ClurioLog in

Legal

Privacy Policy

Last updated: April 21, 2026

Template notice. This page describes how Clurio processes personal data and is tailored to the services we use. It is not legal advice — before launch, have a privacy lawyer in your jurisdiction review it, and update contact details and the data controller section below.

1. Who we are

Clurio (“we”, “us”) is operated by Virdana. If you're in the EU, your data controller is Virdana, contactable at info@virdana.dev.

2. What we collect

Account data

  • Email address and first name (from signup or Google Sign-In)
  • Google profile info if you sign in with Google (name and profile picture URL)
  • A unique user ID generated by Firebase Authentication

Personalization data

  • Your country (one of HU, DE, NL)
  • Your life stage (student, just starting out, relocating, settled)
  • Theme preference (light, dark, or system)

Activity data

  • Guides you've bookmarked or marked as read
  • Checklist progress (which steps you've completed)
  • Timestamps of when you started or completed a checklist

Technical data

  • IP address (processed by hosting and security providers; not stored by us)
  • Browser and device type (via AdSense, if you consent to ads)
  • Pages viewed and interactions (via analytics, if you consent)

3. Why we process it (legal basis under GDPR)

  • Contract (Art. 6(1)(b)): account data and activity data are needed to provide the service you signed up for.
  • Legitimate interests (Art. 6(1)(f)): keeping the service secure, preventing abuse, and improving our guides.
  • Consent (Art. 6(1)(a)): advertising and analytics cookies. You can withdraw consent at any time via the cookie settings below.

4. Who we share it with

We don't sell your data. We use these processors to run the service:

  • Google Firebase(authentication, database) — data stored in EU regions where available. See Google's Firebase privacy terms.
  • Google AdSense (advertising) — only loads if you consent to advertising cookies. Google may use cookies to personalize ads based on prior visits to this and other sites. See Google's ad technologies.
  • Vercel (hosting) — see Vercel's privacy policy.

5. Cookies and similar technologies

We use three categories of cookies:

  • Essential: authentication session and preferences (theme, cookie choice). Always on.
  • Advertising: Google AdSense cookies for personalized advertising. Off by default in the EU — you must opt in.
  • Analytics: usage analytics. Off by default — you must opt in.

Change your cookie preferences at any time:

6. How long we keep it

  • Account data: until you delete your account.
  • Activity data: until you delete your account.
  • Technical/advertising data: per the processor's policy (typically 14–26 months for AdSense).

7. Your rights under GDPR

If you're in the EU, UK, or EEA, you have the right to:

  • Access the data we hold about you
  • Correct inaccurate data
  • Delete your data (“right to be forgotten”)
  • Export your data in a portable format
  • Restrict or object to processing
  • Withdraw consent for cookies at any time
  • Lodge a complaint with your national data protection authority (e.g. NAIH in Hungary, BfDI in Germany, AP in the Netherlands)

To exercise any of these, email info@virdana.dev. We respond within 30 days.

8. International transfers

Some of our processors (Google, Vercel) may transfer data outside the EU. Where they do, they rely on Standard Contractual Clauses and equivalent safeguards approved by the European Commission.

9. Children

Clurio is not directed at children under 16. We don't knowingly collect data from them. If you believe we have, email us and we'll delete it.

10. Changes to this policy

We'll notify you of material changes by updating this page and, where appropriate, by email. Check the “Last updated” date at the top.

11. Contact

Questions? Email info@virdana.dev.

← Back to Clurio