somree

Privacy Policy

Last updated: March 4, 2026

1. Who we are

somree is operated by DK Daniel Krajka, a business entity registered in Poland, European Union. For any privacy-related questions, contact us at privacy@somree.app.

2. Data we collect

  • Account information — email address provided via Google OAuth (through Clerk).
  • X (Twitter) data — your X handle and the list of accounts you follow, plus public posts fetched from those accounts.
  • YouTube data — public video metadata and content from channels you follow.
  • Payment status — subscription state managed by Polar.sh. We do not store full payment card details.
  • Usage & technical data — IP address, browser type, and basic interaction data collected automatically.

3. How we use your data

We process your data under the following GDPR legal bases:

  • Contract performance (Art. 6(1)(b)) — to deliver the service you signed up for, including generating and emailing your daily digest, and processing payments.
  • Legitimate interest (Art. 6(1)(f)) — to maintain security, prevent abuse, and improve the service.

4. Third-party processors

We share data with the following processors, only to the extent necessary to operate the service:

  • Clerk — authentication and user management.
  • Convex — database and backend infrastructure (US-based).
  • Polar.sh — subscription billing and payment processing.
  • Resend — email delivery for daily digests.
  • Twitter / X API — fetching public posts from accounts you follow.
  • YouTube API Services — fetching public video content. Use of YouTube data is subject to the YouTube Terms of Service and Google Privacy Policy.

5. International data transfers

Some of our processors are based in the United States. Transfers to the US are safeguarded by the EU-US Data Privacy Framework (DPF) and/or Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data retention

  • Your data is retained for as long as your account is active.
  • Upon a deletion request, personal data is removed within 30 days.
  • Payment and invoicing records may be retained longer as required by applicable tax law.

7. Your rights under GDPR

As an EU resident, you have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Erase your data ("right to be forgotten").
  • Restrict processing in certain circumstances.
  • Data portability — receive your data in a structured, machine-readable format.
  • Object to processing based on legitimate interest.
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with your local supervisory authority.

To exercise any of these rights, email privacy@somree.app. We will respond within 30 days.

8. Cookies

We use only strictly necessary authentication session cookies (set by Clerk) to keep you signed in. We do not use any tracking, analytics, or advertising cookies.

9. Children

somree is not intended for anyone under the age of 16. We do not knowingly collect personal data from children.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email. The "last updated" date at the top of this page indicates when the policy was last revised.

11. Contact

If you have any questions about this Privacy Policy or your personal data, contact us at privacy@somree.app.