Privacy Policy

Last updated: March 2026 · https://discode.ai

🇩🇪 Deutsche Version (Datenschutzerklärung)

1. Controller

Laboratoire M GmbH
Obere Donaustraße 45a/18, 1020 Vienna, Austria
E-Mail: datenschutz@discode.ai
Commercial register: FN 511608 s, Commercial Court Vienna
Managing Director: Moriz Piffl-Percevic

2. Data We Collect

Account data: Name, e-mail address (via Clerk OAuth)
Usage data: Chat histories, model selection, slider settings, eco-tracking values
Technical data: IP address (rate-limiting only, not stored long-term), browser type, device class
Sentry Session Replay (on errors): If an error occurs during your browser session, an anonymised session recording is sent to Sentry in 1% of error cases. All text is masked (maskAllText) and all media is blocked (blockAllMedia), so no plain-text content or personal data is captured. The recording is used solely for error reproduction.
Referral fraud prevention: When you redeem a referral code, a one-way hash (SHA-256) of your IP address is stored to prevent duplicate abuse. The original IP address is not retained — only the irreversible hash.
Payment data: Processed via Stripe — we store no credit card data

3. Purpose of Processing

Provision of the Multi-LLM routing service
Usage limits and credit management
Error analysis and monitoring (Sentry)
Contract fulfilment (Stripe payments)
Referral fraud prevention (IP hash for duplicate detection)

4. Legal Basis

Art. 6(1)(b) GDPR (contract performance), Art. 6(1)(c) GDPR (legal obligation, e.g. tax retention), Art. 6(1)(f) GDPR (legitimate interest in error analysis and security).

5. PII Anonymisation

discode.ai offers an optional server-side anonymisation feature. When enabled, personally identifiable information is automatically detected and replaced with placeholders before your query is forwarded to any LLM provider.

The anonymisation layer recognises 15 PII patterns (e-mail, phone, IBAN, credit card, tax ID, IP address, postal address, names, dates of birth, etc.) using rule-based detection and an ML-based Named Entity Recognition model (GLiNER). The original data is stored only in your encrypted chat history in the EU (Supabase, Frankfurt).

Note: Anonymisation does not provide absolute protection. We recommend not entering highly sensitive personal data in AI queries.

6. Auto-Memory (Automatic Fact Extraction)

If you enable the Auto-Memory feature in your settings, an AI model (Groq/Llama) automatically analyses your conversations for stable personal facts (e.g. name, profession, preferred programming language). Recognised facts are stored in your database and included as context in future conversations.

Legal basis: Art. 6(1)(a) GDPR (consent). The feature is disabled by default and requires your explicit activation (opt-in).
Categories: Personal data (fact), preferences (preference), project context (context).
Storage: Up to 20 facts per user, each max. 1,000 characters. Stored in Supabase (EU, Frankfurt), user-isolated (Row Level Security).
Retention:As long as your account exists or until you manually delete the facts. You can remove individual facts at any time via the settings or by chat command (“forget …”).
Sub-processor: For extraction, your query is sent to Groq (USA, SCC). See section 7 for details.
Revocation: You can disable Auto-Memory at any time. Previously stored facts are retained until you delete them manually.

7. Sub-Processors

We engage the following sub-processors to deliver our service. For transfers to the USA we rely on the EU–US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCC):

Sub-Processor	Purpose	Location	Legal Basis
Clerk	Authentication	USA	DPF
Stripe	Payment processing	USA (EU data in EU)	DPF
Supabase	Database	EU (Frankfurt)	No transfer
Upstash	Redis Cache / Rate Limiting	EU (Frankfurt)	No transfer
Vercel	Hosting / Edge Functions	EU (Region Pinning)	DPF
Sentry	Error Monitoring, Session Replay (1% on errors, masked)	Germany	No transfer
Google Analytics (GA4)	Anonymous usage analysis (consent only)	USA	DPF
Plausible Analytics	Privacy-friendly usage analysis (cookieless, consent only)	EU (Germany)	No transfer
OpenRouter	LLM API Routing	USA	SCC
Groq	Intent Detection	USA	SCC
Perplexity	Search / Research	USA	SCC
Replicate	Image / Video Generation	USA	SCC
Black Forest Labs	Image Generation (FLUX)	DE / EU	No transfer

