Data handling

Privacy Notice

Short and clear: how consens.io handles prompts, provider calls, account data, and local settings.

Important note

consens.io compares answers from multiple AI models. Please avoid entering personal, confidential, or sensitive information in prompts. Model providers can process the content you send to them.

1. Controller

The controller under the GDPR is consens.io.
Contact:

2. Purposes and data we process

  • Prompts and model outputs: used to provide the service, send requests to selected AI models, and display answers.
  • Technical logs: timestamps and basic diagnostics for stability, security, and abuse prevention.
  • Optional account data: if you sign in, for access control, quota handling, bookmarks, and related usage features.
  • Local storage: used for interface preferences, session flags, and optional user settings. We do not use non-essential cookies.
  • Your own API keys, optional: if you enter keys, they are stored only locally in your browser and used to call the selected provider.

3. Provider routing

Model requests are sent to the model providers selected for the query, such as OpenAI, Anthropic, Mistral AI, Google, DeepSeek, or xAI. consens.io does not add an extra model marketplace or router layer between your prompt and those selected providers.

Necessary infrastructure providers, authentication services, and selected AI providers may still process data where needed to operate the service.

4. Legal bases under the GDPR

  • Art. 6(1)(b): performance of the service you request.
  • Art. 6(1)(f): legitimate interests in security, stability, abuse prevention, and aggregated product improvement.
  • Art. 6(1)(a): where we explicitly ask for consent.

5. Recipients, processors, and international transfers

To provide the service, we use infrastructure and model providers, for example hosting, authentication, and AI model providers. They may process data on our instructions as processors, or as independent providers when their interfaces are used. Processing may occur outside the EU/EEA. In such cases, we rely on appropriate safeguards, such as Standard Contractual Clauses, under Art. 44 et seq. GDPR.

6. Storage periods

We retain data only as long as necessary for the stated purposes or as required by law. Technical logs are generally kept short-term. Model content is retained only insofar as needed for stability, abuse defense, or aggregated and anonymized product improvement. On request, we will review earlier deletion.

7. Your rights in the EU/EEA

  • Access, rectification, erasure, restriction, and portability, subject to legal conditions.
  • Right to object to processing based on legitimate interests under Art. 21 GDPR.
  • Withdrawal of consent with future effect.
  • Right to lodge a complaint with a supervisory authority, for example the Lower Saxony DPA.

8. Security

We implement appropriate technical and organizational measures, including access limitation, logging, and up-to-date transport encryption.

9. Children

consens.io is not directed at children. Use the service only if you are old enough to use online services under the law applicable to you.

10. Changes and contact

We may update this notice and indicate the last updated date below.

Email:

Back to app Imprint