Privacy Policy

Effective Date: February 5, 2026

TEG-Blue is operated by Anna Paretas-Artacho ("we," "us," or "our"), based in Barcelona, Spain. We are committed to protecting your privacy and handling your personal data responsibly under GDPR and applicable data protection laws.

Privacy at a Glance

Who we areAnna Paretas-Artacho, Barcelona, Spain
What we collectAccount info, usage data, saved assessments
Why we collect itTo provide the service, process payments, improve TEG-Blue
Who we share withService providers only (Stripe, Supabase, Vercel); never sold
Your rightsAccess, correction, deletion, portability, objection
Contacthello@teg-blue.com

1. Information We Collect

Information You Provide

  • Account information: Email address and display name when you create an account.
  • Payment information: Processed through Stripe — we never store your full card details.
  • Tool responses: Assessment results, Circuit Board inputs, or notes you choose to save.
  • Bookmarks and progress: Pages you save and your journey through the content.
  • Communications: Records of correspondence when you contact us.

Information We Collect Automatically

  • Usage data: Pages visited, features used, time spent on the platform.
  • Device information: Browser type, operating system, screen size.
  • Log data: IP address, access times, referring URLs.
  • Cookies: To keep you logged in, remember preferences, and understand service usage.

2. How We Use Your Information

  • To provide the service: Processing your account, delivering content, saving your progress and assessments.
  • To process payments: Managing subscriptions and transactions through Stripe.
  • To communicate with you: Service messages, account notifications, and (with consent) updates about TEG-Blue.
  • To improve TEG-Blue: Understanding usage patterns and developing new features.
  • To ensure security: Detecting and preventing fraud, abuse, or unauthorized access.
  • To comply with legal obligations: Tax records, legal requests, regulatory requirements.

3. Legal Basis for Processing (GDPR)

We process your data under the following legal bases:

Contract

Processing necessary to provide the service you've subscribed to.

Legitimate interests

Improving the service, ensuring security, preventing fraud.

Consent

For marketing communications (you can withdraw consent anytime).

Legal obligation

Compliance with tax laws and legal requirements.

4. How We Share Your Information

We do not sell your personal data. Ever.

We share information only with:

  • Service providers:

    • Stripe — payment processing

    • Supabase — database and authentication

    • Vercel — hosting and analytics

  • Legal requirements: When required by law, court order, or governmental authority.
  • Business transfers: If TEG-Blue is acquired or merged (you will be notified).
  • With your consent: For any other purposes with your explicit permission.

5. Your Saved Data

When you use TEG-Blue's account features, we store:

  • Assessments: Your Circuit Board results and tool responses (if you choose to save them)
  • Notes: Personal reflections you write
  • Bookmarks: Pages and tools you save
  • Patterns: Personal pattern tracking data

This data is private. Only you can see it. TEG-Blue staff cannot access your personal assessments, notes, or reflections without your explicit consent (e.g., for technical support you request).

6. International Data Transfers

TEG-Blue is based in Spain (EU). Our service providers may process data in other countries. For transfers outside the EU/EEA, we ensure appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Provider certifications and data protection agreements

7. Data Retention

Account dataRetained while your account is active + 2 years after deletion (in case you return).
Payment records7 years (required for tax and accounting purposes).
Usage dataUp to 2 years in identifiable form, then anonymized.
Tool responses & notesRetained while your account is active; deleted upon account deletion.
CommunicationsUp to 3 years.

You can request earlier deletion of your data (see Your Rights below).

8. Cookies

Essential cookies

Required for the service to function (authentication, security). Cannot be disabled.

Analytics cookies

Privacy-focused analytics to understand service usage. No cross-site tracking.

Preference cookies

Remember your settings (theme, language).

You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent you from using the service.

9. Your Rights (GDPR)

Under GDPR, you have the right to:

Access

Request a copy of all personal data we hold about you.

Correction

Ask us to correct inaccurate or incomplete data.

Deletion

Request deletion of your personal data ("right to be forgotten").

Restriction

Ask us to temporarily restrict processing of your data.

Portability

Request your data in a machine-readable format.

Objection

Object to processing based on legitimate interests.

Withdraw consent

Where processing is based on consent, withdraw it anytime.

Complaint

Lodge a complaint with the AEPD or your local authority.

To exercise these rights, contact us at hello@teg-blue.com. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures including:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure authentication with password hashing
  • Access controls limiting who can access personal data
  • Regular security assessments
  • Secure service providers (Stripe is PCI-DSS compliant)

No system is 100% secure. If we become aware of a data breach affecting your personal data, we will notify you and the relevant authorities as required by law.

11. Children's Privacy

TEG-Blue is not intended for children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have collected data from a child under 16, please contact us immediately.

12. AI and Automated Processing

TEG-Blue does not use your personal data for automated decision-making that produces legal or similarly significant effects. Your assessment results are for your own self-understanding — they are not used to make decisions about you.

We do not use your data to train AI models or machine learning systems.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  • Notify registered users by email
  • Post notice on the website
  • Update the "Effective Date" at the top

Continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

Questions, concerns, or requests about your privacy? Contact us:

Email: hello@teg-blue.com

Location: Barcelona, Spain

Data Protection Authority: Agencia Española de Protección de Datos (AEPD) — www.aepd.es

Last updated: February 5, 2026