Privacy Policy

Tovel is built and operated by Digital Lemonade BV, a company registered in the Netherlands. Where this policy says “we” or “us”, it means Digital Lemonade BV as the data controller for Tovel. You can reach us at hallo@tovel.app.

We keep what we need to run the service, and no more:

• Account data — your email address and authentication details.
• Your content — the notes, tasks, projects, documents, contacts and financial details you create in Tovel.
• Waitlist — if you sign up for early access, your email address.
• Basic technical data — limited logs needed for security and reliability. We don't use third-party advertising or behavioural trackers.

We process account data and your content to provide the service you asked for (performance of a contract), basic technical data to keep Tovel secure and working (legitimate interest), and waitlist emails on the basis of your consent. You can withdraw waitlist consent at any time by emailing us.

The content you create is yours. We don't sell it, we don't use it to train AI, and Tovel has no built-in AI reading along. If you choose to connect your own AI model via MCP, that runs under your own keys and your own control.

You can export your entire workspace to plain markdown files at any time — so you're never locked in, including when you leave.

We rely on a small set of trusted providers (processors) to run Tovel. They only process data to deliver their part of the service:

• Supabase — database, authentication and storage.
• Vercel — application hosting and delivery.
• Stripe — payment processing (once paid plans go live).
• Our email provider — sending you essential service emails.

We choose providers that let us keep data within the EU/EEA where possible. We never sell personal data to anyone.

We use only the cookies needed to keep you signed in and the app working. No advertising cookies, no cross-site tracking.

We keep your account and content for as long as your account is active. Deleted items are soft-deleted and removed after 30 days. When you close your account, we delete your data, except where we're legally required to keep certain records (for example, invoices).

Under the GDPR you can access, correct, export, or delete your personal data, and object to or restrict certain processing. Much of this you can do yourself (export and deletion are built in); for anything else, email hallo@tovel.app and we'll help. You also have the right to lodge a complaint with your local data protection authority.

If we make meaningful changes, we'll update this page and adjust the “last updated” date above. For significant changes we'll let you know by email.