Privacy Policy
How we collect, use, and protect your data
Last updated: July 2026
1. Introduction
This Privacy Policy explains how Elfenfarm ("we", "us", "our") collects, uses, stores, and protects your personal data when you use our platform. We are committed to compliance with the EU General Data Protection Regulation (GDPR) and applicable Swiss data protection laws.
2. Data Controller
Elfenfarm is the data controller for all personal data processed through the Service. For data protection inquiries, contact us at privacy@elfenfarm.com.
3. Data We Collect
Account Data
Name, email address, organization name, organization profile, and account credentials.
Organization Data
Address, contact information, organization profile/mission statement, and intended use declaration.
Content Data
Documents you upload (research papers, policy documents, etc.), AI-generated responses, campaign configurations, and keywords.
Social Media Data
Public social media posts detected by our monitoring system, platform connection tokens (encrypted), and engagement metrics.
Technical Data
IP addresses, browser type, session data, and usage logs for security and performance purposes.
4. How We Use Your Data
- To provide the Service: processing your documents, generating responses, monitoring social media platforms.
- To analyze your documents using AI in order to generate relevant, contextual responses.
- To manage your account and organization settings.
- To communicate with you about your account, service updates, and security notifications.
- To ensure compliance with our Terms of Service and Elfenfarm Charter.
- To improve the Service through aggregated, anonymized usage analytics.
5. Legal Basis for Processing
- Contract Performance: Processing necessary to provide the Service you have requested.
- Legitimate Interest: Security monitoring, fraud prevention, and service improvement.
- Consent: Where required, we will obtain your explicit consent (e.g., marketing communications).
- Legal Obligation: Processing required to comply with applicable laws.
6. Third-Party Services
We use the following third-party services to provide our platform. For each service, we describe what data is accessed and why.
6.1 AI Services
AI Service Providers (EU-hosted, default): We use EU-located third-party AI services (Scaleway Generative APIs — Gemma and Qwen models, operated on servers in Paris, France) to analyze your documents and generate contextual responses. Document content is processed within the EU under GDPR for this purpose. No personal account data is shared with AI providers. All AI processing is governed by appropriate data processing agreements (DPAs).
OpenAI / ChatGPT (opt-in only): If your organization administrator explicitly enables the OpenAI/ChatGPT integration in the AI settings, document content used for text generation will be processed by OpenAI (USA). This option is disabled by default. See §6.3 for further details on both providers.
6.2 Social Media Platforms
When you connect a social media account, we access specific data through each platform's official API. All OAuth tokens are stored encrypted using industry-standard encryption. You can revoke access at any time by disconnecting the platform in your account settings.
Google/YouTube: When you connect your YouTube account via OAuth, we access your YouTube channel information, video metadata, and comments via the YouTube Data API v3. This is used to monitor public discussions and post comments on your behalf as part of campaign management. We request the
youtube.force-sslscope, which allows reading and writing YouTube comments, ratings, and captions. We also requestopenid,profile, andemailscopes for account identification. You can revoke Elfenfarm's access at any time via your Google Account permissions. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Google's Privacy Policy is available at http://www.google.com/policies/privacy.Facebook/Instagram (Meta): When you connect your Facebook account via OAuth, we access your Facebook Pages and linked Instagram accounts. This is used to monitor page interactions and post approved responses. We request permissions for page management and posting. You can revoke access via your Facebook app settings.
Twitter/X: When you connect your Twitter/X account via OAuth 2.0 with PKCE, we access your profile information and the ability to post on your behalf. This is used to publish approved responses to relevant conversations. You can revoke access via your Twitter app settings.
LinkedIn: When you connect your LinkedIn account via OAuth, we access your profile information and organizational page posting capabilities. This is used to publish approved responses on behalf of your organization. You can revoke access via your LinkedIn app settings.
Reddit: When you connect your Reddit account via OAuth, we access your profile information and the ability to post comments on your behalf. For monitoring, we also search public Reddit content using Reddit's API. You can revoke Elfenfarm's access at any time under Reddit → Preferences → Apps → "authorized applications" (reddit.com/prefs/apps).
Mastodon: When you connect your Mastodon account via OAuth on your chosen instance, we access your profile information and posting capabilities. We dynamically register an application on your Mastodon instance during the connection process. You can revoke access via your Mastodon instance's authorized apps settings.
Bluesky: When you connect your Bluesky account using an app password, we access your profile and posting capabilities via the AT Protocol. For monitoring, we also search public Bluesky content. You can revoke access by deleting the app password in your Bluesky account settings.
Discord: When you connect a Discord server using our bot, we access message content in the channels you configure. This is used to monitor discussions relevant to your campaigns. You can remove access by removing the Elfenfarm bot from your Discord server.
Telegram: We use the Telegram Bot API to monitor public channel content relevant to your campaigns. No personal Telegram account data is accessed.
6.3 Infrastructure and Hosting
Cloud Infrastructure (Scaleway): Our application, database, and file storage are hosted on European cloud infrastructure provided by Scaleway. All data resides on servers within the EU/EEA.
Object Storage (Scaleway S3): Uploaded documents and generated files are stored in Scaleway's S3-compatible object storage, located in the EU (Paris region).
