Consent” basis below and the cookies section).

Consent

Where we ask for your consent, for example for certain analytics or similar technologies where required by law.

Legal obligation

When processing is necessary to comply with applicable law, lawful requests, accounting requirements, or regulatory obligations.

6. AI processing

If you use AI-assisted features, your prompts, images, files, and related inputs may be processed by third-party AI providers for the purpose of generating, transforming, organizing, or analyzing content as part of the Service.

You should not submit personal data or confidential information to AI features unless you are comfortable doing so and have an appropriate legal basis and the right to do so.

AI-generated output may reflect the content you provide. You are responsible for reviewing outputs before using or sharing them.

We do not use your prompts or content to train our own foundation models.

7. How we share personal data

We may share personal data with:

  • service providers and processors that help us operate the Service, such as hosting, storage, authentication, analytics, communications, support, security, and AI providers;
  • professional advisers, such as lawyers, auditors, insurers, and accountants, where necessary;
  • authorities, regulators, courts, or law enforcement where required by law or where necessary to protect rights, safety, and the Service; and
  • a buyer, investor, or successor entity in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards.

We do not sell your personal data in the ordinary meaning of “sell.”

A current list of the service providers (subprocessors) we use — including what each one processes and where — is published at /subprocessors. If you use the Service on behalf of an organization, our Data Processing Agreement governs how we process personal data on your behalf.

8. International transfers

Your personal data may be processed in countries outside your own, including outside the EU/EEA.

Where required by law, we use appropriate safeguards for such transfers, such as adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.

9. Data retention

We keep personal data for as long as reasonably necessary to:

  • provide the Service;
  • maintain your account;
  • comply with legal obligations;
  • resolve disputes;
  • enforce agreements; and
  • protect the Service and our users.

Retention periods may differ depending on the type of data and the reason we hold it. Some data may remain in backups, logs, or security systems for a limited period after deletion. Error-monitoring events and server logs expire automatically within fixed retention windows (typically 90 days), and product telemetry is deleted after 90 days.

10. Account deletion

If account deletion is available, you may request deletion of your account through the Service or by contacting us.

Deleting your account may remove or schedule removal of your profile, boards, files, and other associated data, subject to legal obligations, technical limitations, fraud prevention, backups, and legitimate retention needs.

When your account is deleted, we also remove or request deletion of user-linked records held by our subprocessors where technically supported. Residual data in error logs and backups expires automatically within the retention windows described above.

11. Security

We use reasonable technical and organizational measures to protect personal data, including measures designed to reduce the risk of unauthorized access, loss, misuse, or disclosure.

Security-relevant actions on your account and shared boards (such as inviting or removing collaborators, changing roles, exporting data, or requesting account deletion) are recorded in an internal, access-restricted audit log and kept for a limited period to help us detect and investigate misuse.

No method of transmission, storage, or processing is completely secure, and we cannot guarantee absolute security.

12. Cookies, analytics, and similar technologies

We may use cookies and similar technologies for authentication, security, performance, analytics, and product improvement.

Some technologies are strictly necessary for the Service to function, including authentication, security, abuse prevention, rate limiting, reliability monitoring, and diagnostics. Optional product analytics, such as feature-usage and journey analytics, are controlled separately.

Where required by law, we will ask for your consent before using non-essential analytics cookies or similar technologies. You can accept or decline optional analytics in the product.

You can usually control cookies through your browser settings. Depending on where you live, you may also be offered additional in-product controls.

A full list of the cookies and similar technologies we use is available in our Cookie Policy.

Separately, we keep anonymous, aggregated operational and reliability metrics — such as error and performance counts — that are not linked to you, your account, or your device. Because these cannot identify you, we collect them regardless of your analytics choice.

13. Your rights

Depending on where you live, you may have rights regarding your personal data, including the right to:

  • access your personal data;
  • correct inaccurate personal data;
  • request deletion of your personal data;
  • object to certain processing;
  • restrict certain processing;
  • withdraw consent where processing is based on consent;
  • request portability of certain personal data; and
  • lodge a complaint with a supervisory authority.

These rights are not absolute and may depend on applicable law.

You can download a machine-readable copy of your data at any time from Settings → Account (“Export your data”), and you can delete your account from the same screen.

To exercise your other rights, contact us at privacy@ang.studio. We may need to verify your identity before responding.

14. Children

The Service is not intended for children under the age required by applicable law to use the Service without parental permission.

If you believe a child has provided personal data in violation of this Policy, contact us and we will investigate.

15. Third-party links and services

The Service may contain links to third-party websites, products, or services.

This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and update the “Last updated” date.

Where required by law, we will provide additional notice or seek consent.

17. Contact us

If you have questions, requests, or concerns about this Privacy Policy or our handling of personal data, contact us at:

[Full Legal Company Name]
[Registered Address]
Email: privacy@ang.studio

18. EU/EEA users

If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.

If your main interaction is with a Swedish entity, this may include the Swedish Authority for Privacy Protection (IMY), depending on the circumstances.

For rules on using the Service (including user content and AI features), see our Early Access Terms.

← Back to sign in