1. Who We Are
This website is operated by:
2. What Data We Collect
We only collect what we need to provide our service:
- Email address - to send you the generated texts
- Business description - what you enter in the form so we can generate texts
- Technical data - IP address, browser type (for security and analytics)
- Payment data - processed by our payment provider (we don't store card details)
3. Why We Process Your Data
| Purpose |
Legal Basis (GDPR) |
| Fulfilling your order and delivering texts |
Art. 6(1)(b) - contract performance |
| Answering your questions and handling complaints |
Art. 6(1)(b) - contract performance |
| Sending marketing emails (if you signed up) |
Art. 6(1)(a) - consent |
| Analytics and improving our service |
Art. 6(1)(f) - legitimate interest |
| Fraud prevention |
Art. 6(1)(f) - legitimate interest |
4. How Long We Keep Your Data
- Order data - as required by tax law (5 years)
- Business description - deleted after generating texts, or kept up to 30 days for support
- Marketing data - until you unsubscribe
- Technical logs - up to 12 months
5. Who We Share Data With
We only share data with trusted partners necessary to provide our service. With each we have a Data Processing Agreement (DPA) compliant with GDPR Art. 28:
- Anthropic, PBC (USA) - AI text generation via Claude API. Your business description is sent to the Anthropic API to generate marketing texts. Processed under Standard Contractual Clauses (SCC). Anthropic privacy notice
- Cloudflare, Inc. (EU + USA) - website hosting, CDN, Workers (form processing), DNS. Cloudflare privacy notice
- Zoho Corporation (India/USA) - Mail (transactional + correspondence), Campaigns (email outreach + sequences), CRM (customer relationship). Zoho privacy notice
- Google LLC (EU + USA) - Google Analytics 4, traffic analytics (only with your consent). Google privacy notice
- Microsoft Corporation (EU) - Microsoft Clarity, heatmaps and session recordings (only with your consent). Microsoft privacy statement
- Hetzner Online GmbH (Germany) - server infrastructure (VPS Falkenstein, EU). Hetzner privacy notice
- Formbricks - surveys (PMF, NPS, exit) self-hosted on our Hetzner VPS (no separate third-party processor)
Transfers outside EEA: some providers (Anthropic, partially Cloudflare/Google) process data in the USA. Transfers occur under Standard Contractual Clauses (SCC) of the European Commission, with additional technical safeguards (TLS 1.3 in transit, AES-256 storage, data minimization).
6. Cookies
We use cookies for:
- Essential cookies - site functionality, remembering your language choice
- Analytics cookies - Google Analytics and Google Tag Manager (you can opt out)
- Microsoft Clarity cookies - CLID, ANONCHK, _clck, _clsk, SM, MR, MUID - used for session recording and heatmap analytics (you can opt out)
You can manage cookies in your browser settings or via our cookie banner.
7. Your Rights
Under GDPR (Articles 15-22), you have the right to:
- Access (Art. 15) - see what data we have about you
- Rectification (Art. 16) - correct inaccurate data
- Erasure (Art. 17) - request deletion of your data ("right to be forgotten")
- Restriction (Art. 18) - limit how we process your data
- Portability (Art. 20) - receive your data in a machine-readable format
- Object (Art. 21) - object to processing based on legitimate interest
- Withdraw consent - at any time, without affecting prior processing
- Not be subject to automated decisions (Art. 22) - right not to be subject to a decision based solely on automated processing (including profiling) which produces legal or similarly significant effects. TextsForBusiness uses AI for text generation, but decisions affecting users (e.g., pricing, service access) always involve human oversight.
To exercise these rights, email us at contact@millai.eu. We respond within 30 days of receipt (GDPR Art. 12 §3, with possible 60-day extension for complex requests).
8. Right to Complain
If you believe we're processing your data unlawfully, you can file a complaint with your local data protection authority.
In Poland, this is the President of the Personal Data Protection Office (UODO).
9. Data Security
We use appropriate technical and organizational measures to protect your data:
- Encrypted connections (HTTPS/SSL)
- Secure data storage
- Limited access to data
10. International Transfers
Some of our service providers (e.g., Google) may process data outside the European Economic Area. In such cases, we ensure appropriate safeguards like Standard Contractual Clauses approved by the European Commission.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We'll notify you of significant changes by updating the date on this page.
Mill AI newsletter
Our websites offer an optional signup for the Mill AI newsletter (practical notes for small
business owners, at most twice a month). Subscribing is voluntary, separate from using the product,
and uses double opt-in: we send a confirmation e-mail and only a confirmed address joins the list.
The subscriber list is administered at the Mill AI portfolio level (contact@millai.eu) and stored
on encrypted infrastructure in the EU (AWS, eu-central-1). Legal basis: consent (art. 6(1)(a) GDPR).
You can withdraw consent at any time via the unsubscribe link in every issue or by writing to
contact@millai.eu - withdrawal takes effect immediately.
12. Contact
For privacy-related questions, contact us at:
Email: contact@millai.eu