-
Solutions
-
Website to App Converter
Get an app prototype in 2 minutes
-
Contest Voting App
Boost your voting contest with an app
-
Pageant Voting System
Create a flashy app for your pageant
-
Fan engagement app
Grow your fan engagement with an app
-
News app
Grow engagement with your readers
-
Event app
Engage your attendees
-
TV Show app
Grow interactions with your viewers
-
- Enterprise
- Pricing
- References
- AI App Builder
- Resources
Privacy Policy
Effective date: April 20, 2026
This Privacy Policy explains how Choicely (“Choicely”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data when you use the Choicely website, the Choicely platform, the Choicely AI app builder (the “AI Builder”), and related services (collectively, the “Services”). Choicely is a global service provider; the legal entity that contracts with you is identified in Section 1.
It applies to: (a) visitors to choicely.com; (b) Choicely customers and authorized users (“Builders”) who use the platform and AI Builder to create apps and websites; and (c) end users of apps built with Choicely (“End Users”), to the extent Choicely processes their data on its own behalf.
For data that Builders process about End Users through their apps, the Builder is the controller and Choicely acts as a processor under a Data Processing Addendum (“DPA”). The Builder’s own privacy policy applies to those End Users.
1. Who we are and how to contact us
The Choicely entity that contracts with you and acts as the data controller for personal data described in this Policy is Choicely Oy (business ID 2761779-3), unless stated otherwise. For privacy questions, requests, or to exercise your rights, contact us at:
- Email: [email protected]
- Web: https://www.choicely.com
2. Personal data we collect
2.1 Information you give us
- Account details: name, email address, password (hashed), profile picture, organization name, role, billing address, phone number.
- Payment information: handled by our payment processor; we receive limited transaction data such as the last four digits of your card and billing country, but not full card numbers.
- Customer Content: prompts you submit to the AI Builder, design assets, code, content, configuration, and other materials you upload or generate through the Services.
- Communications: messages you send to support, sales, or community channels.
2.2 Information collected automatically
- Usage information: pages viewed, features used, AI Builder generations, deployments, errors, timestamps, and similar telemetry.
- Device and connection: IP address (truncated where feasible), browser type and version, operating system, device identifiers, language, time zone.
- Cookies and similar technologies: as described in our Cookie Notice (Section 9).
2.3 Information from third parties
- Single sign-on providers (e.g., Google, Apple, Microsoft) when you choose to sign in through them, including basic profile data they share with us.
- Payment processors and tax-validation services.
- Analytics and security providers, including fraud-prevention partners.
2.4 Sensitive data
We do not intentionally collect special categories of personal data (such as health, biometric, racial, religious, or precise geolocation data). Please do not submit such data to the Services unless we have agreed in writing to support it.
3. How we use personal data
We use personal data for the following purposes and on the following legal bases under the EU/UK GDPR:
Provide the Services — to create and operate accounts, run the AI Builder, build, deploy, and host apps and websites, deliver push notifications, and otherwise perform our contract with you (Art. 6(1)(b) GDPR).
Billing and accounting — to process payments, prevent payment fraud, and meet tax and accounting obligations (Art. 6(1)(b) and (c) GDPR).
Improve and secure the Services — to monitor performance, debug issues, prevent abuse, ensure security, and improve features, based on our legitimate interests in operating a reliable and safe platform (Art. 6(1)(f) GDPR).
AI Builder operation — to process your prompts, route them to AI Subprocessors, return AI Output, and log generations for safety, quality, and abuse prevention, based on contract performance and our legitimate interests.
Communications — to send service messages (such as security alerts, billing notices, and product updates), respond to your inquiries, and, with your consent or as otherwise permitted by law, to send marketing emails (Art. 6(1)(a) or (f) GDPR). You can opt out of marketing at any time.
Legal compliance and protection — to comply with legal obligations, respond to lawful requests, enforce our Terms, and protect our rights, property, or safety and that of our users or others (Art. 6(1)(c) and (f) GDPR).
Where we rely on consent, you can withdraw it at any time. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.
4. The AI Builder, prompts, and AI Output
This Section describes our specific practices for the AI Builder.
4.1 What we process
When you use the AI Builder, we process the prompts, instructions, and context you submit, the AI Output returned by AI Subprocessors, and metadata about your generations (such as timestamps, model identifiers, token counts, and error codes).
4.2 AI Subprocessors
To generate AI Output, we send prompts and context to third-party model providers acting as our subprocessors (“AI Subprocessors”). These are currently OpenAI, Anthropic, and Google. We update our subprocessor list from time to time and provide it on request or via our website. AI Subprocessors process data on our behalf under written agreements that include confidentiality and security obligations.
If you build, host, and operate apps and websites with Choicely without using the AI Builder, your prompts and outputs are not sent to any AI Subprocessor. In that case the primary third-party processor of your Customer Content is Google (Google Cloud Platform), which provides our underlying cloud infrastructure.
4.3 No training of general-purpose models on your data
We do not use your prompts, AI Output, or other Customer Content to train general-purpose AI models that benefit other customers, and we contractually request that our AI Subprocessors do not do so either. Some AI Subprocessors retain inputs and outputs for a short period for abuse monitoring; we select providers that offer enterprise-grade data handling where reasonably possible.
4.4 Use for safety, quality, and product improvement
We may use prompts, AI Output, and metadata to investigate abuse, debug failures, evaluate quality, and improve Choicely-specific features such as templates, guardrails, and routing logic. Where this involves personal data, we minimize and aggregate or pseudonymize the data wherever possible.
