Legal

Privacy Policy

Last updated: April 2026

Introduction

Betterette Global Sàrl-s (referred to as "Better.ette," "we," "us," or "our") is committed to protecting your personal data and privacy. This Privacy Policy explains how we collect, use, store, share, and safeguard your personal information in compliance with the EU General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and applicable Luxembourg data protection laws.

Better.ette is currently in a demonstration (demo/MVP) phase prior to its official product launch. Any data we collect is used primarily to operate, test, and improve our services. We take your privacy seriously and will only use your data as described in this Policy.

This Privacy Policy forms an integral part of our Terms of Use. In the event of any conflict between this Privacy Policy and the Terms of Use, this Privacy Policy shall prevail with respect to data protection matters.

Data Controller

For the purposes of data protection law, the data controller is Betterette Global Sàrl-s, located at 5A, Rue Václav Havel, L-1754 Luxembourg, registered with the Luxembourg Trade and Companies' Register (RCS Luxembourg) under number B295703. If you have any questions or requests regarding your personal data, you can contact us at inspire@betterette.com.

Minors

Better.ette is not intended for children. You must be at least 13 years old to use the service. If you are located in the European Economic Area (EEA), you must be at least 16 years old unless we have obtained verifiable parental or guardian consent for the processing of your personal data. Where the law of your country sets a different minimum age for digital consent, you must meet that age. We do not knowingly collect personal data from anyone under the applicable minimum age. If we learn that we have collected data from a person below the applicable age without proper consent, we will delete it promptly. If you believe a minor has provided us with personal data without appropriate consent, please contact us at inspire@betterette.com.

Personal Data We Collect

We collect only the personal data that is necessary for the purposes described in this Policy. We handle all personal data in a fair and transparent manner. The types of personal data we may collect include:

Data You Provide Directly

Contact and Identification Information: Your name and email address, provided when you sign up to the waitlist, create an account, or communicate with us.
Authentication Credentials: Your email and password (stored in hashed form), or a third-party provider identifier ("provider ID") if you sign in via Google or Apple.
Feedback and Communications: Any information you choose to share with us during surveys, user interviews, feedback forms (for example, via Brevo.com), or other communications. This may include your opinions, suggestions, bug reports, or other content you provide when testing our demo.
User-Generated Content: Content you input within the demo, such as positive-action entries, notes, or other app inputs.

Data Collected Automatically

Device Information: When you access the demo app or website, we may automatically collect information about your device, including device type, model, operating system, browser type and version, and screen resolution.
Usage and Analytics Data: Throughout your use of the demo, we collect information about how you interact with the service, including pages or screens viewed, features used, session duration, click paths, timestamps, and approximate geolocation (city/country level).
Cookies and Similar Technologies: When you visit our website or use the app, we use session cookies and, with your consent, analytics cookies. See the Cookies and Tracking Technologies section below for full details.

Note on IP Addresses: We use Google Analytics 4 (GA4), which does not log or store IP addresses. Your IP address is used transiently by Google to derive your approximate location (city/country) and is then immediately discarded. Your IP address may still be visible in server access logs, which we retain for security purposes only (see Data Retention below).

Data Received from Third Parties

If you sign in using a third-party authentication provider (such as Google or Apple), we receive limited profile information from that provider, typically: your name, your email address, and a unique provider identifier ("provider ID"). We do not receive or store your Google or Apple password. The information shared with us depends on the settings and permissions you have configured with the relevant authentication provider. We encourage you to review the privacy policies of these providers.

Sensitive Data

We do not request or intentionally collect any special categories of personal data (such as racial or ethnic origin, health information, political opinions, religious beliefs, etc.). Please avoid sharing such information in your feedback or app inputs.

