Privacy Policy
Last updated: May 27, 2026
Prolenix is operated by DIYAB (eenmanszaak), a sole proprietorship registered in the Netherlands. This Privacy Policy explains how DIYAB, trading as Prolenix ("Prolenix", "we", "us", or "our") collects, uses, and shares personal information when you use www.prolenix.com and the related dashboard, APIs, and tools (together, the "Service").
1. Personal Information We Collect
1.1 Information you provide
- Account & profile data: email address, name, hashed password, language preference, and any profile details you add inside the dashboard.
- Communications: any messages, support requests, or feedback you send us.
- Store connection data: when you connect a Shopify store or other commerce account, we receive OAuth access tokens, product catalogues, and sales reports — only the scopes you explicitly authorise.
- Billing data (via Stripe): subscription plan, billing period, last four digits of your payment method, and invoice history. We do not receive or store full card numbers.
1.2 Information collected automatically
- Device and log data: IP address, browser type, operating system, referring URLs, and timestamps.
- Usage data: which features you use, scrape queries you trigger, dashboard interactions, and error logs.
- Cookies and similar technologies: see "Your Choices" for details.
1.3 Information from third parties
When you sign in through a third-party identity provider, or connect a Shopify store, we receive the information that provider returns under the scopes you authorise. We may also receive aggregated, anonymised ad-transparency data from Meta's public Ad Library API — this data describes advertisers, not Prolenix end users.
2. How We Use Your Personal Information
- Provide, operate, and maintain the Service.
- Process payments and manage subscriptions through Stripe.
- Run scrapes, AI generations, and other features you trigger.
- Send transactional emails (password resets, billing receipts, security alerts).
- Improve features based on aggregated usage patterns.
- Detect, prevent, and address abuse, fraud, and security incidents.
- Comply with legal obligations under Dutch and EU law.
3. Retention
We keep personal information only as long as necessary for the purposes described in this Policy. Account data is retained while your account is active and for up to 30 days after closure. Invoicing records are kept for 7 years to comply with Dutch tax law (Belastingdienst requirements). You can request immediate deletion of any non-legally-required data at any time.
5. Your Choices
- Access, correct, delete, export: you can manage most account data inside the dashboard, or by emailing prolenix@prolenix.com.
- Marketing emails: every marketing email contains an unsubscribe link. Transactional emails (receipts, security alerts) cannot be opted out of while your account is active.
- Cookies: Prolenix uses strictly necessary cookies for authentication and session management, and aggregated analytics cookies to improve the product. You can control cookies in your browser settings; disabling necessary cookies will break sign-in.
- Do Not Track: we honour DNT signals where technically feasible.
6. Other Sites and Services
The Service may contain links to or integrations with third-party websites and services (Shopify, Stripe, Meta, etc.). Their privacy practices are governed by their own policies, not this one. We encourage you to read those policies before sharing information with them.
7. Security
We implement reasonable administrative, technical, and physical safeguards designed to protect personal information — including encrypted transport (TLS), encrypted storage at rest where supported by our providers, scoped access controls, and routine review of access logs. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.
8. International Data Transfers
Some of our processors (notably Stripe, OpenAI, and FAL) may transfer personal information outside the European Economic Area. Where transfers occur, they rely on the European Commission's Standard Contractual Clauses, an adequacy decision, or another lawful transfer mechanism.
9. Children
The Service is intended for users 16 years of age and older. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided information to us, contact prolenix@prolenix.com and we will delete it.
10. Changes To This Privacy Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be announced in-product or by email before they take effect.
11. Notice To European Users
If you are in the EEA or the UK, DIYAB (trading as Prolenix) is the Data Controller for your personal information. We process personal information on the following GDPR legal bases:
- Contract (Art. 6(1)(b) GDPR) — to deliver the Service you subscribed to.
- Legitimate interest (Art. 6(1)(f) GDPR) — to secure the platform, prevent abuse, and improve features.
- Legal obligation (Art. 6(1)(c) GDPR) — to retain invoicing records under Dutch tax law.
- Consent (Art. 6(1)(a) GDPR) — for optional features such as marketing emails; you can withdraw consent at any time.
Under the GDPR you have the right to access, rectify, erase, restrict, object to, or port your personal data. You may exercise any of these rights by emailing prolenix@prolenix.com. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl) or your local supervisory authority.
12. How to Contact Us
For questions about this Privacy Policy or your personal information:
- DIYAB (trading as Prolenix)
- Gerrit van der Veenlaan 217, 2552WJ 's-Gravenhage, Netherlands
- KvK number: 89873297
- VAT / BTW: NL004766759B14
- Email: prolenix@prolenix.com