4.5 Don’t put secrets or sensitive data in prompts
Please do not include passwords, API keys, payment card numbers, government identifiers, health information, or other highly sensitive data in your prompts or generated content unless you have a clear legal basis and have configured appropriate safeguards. You are responsible for the data you choose to submit.
5. Sharing personal data
We share personal data only as described below. We do not sell personal data, and we do not “share” personal data for cross-context behavioral advertising as defined under U.S. state privacy laws.
- Core service providers (used for all customers): cloud hosting on Google Cloud Platform, plus a limited set of operational providers for analytics, customer support, email delivery, payment processing, and security and fraud prevention.
- AI Subprocessors (used only when you use the AI Builder): OpenAI, Anthropic, and Google. They process prompts and outputs on our behalf under written contracts.
- Within your organization: account administrators and other authorized users in your workspace may access your account information and Customer Content.
- Builders and End Users: when you publish apps or websites, you share information with End Users as you choose; the Builder’s own privacy policy applies.
- Compliance and protection: regulators, law enforcement, courts, and other parties when required by law, to enforce our Terms, or to protect our or others’ rights, property, or safety.
- Business transactions: in connection with a merger, acquisition, financing, reorganization, sale of assets, or insolvency, subject to standard confidentiality protections.
6. International data transfers
Choicely is based in Finland (EU). Some of our service providers and AI Subprocessors are located outside the EEA, including in the United States. When we transfer personal data outside the EEA, UK, or Switzerland to a country that has not been recognized as providing an adequate level of protection, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, the EU-US Data Privacy Framework where applicable, and equivalent mechanisms for Switzerland.
You can request a copy of the safeguards we use by contacting [email protected].
7. Data retention
We keep personal data only as long as necessary for the purposes described in this Policy. As a general rule:
- Account data is retained for the duration of your account and deleted within 30 days of account closure, unless we are required to keep it longer (for example, for tax, accounting, or legal-claim defense purposes, typically up to 6–10 years).
- Customer Content (including AI Builder projects) is retained for the duration of your account and is deleted, isolated, or anonymized within 30 days of account closure, with backup copies cycled out within 90 days.
- Inactive free-tier accounts (no login for 24 months) may be deleted after a notice period.
- AI Builder logs and prompts may be retained in pseudonymized form for up to 90 days for abuse prevention, quality monitoring, and debugging.
- Server, security, and audit logs are typically kept for up to 12 months.
8. Your rights
8.1 Rights under EU/UK/Swiss law (GDPR and equivalents)
Subject to certain conditions and exceptions, you have the right to: access your personal data; receive a copy in a portable format; correct inaccuracies; delete personal data; restrict or object to certain processing; withdraw consent; and lodge a complaint with your local data protection authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (tietosuoja.fi).
8.2 Rights under U.S. state privacy laws
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, or another U.S. state with a comprehensive privacy law, you may have rights to know, access, correct, delete, and obtain a copy of your personal information, and to opt out of certain processing. We do not sell or share personal information for cross-context behavioral advertising and we do not engage in profiling that produces legal or similarly significant effects without human review.
8.3 How to exercise your rights
Email [email protected] from the email address associated with your account, or use any in-product controls we provide. We will respond within the time required by applicable law (generally within 30 days, extendable as permitted).
8.4 Authorized agents and appeals
Where required by law, you may use an authorized agent to submit requests, and you may appeal a denial of your request by contacting [email protected].
9. Cookies and similar technologies
We use cookies and similar technologies on choicely.com and in the platform to: (a) operate essential functionality (for example, authentication and load balancing); (b) remember your preferences; (c) measure usage with privacy-respecting analytics; and (d) where you consent, support marketing measurement.
You can manage non-essential cookies through our cookie banner and through your browser settings. EU/UK visitors are asked for consent to non-essential cookies on their first visit.
10. Security
We use technical and organizational measures designed to protect personal data, including encryption in transit, encryption at rest where appropriate, role-based access controls, audit logging, regular backups, vulnerability management, and employee training. No security measures are perfect; please use a strong unique password, enable multi-factor authentication where available, and notify us of any suspected compromise.
11. Children
The Services are not directed to children under 16, and we do not knowingly collect personal data from children under 16 through our website or platform. If you are a Builder publishing apps directed to children, you are responsible for complying with applicable children’s privacy laws (such as the U.S. Children’s Online Privacy Protection Act and equivalent laws in other countries) and for obtaining required parental consents.
12. Automated decision-making
We do not use the AI Builder or any other Service to make decisions that produce legal or similarly significant effects on you without meaningful human involvement. AI Output is intended to assist Builders, who remain responsible for reviewing and deciding what to publish.
13. Builders as controllers; DPA
When Builders use the Services to process personal data of their End Users, the Builder is the controller and Choicely is the processor. Our Data Processing Addendum (“DPA”) applies to that processing and includes the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, our list of subprocessors, and our security measures.
The current online DPA is incorporated into these Terms by reference for all Builders and is available at https://www.choicely.com/dpa. Enterprise customers may request a countersigned copy or a customized DPA at [email protected].
14. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will notify you by reasonable means (such as email or in-product notice) before they take effect. The “Effective date” at the top of this Policy indicates when it was last updated.
15. Contact and complaints
If you have questions or complaints about this Policy or our practices, contact us at [email protected]. You also have the right to lodge a complaint with a supervisory authority in your country of residence.