Privacy-first architecture

Privacy & data

When your client shares their birth date, time, and place with your platform, they’re trusting you with sensitive personal data. Tula AI is built to make sure that trust is warranted – by design, not by policy statement.

Last updated: May 2026

Data Isolation

Your knowledge base is yours alone.

Every practitioner on Tula AI has a completely separate, isolated vector database collection. The content you upload cannot be accessed by, referenced by, or mixed with any other practitioner’s data.

This is not a setting. It’s how the system is built.

Client data belongs to you.

Your clients’ birth data, conversation history, and generated reports are associated with your account. They cannot be accessed by other practitioners. They are not visible to us as administrators except in support situations where you’ve explicitly requested assistance.

No shared inference.

The AI does not learn from activity across practitioner accounts. Your clients’ questions and your knowledge base do not influence what other practitioners’ clients receive. Each interaction is stateless with respect to other accounts.

Where your data lives

EU-based infrastructure.

All client data and practitioner knowledge bases are stored on servers located in the European Union. We do not use US-based cloud infrastructure for the storage of personal data or account content.

What’s stored:

  • Your practitioner account details (name, email, billing info)
  • Your branding configuration
  • Your uploaded knowledge base documents (processed into vector embeddings; originals retained per your account)
  • Your clients’ birth data (date, time, location, gender)
  • Conversation history between your clients and the AI
  • Generated reports

What’s not stored:

  • Payment card details (handled by payment processor or bank, not stored on our infrastructure)
  • Any data you have not submitted through the platform

Retention.

All data is retained for as long as your subscription is active, plus 6 months after your subscription or trial expires. After 6 months, all account and client data is permanently deleted. You can delete individual client records, conversation histories, or your entire account at any time from your dashboard. If the 6-month post-expiry window is too long for your requirements, earlier deletion can be requested by emailing admin@tula-ai.org.

Automatically collected data.

Our servers automatically log standard technical data when you access the platform: your IP address, browser type and version, pages visited, and access timestamps. This data is used solely for security monitoring and error diagnosis – not for profiling or marketing – and is retained for 90 days.

The platform uses session cookies solely to maintain your authenticated state. No third-party tracking or advertising cookies are used.

Legal bases & sensitive data

Why we are permitted to process your data.

Under GDPR, every type of personal data processing must rest on a lawful basis. Our bases are:

  • Contract performance – processing necessary to provide the subscription service, manage your account, and deliver platform features
  • Consent – processing of birth data and the generation of astrological or Human Design interpretations for your end clients
  • Legitimate interest – security monitoring, fraud prevention, and maintaining service reliability
  • Legal obligation – compliance with Serbian law, GDPR, and applicable regulatory requirements

A note on sensitive data.

Birth date, time, and place combined with astrological or Human Design interpretation may constitute data revealing philosophical or spiritual beliefs – a special category under GDPR Article 9. As the data controller for your end clients, you are responsible for the consent basis. In practice, a client who voluntarily submits their birth data specifically to receive a reading has made their intent clear, which supports the consent argument for that processing. However, you should not enter a client’s birth data into the platform without their knowledge or without a service context that makes the purpose obvious.

Third-party subprocessors

Who else handles your data.

We use a small number of trusted third-party services to operate the platform. Each is engaged under data processing terms consistent with GDPR requirements.

  • Hetzner Online GmbH (EU) – primary server hosting and data storage
  • OpenAI, Inc. (USA) – text embedding generation for knowledge base vector search; data is transmitted for embedding only and is not retained or used for model training per our API agreement
  • OpenRouter (USA) – AI inference routing layer; routes requests to AI model providers on our behalf; data is transmitted for inference only and is not retained
  • Anthropic, PBC (USA) – AI model inference accessed via OpenRouter; data is transmitted for inference only and is not retained or used for model training
  • Payment processor – invoice and payment processing; payment card details are not stored on our infrastructure

We do not sell or share your data or your clients’ data with any third party for marketing, analytics, or advertising purposes.

Your data does not train AI models

Your clients’ readings are not training data.

We use large language models (Claude by Anthropic, primarily) for AI generation. These models are accessed via API. The conversation history, birth data, and knowledge base content processed through Tula AI is not used to train, fine-tune, or update any AI model.

This is a contractual commitment. It is also built into how we use these APIs – we do not opt into data sharing or training programs with our AI providers.

