Privacy Notice
Short & clear – how consens.io handles data.
Note: consens.io is a tool to compare answers from multiple AI models. Please avoid entering personal or sensitive data in prompts.
1) Controller
The controller under GDPR is consens.io.
Contact:
2) Purposes & data we process
- Prompts & model outputs: to provide the service (send to AI models, display answers).
- Technical logs: timestamps and basic diagnostics for stability, security, and abuse prevention.
- Optional account data: if you sign in (e.g., via Firebase) for access control and usage features.
- Local storage: only for UX (e.g., toggles/session flags). No non-essential cookies.
- Your own API keys (optional): if you provide keys, they are stored only locally in your browser (LocalStorage) and used exclusively to call the selected model provider.
3) Legal bases (GDPR)
- Art. 6(1)(b) – performance of the service you request.
- Art. 6(1)(f) – legitimate interests in security, stability, abuse prevention, and product improvement (aggregated).
- Art. 6(1)(a) – where we explicitly ask for consent.
4) Recipients / processors / international transfers
To provide the service, we use infrastructure and model providers (e.g., hosting, authentication, AI models such as OpenAI, Anthropic, Mistral, Google AI). They process data on our instructions as processors, or as independent providers when you use their interfaces. Processing may occur outside the EU/EEA. In such cases, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) under Arts. 44 ff. GDPR.
5) Storage periods
We retain data only as long as necessary for the stated purposes or as required by law. Technical logs are generally kept short-term; model content only insofar as needed for stability, abuse defense, or aggregated/anonymized product improvement. On request, we’ll review earlier deletion (see rights).
6) Your rights (EU/EEA)
- Access, rectification, erasure, restriction, portability (subject to legal conditions).
- Right to object to processing based on legitimate interests (Art. 21 GDPR).
- Withdrawal of consent with future effect.
- Right to lodge a complaint with a supervisory authority (e.g., Lower Saxony DPA).
7) Security
We implement appropriate technical and organizational measures (e.g., access limitation, logging, up-to-date transport encryption).
8) Children
consens.io is not directed at children. Use the service only if you are old enough to use online services under the law applicable to you.
9) Changes
We may update this notice and indicate the “Last updated” date below.