Purposes and Legal Bases for Processing

We process your personal data only where we have a valid legal basis under Article 6(1) of the GDPR. Below we set out each purpose, the data involved, and the corresponding legal basis:

Waitlist Management — registering your interest and inviting you to the demo. Data used: email, name. Legal basis: Article 6(1)(b) — performance of a contract (pre-contractual steps at your request).
Account Creation and Authentication — allowing you to sign in and use the demo. Data used: email, name, provider ID, authentication credentials. Legal basis: Article 6(1)(b) — performance of a contract.
Providing and Operating the Demo — delivering core functionality and storing your entries. Data used: user-generated content, usage data. Legal basis: Article 6(1)(b) — performance of a contract.
Improving the Service — analyzing feedback, usage patterns, and bugs to develop Better.ette. Data used: feedback, usage/analytics data, device information. Legal basis: Article 6(1)(f) — legitimate interest (developing and improving our product; we have assessed that this does not override your rights and freedoms).
Analytics — understanding how users interact with the demo to identify issues and optimize the experience. Data used: device information, usage data, approximate geolocation, cookies. Legal basis: Article 6(1)(a) — consent (analytics cookies are only placed after you give consent via our cookie banner; see the Cookies and Tracking Technologies section below).
Communications — responding to your inquiries and sending service-related notices. Data used: email, name. Legal basis: Article 6(1)(b) — performance of a contract and Article 6(1)(f) — legitimate interest.
Marketing Communications — sending newsletters or project updates, only if you opt in. Data used: email, name. Legal basis: Article 6(1)(a) — consent. You can withdraw consent at any time.
Security and Fraud Prevention — protecting our platform and users from abuse. Data used: IP address (in server logs), device information, usage logs. Legal basis: Article 6(1)(f) — legitimate interest (ensuring the security and integrity of our service).
Legal Compliance — meeting legal obligations such as tax, regulatory, or law enforcement requirements. Data used: any data as required. Legal basis: Article 6(1)(c) — legal obligation.

We do not engage in automated decision-making or profiling that produces legal effects concerning you.

How We Share Your Data

Better.ette does not sell or rent your personal data to any third party. We share your data only in the limited circumstances described below, and always subject to appropriate safeguards.

Service Providers (Data Processors)

We use trusted third-party service providers who process data on our behalf and under our instructions. Each processor is bound by a Data Processing Agreement (DPA) in compliance with GDPR Article 28. Our current processors are:

Supabase, Inc. — Cloud backend providing database hosting, user authentication, and core platform infrastructure. Data processed: email, name, provider ID, user-generated content, authentication data. Location: EU (AWS eu-west-1, Ireland).
Brevo SAS — Email marketing and contact management platform used for waitlist sign-up and communication. Data processed: email, name, contact details. Location: EU (France; data hosted on EU-based infrastructure).
Google LLC (Google Analytics 4) — Web and app analytics. Data processed: pseudonymized usage data, device information, approximate geolocation. IP addresses are not logged or stored. Location: United States (see International Data Transfers below).

These providers process your data solely as necessary to deliver their services to us. They are contractually obligated to maintain confidentiality, implement appropriate security measures, and not use your data for any other purposes.

You can learn more about the data practices of our processors at:

Supabase: supabase.com/privacy
Brevo: brevo.com/legal/privacypolicy
Google Analytics: policies.google.com/privacy

Authentication Providers

If you sign in via Google or Apple, the authentication handshake involves sharing limited data between you, the provider, and Better.ette. We receive only the data described in the "Data Received from Third Parties" section above. We do not share your Better.ette activity data back with these providers.

Legal or Regulatory Disclosure

We may disclose personal data to governmental authorities or other third parties if required by law, or where we reasonably believe disclosure is necessary to: comply with a legal obligation or valid court order; respond to lawful requests by public authorities (including national security or law enforcement); or protect the rights, safety, or property of Better.ette, our users, or the public. In such cases, we ensure the disclosure is lawful and proportionate.