Your clients’ readings are private interactions between your practice and your clients.
GDPR Compliance

You are the data controller.
We are the processor.

Tula AI is designed to be GDPR-compliant. As a practitioner using the platform, you are the data controller for your clients’ data. We act as a data processor.

Practical GDPR support:

  • You are responsible for ensuring your clients have consented to their birth data being processed for the purpose they engaged your services – in most cases, a client voluntarily submitting their birth data to receive a reading constitutes sufficient consent for that specific purpose
  • Your clients can request access to, correction of, or deletion of their data – you manage this via your dashboard
  • Data processing agreements are available for all practitioners (required under GDPR when using a processor)
  • All personal data at rest is stored exclusively on EU-based infrastructure (Hetzner); data is transiently transferred to US-based AI subprocessors (OpenAI, OpenRouter, Anthropic) solely for inference and embedding – these transfers are covered by the EU-US Data Privacy Framework and standard contractual clauses, and the data is not retained by those providers

Data subject rights (your clients’ rights):

  • Right of access – your clients can request a copy of their data held on your platform
  • Right to erasure – you can delete any client’s data from your dashboard
  • Right to portability – client data can be exported on request
  • Right to restrict processing – you or your clients can request that we limit how specific data is processed while a concern or dispute is being resolved
  • Right to object – you or your clients can object to processing based on our legitimate interests
B2B data agreements

The data processing agreement is part of the Terms of Service.

By accepting the Terms of Service, practitioners automatically enter into a data processing agreement with Tula Branding Studio as required by GDPR Article 28. No separate document or signature is required.

The agreement, set out in §18 of the Terms, includes:

  • Explicit limits on how we may access or use practitioner and client data
  • A clear description of our role as processor, not controller
  • Sub-processor disclosure obligations – the current list is published on this page
  • Assistance with data subject rights requests on your behalf
  • Full deletion of personal data upon subscription termination
  • Tula Branding Studio’s liability for data breaches caused by our negligence is limited to actual, provable damages – no more, no less

You should only use the platform if you agree to these terms.

Data breach notification

What happens if something goes wrong.

In the event of a personal data breach affecting your account or your clients’ data, Tula Branding Studio will notify you by email within 72 hours of becoming aware of the breach, as required by GDPR Article 33. The notification will describe: the nature of the breach, the categories and approximate number of records and individuals affected, the likely consequences, and the measures taken or proposed to address it.

As the data controller for your end clients, you are responsible for assessing whether the breach requires notification to your clients and/or to the relevant data protection authority in your jurisdiction, in accordance with GDPR Article 34.

Children’s data

This platform is not intended for children.

Tula AI is a B2B platform intended exclusively for adult practitioners and their adult clients. We do not knowingly collect or process personal data from individuals under the age of 16. As the data controller, practitioners are responsible for ensuring that their end clients are adults before entering their personal data into the platform.

Changes to this policy

How we’ll tell you when things change.

We may update this Privacy Policy from time to time. For minor changes, we will update the date at the top of this page. For material changes – those that meaningfully affect how we process your data or your clients’ data – we will notify you by email at the address associated with your account at least 14 days before the changes take effect. Continued use of the platform after the effective date constitutes acceptance of the revised policy.

Business transfers

If the business is sold or wound down.

If Tula Branding Studio is acquired, merged with another entity, or if its assets are transferred, practitioner and client data held on the platform may be included as part of that transaction. You will be notified by email in advance. The acquiring entity will be required to honour the commitments in this Privacy Policy, or you will be given the opportunity to request deletion of your data before the transfer takes place.

In Short

What we commit to, plainly.

  • Your knowledge base is completely private and isolated
  • Your clients’ data belongs to your account, not the platform
  • All data is stored on EU-based infrastructure
  • We do not use your data or your clients’ data for AI model training
  • GDPR-compliant data processing with your clients
  • Data processing agreement embedded in Terms of Service – no separate signature required
  • Liability for data breaches caused by our negligence is limited to actual, provable damages
  • You will be notified by email within 72 hours of any security breach affecting your data
  • Data deleted 6 months after account expiry; earlier deletion available via admin@tula-ai.org
  • You can delete any client data or your entire account at any time

Questions about data or privacy?

Contact us directly – for data requests, agreement questions, or anything else related to how we handle data.

admin@tula-ai.org