AI Language Models (Scaleway AI — default): By default, Elfenfarm uses open-source language models (Gemma, Qwen) hosted by Scaleway on servers located in France. No text content from your campaigns, documents, or monitoring data is sent to US-based AI providers in this mode. Your data remains entirely within EU jurisdiction and is protected by GDPR.
AI Language Models (OpenAI / ChatGPT — optional): If you or your organization administrator explicitly enables the ChatGPT integration in your AI settings, responses and post drafts will be generated using OpenAI's API. In this case, relevant text content is sent to OpenAI (USA). OpenAI is certified under the EU-US Data Privacy Framework. This opt-in is disabled by default.
Semantic Search (pgvector on Scaleway): Document embeddings for semantic search are stored in our PostgreSQL database on Scaleway infrastructure in the EU. No third-party vector database service (such as Pinecone) is used.
6.4 Web Analytics (Matomo)
We use a self-hosted instance of the open-source web analytics software Matomo to understand how our website and platform are used (pages visited, approximate location derived from an anonymized IP address, browser type). The Matomo instance is operated under our control (via our parent company, Filmium GmbH) on servers located in Switzerland; analytics data is never shared with or sold to third parties, and no external analytics provider receives your data.
- By default, analytics runs without cookies. Visitor recognition relies on a short-lived fingerprint that changes daily, and IP addresses are anonymized before storage. In this mode, you cannot be identified or recognized across days. Legal basis: legitimate interest (Art. 6(1)(f) GDPR) in measuring and improving our Service.
- With your consent (given via the cookie banner), Matomo additionally sets a first-party cookie so that returning visits can be recognized. Legal basis: consent (Art. 6(1)(a) GDPR). You can withdraw your consent at any time by deleting your browser cookies.
- We honor your browser's "Do Not Track" setting.
We ensure all third-party processors have appropriate data processing agreements (DPAs) in place.
7. Account & Organization Deletion
User Account Deletion
Any user can request deletion of their own account from their account settings. A 30-day grace period applies during which the deletion can be cancelled. After the grace period, personal data is permanently removed and a confirmation email is sent.
Restrictions: Organization administrators who are the sole admin of their organization cannot delete their account without first transferring admin rights or deleting the organization.
Contributors: Contributors (non-admin users) can delete their accounts at any time. Their contributions (e.g., response reviews) are anonymized but retained for organizational continuity.
Organization Deletion
Organization administrators can request deletion of their entire organization. Two modes are available:
- End of Period: Deletion occurs after the current subscription period expires. No prorated refund is issued.
- Immediate: Deletion occurs after a 30-day GDPR grace period. No refund is issued.
Upon organization deletion, all associated data is permanently removed, including campaigns, documents, AI-generated content, monitoring data, platform connections, and all user accounts. Responses already published on social media platforms are NOT removed.
All organization members are notified by email when deletion is scheduled. The deletion can be cancelled at any time before the scheduled date.
Audit Log Retention
Certain records are retained beyond account/organization deletion for legal compliance:
- Consent timestamps (terms acceptance, privacy policy acceptance, charter acknowledgment)
- Financial transaction records (invoices, receipts, subscription events)
- Deletion request and execution logs
- These records are retained for the legally required period (typically 10 years for financial records under Swiss law).
8. Data Retention
- Account data is retained for the duration of your account plus 30 days after deletion.
- Content data (documents, responses) is deleted upon request or account termination.
- Social media monitoring data is retained for the duration of your active campaigns.
- Platform connection tokens are deleted immediately when you disconnect a platform.
- Security logs are retained for 12 months.
- Audit logs (consent, financial transactions) are retained for 10 years per Swiss legal requirements.
9. Your Rights (GDPR)
Under the GDPR, you have the following rights:
- Right of Access: Request a copy of all personal data we hold about you.
- Right to Rectification: Request correction of inaccurate personal data.
- Right to Erasure: Request deletion of your personal data ("right to be forgotten"). See our Data Deletion Instructions for details.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Restrict Processing: Request limitation of how we process your data.
- Right to Object: Object to processing based on legitimate interest.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise these rights, contact us at privacy@elfenfarm.com. We will respond within 30 days.
10. Data Security
- 🔒 All data is encrypted in transit (TLS) and at rest.
- 🔒 Platform connection tokens are encrypted using industry-standard encryption.
- 🔒 Access to personal data is restricted to authorized personnel only.
- 🔒 We conduct regular security assessments and maintain incident response procedures.
- 🇪🇺 All data is stored exclusively on European-owned servers within the EU/EEA, ensuring full GDPR jurisdiction. The only exception is anonymized web analytics data (see Section 6.4), which is stored on our own servers in Switzerland — a country recognized by the EU as providing an adequate level of data protection.
11. Cookies
We use the following cookies:
- Essential cookies: Required for authentication and session management. These are strictly necessary to operate the Service and do not require consent.
- Analytics cookie (optional, consent-based): If you accept via our cookie banner, our self-hosted Matomo analytics (see Section 6.4) sets a first-party cookie to recognize returning visits. If you do not accept, analytics runs entirely without cookies.
We do not use advertising cookies or third-party tracking cookies.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email. The latest version is always available on our website.
13. Contact & Complaints
For privacy inquiries: privacy@elfenfarm.com
You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.