Business Transitions

If Better.ette undergoes a merger, acquisition, or asset sale, personal data may be transferred to the successor entity. We will notify affected users before any such transfer takes place and ensure that equivalent privacy protections apply.

International Data Transfers

We store and process personal data primarily within the European Economic Area (EEA). Our primary infrastructure providers — Supabase (AWS eu-west-1, Ireland) and Brevo (France) — host data within the EU.

However, Google Analytics 4 is operated by Google LLC, which is based in the United States. While GA4 does not log or store IP addresses, other analytics data (such as device information, usage patterns, and approximate geolocation) may be transferred to or processed in the United States.

Where personal data is transferred outside the EEA to a country that does not benefit from an EU adequacy decision, we ensure appropriate safeguards are in place, including:

The EU–U.S. Data Privacy Framework (DPF), under which Google LLC is certified.
EU Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable.
Supplementary technical measures such as pseudonymization and encryption.

You may request a copy of the applicable transfer safeguards by contacting us at inspire@betterette.com.

Data Security

We implement appropriate technical and organizational measures to ensure your personal data is secure. Better.ette protects your data by design and by default. We use industry-standard security practices to guard against unauthorized access, alteration, loss, or disclosure of personal data. These measures include, for example: controlling access to databases, encrypting data where appropriate, and monitoring our systems for vulnerabilities. Our service providers are also required to adhere to strong data security standards.

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We continuously review and improve our security posture.

If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected users without undue delay, as required by GDPR Articles 33 and 34.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy. In practice, this means we keep your data during the current testing and development phase of our app and will delete or anonymize it when it is no longer needed for those purposes. Specifically, personal data collected in this demo/MVP stage will not be retained indefinitely — we plan to either remove or anonymize test user data by the time the final app is launched, unless we have a legal obligation to keep it longer. We adhere to the principle that personal data should be kept only for so long as is necessary to achieve the purposes for which it was collected.

After the retention period expires or the data is no longer required, we will ensure it is securely deleted or anonymized (so that it is no longer associated with you).

Deletion Process

When you request deletion of your account or personal data, or when the retention period expires, the following process applies:

Your account is deactivated immediately and you lose access to the demo.
Your personal data is flagged for deletion in our systems and in all processor systems (Supabase, Brevo etc.).
Data is permanently deleted within 30 calendar days of the request or triggering event.
Anonymized or aggregated data that can no longer identify you may be retained for statistical purposes.
Backup copies (if any) are purged within the same 30-day window or on the next scheduled backup rotation, whichever is applicable.
You will receive confirmation of deletion by email upon completion.

Cookies and Tracking Technologies

We use a limited number of cookies and similar technologies on our website and demo app.

Strictly Necessary Cookies

These cookies are essential for the operation of the service and do not require your consent. They include session cookies (to maintain your login session and enable core functionality) and Supabase auth tokens (to manage authentication state securely).

Analytics Cookies (Consent Required)

These cookies are only placed after you have given your consent via our cookie consent banner. They include Google Analytics 4 cookies (such as _ga, _gid, and related identifiers), which collect pseudonymized usage statistics to understand how users interact with the demo, identify issues, and improve the platform.

Your Cookie Choices

When you first visit Better.ette, you will be presented with a cookie consent banner that allows you to accept or decline analytics cookies. You may change your preferences at any time by: clicking the cookie settings link in the footer of our website or app; adjusting your browser settings to block or delete cookies; or installing the Google Analytics Opt-out Browser Add-on.

If you decline analytics cookies, only strictly necessary cookies will be used, and your experience of the demo will not be affected.

Google Analytics 4 Disclosure

We use Google Analytics 4 (GA4), a web analytics service provided by Google LLC. GA4 uses cookies and similar technologies to collect and analyze information about how users interact with our service. This data helps us understand usage patterns, identify bugs, and improve the demo. GA4 collects information such as pages/screens viewed, session duration, user interactions, approximate geolocation (city/country level), and device and browser information. Importantly, GA4 does not log or store IP addresses — your IP address is used transiently to derive approximate geolocation and is then immediately discarded by Google. We have configured GA4 to retain user-level data for 14 months and event-level data for 2 months. We do not use cookies for advertising, retargeting, or profiling purposes.