8. Transfers to Third Countries

8.1 Transfers to the USA

For US-based providers we rely on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR, or the EU–US Data Privacy Framework where applicable (Clerk, Stripe, Vercel, Sentry).

8.2 Transfers to China (explicit consent only)

Some AI models available on the platform are operated by providers based in the People's Republic of China. There is no EU adequacy decision for China.

Affected models: DeepSeek V3/R1 (DeepSeek), Qwen 2.5 72B/7B (Alibaba), Kimi K2 (Moonshot AI), MiniMax M2/Video (MiniMax).

Disabled by default: Chinese models are disabled in your settings and are not considered for automatic routing. Your queries are sent exclusively to models in the EU or USA.

Activation requires explicit consent:If you enable the "China toggle" in settings, you explicitly consent to the transfer of your query data to servers in China pursuant to Art. 49(1)(a) GDPR. You may revoke this consent at any time by disabling the toggle.

9. Data Retention

Data category	Retention period	Deletion
Chat messages	Until deleted by user	30 days after soft-delete
Account data	Until account deletion	Immediate cascade on deletion
Payment data	7 years (Austrian tax law)	After expiry
Usage logs	12 months	Automatic (daily cron)
Safety events	12 months	Automatic (daily cron)
Bug reports	6 months	Automatic (daily cron)
Referral IP hashes	Until referral programme ends or account deletion	Cascade on account deletion
Consent log	3 years — including after account deletion (Art. 7(1) GDPR proof of consent; legal basis: Art. 6(1)(c) GDPR)	Automatic (daily cron)

10. Your Rights

Under the GDPR you have the following rights:

Access (Art. 15) — request a copy of your personal data
Rectification (Art. 16) — correct inaccurate data
Erasure (Art. 17) — delete your account and all associated data
Restriction (Art. 18) — restrict processing
Data portability (Art. 20) — export your data in machine-readable format
Objection (Art. 21) — object to processing based on legitimate interest

Contact: datenschutz@discode.ai. You may also lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40–42, 1030 Vienna, dsb@dsb.gv.at.

11. Cookies

11.1 Technically Necessary Cookies

We use technically necessary cookies (Clerk session token, CSRF protection). Local storage is used for UI preferences (theme, slider settings) — this data does not leave your browser.

11.2 Plausible Analytics (consent only)

If you accept the cookie banner, Plausible Analytics is loaded. Plausible is a cookie-free, privacy-friendly analytics tool hosted in the EU (Germany). It collects aggregate page-view data without setting cookies or storing personal data. Legal basis: Art. 6(1)(a) GDPR (consent).

11.3 Google Analytics 4 (consent only)

If you accept the cookie banner, Google Analytics 4 (GA4) is loaded. GA4 sets cookies to collect anonymous usage statistics (e.g. page views, sign-ups, first query, plan upgrades). Legal basis: Art. 6(1)(a) GDPR (consent).

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data transfer: USA (DPF-certified)
Retention: Up to 14 months (GA4 default)
Tracked events: sign_up, first_query, upgrade, topup
IP anonymisation: Enabled by default in GA4
Revocation: You can revoke your consent at any time by clearing your browser cookies. GA4 will then no longer be loaded.

If you decline the cookie banner or close it without accepting, neither GA4 nor Plausible is loaded and no analytics data is collected. We do not use marketing cookies.

12. Changes

This Privacy Policy may be updated. The current version is always available at discode.ai/privacy. For material changes we will notify you via e-mail or in-app notification.