PRIVACY

Reflectra – Privacy Policy

Effective Date: November 4, 2025

This Privacy Policy explains how Tennex Meta consulting SA (“Reflectra,” “we,” “our,” or “us”) collects, processes, and protects your personal data when you use the Reflectra software, website, and related services (collectively, the “Service”).

By using Reflectra, you acknowledge that you have read and understood this Policy.

  1. Data Controller

  2. Information We Collect

    Reflectra is designed to minimize data collection. We only store the information necessary to operate the Service effectively and securely. We may collect and process the following categories of data:

    • Account Data: Email address, encrypted password, or Google authentication data.
    • Usage Data: Device type, browser, and limited technical information required for security and functionality.
    • Journal Data: Text entries, reflections, and AI interactions you voluntarily create within Reflectra.
    • Payment Data: Payment details are processed exclusively by Stripe; we do not store any credit card information.
    • Cookies & Local Storage: Used solely for authentication and session management purposes.

    Reflectra does not actively collect personal data for marketing or analytics purposes.

  3. Data Storage and Processing

    Reflectra uses the following trusted processors and infrastructure providers:

    • Supabase – database and authentication services
    • OpenAI – AI content generation and processing
    • Stripe – secure payment processing
    • Vercel – hosting and deployment of the Reflectra web application
    • Whop – community platform integration (for registered members)

    All data is securely stored in cloud environments located in Switzerland and/or the European Union. Your data is encrypted at rest and in transit, and Reflectra’s team has no access to the content of your journal entries or AI conversations.

  4. AI Processing

    Reflectra uses OpenAI’s API to generate AI-based insights and responses.

    When you interact with the AI, your text input is securely transmitted to OpenAI’s servers, which may be located in the United States or other jurisdictions. These inputs are processed only to generate the requested AI output and are not used to train OpenAI’s models. By using Reflectra, you acknowledge and consent to this processing.

  5. Data Transfers

    Because AI processing may occur on OpenAI’s servers outside Switzerland or the EU, your data may be transferred to the United States or other countries that do not provide the same level of data protection.

    These transfers are based on your explicit consent under Article 49(1)(a) GDPR, which you provide when using Reflectra’s AI features.

  6. Purpose and Legal Basis for Processing

    We process your data only for the following purposes:

    • To create and maintain your Reflectra account;
    • To enable journaling, AI responses, and dashboard analytics;
    • To provide customer support and respond to your inquiries;
    • To process payments through Stripe;
    • To comply with legal obligations.

    The legal basis for processing your data is your consent, our contractual obligation to provide the Service, and our legitimate interest in maintaining secure and efficient operations.

  7. Data Retention and Deletion

    We retain your personal data only for as long as necessary to provide the Service.

    If you delete your account, all associated data — including journal entries, AI interactions, and account information — is immediately and permanently deleted from our systems. Data is not retained in backups after deletion.

  8. User Rights

    Under the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR), you have the following rights:

    • Access – Request a copy of your personal data.
    • Rectification – Request correction of inaccurate information.
    • Erasure – Request permanent deletion of your data.
    • Restriction – Request temporary limitation of processing.
    • Portability – Request transfer of your data to another provider.
    • Objection – Object to certain processing activities.
    • Withdrawal of Consent – Withdraw consent at any time, without affecting prior processing.

    To exercise these rights, contact support@reflectra.io.

  9. Security

    We implement strict technical and organizational measures to protect your data, including:

    • Data encryption (at rest and in transit);
    • Secure authentication mechanisms;
    • Restricted access controls;
    • Continuous monitoring for vulnerabilities.

    Reflectra’s staff and contractors cannot access individual user data or journal content. All sensitive content is encrypted, and only you can view your entries through your account.

  10. Communications

    We only send service-related communications, such as account notices, billing confirmations, or security updates. We do not send marketing emails or newsletters.

  11. Children’s Privacy

    Reflectra is not intended for individuals under the age of 16. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, please contact us immediately at support@reflectra.io.

  12. Policy Updates

    We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Users will be notified of material changes via email or notice within the application. Your continued use of Reflectra after such changes constitutes acceptance of the revised Policy.

  13. Contact

    For any privacy-related inquiries, requests, or concerns, you can contact:

By using Reflectra, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described above.