For more information, see Google's Privacy Policy at: policies.google.com/privacy

Your Rights

As a user of Better.ette (even in our pre-launch phase), you have several rights regarding your personal data. We are committed to facilitating your exercise of these rights. You may contact us at any time at inspire@betterette.com to exercise the following:

Right to Access (Art. 15): You have the right to request confirmation of whether we are processing personal data about you, and to obtain a copy of the personal data we hold about you.
Right to Rectification (Art. 16): If any of your personal data that we have is incorrect or incomplete, you have the right to have it corrected or updated. We encourage you to keep your information up-to-date and will rectify inaccuracies promptly upon your request.
Right to Erasure (Art. 17): You can ask us to delete your personal data. This is sometimes called the "right to be forgotten." We will erase data upon request if it is no longer needed for the purpose collected, if you withdraw consent (and no other legal basis for processing applies), or if we have unlawfully processed it. Please note that we might retain certain minimal information if required by law (we will inform you if so).
Right to Restriction of Processing (Art. 18): You have the right to request that we limit the processing of your data in certain circumstances — for example, if you contest the accuracy of your data or if you object to our processing, we will restrict processing while we address your concern.
Right to Data Portability (Art. 20): Where applicable, you have the right to receive your personal data that you provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller at your request, if technically feasible.
Right to Object (Art. 21): You may object to our processing of your personal data when we base it on legitimate interests if you believe it impacts your fundamental rights and freedoms. You also have an absolute right to object to any use of your data for direct marketing. If you raise an objection, we will review it and, unless we have a compelling legitimate ground to continue or a legal requirement, we will cease the processing in question.
Right to Withdraw Consent (Art. 7(3)): If we are processing any of your personal data based on your consent, you have the right to withdraw that consent at any time. For example, if you consented to receive our newsletter, to analytics cookies, or to be contacted for feedback, you can opt out later. Withdrawal of consent will not affect the lawfulness of any processing we carried out before you withdrew, and it will not affect processing under other legal bases.

How We Handle Your Request

We may verify your identity before processing your request, to ensure your data is not disclosed to someone else. We will respond within one month of receiving your request. If the request is complex, we may extend this by up to two additional months, and we will inform you of the extension and the reasons. If we cannot fully comply (for example, due to legal retention obligations), we will explain why.

Right to Lodge a Complaint

We sincerely hope to resolve any concern you have directly. However, if you believe that we have not complied with applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. In Luxembourg, the relevant supervisory authority is the Commission Nationale pour la Protection des Données (CNPD). You can contact the CNPD at 15, Boulevard du Jazz, L-4370 Belvaux, Luxembourg, or visit their website at cnpd.public.lu. If you reside or work in another EU/EEA country, you may alternatively contact your local data protection authority.

Third-Party Links and Services

The Better.ette demo may contain links to third-party websites or services. This Privacy Policy applies only to Better.ette. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you interact with.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we update this Policy, we will revise the "Last updated" date at the top. For material changes, we will provide prominent notice (such as an email notification to active users, an in-app notice, or a banner on our website) with reasonable advance notice before the changes take effect. We will make the previous version available upon request. We encourage you to review this Policy periodically. Your continued use of Better.ette after changes take effect constitutes your acknowledgment of the updated Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. You can reach our team by email at inspire@betterette.com, or by mail at:

Betterette Global S.à r.l.-S
5A, Rue Václav Havel
L-1754 Luxembourg

We will be happy to assist you and will respond as promptly as possible.

By using our demo or otherwise providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy. Thank you for helping us build Better.ette, and rest assured that we are dedicated to handling your data with care, transparency, and respect for your privacy rights.