Privacy Policy
Effective date: June 2026 | Last updated: June 2026
1. Who we are
Folio is operated by Folio Ltd. Our registered contact address for data protection purposes is: data@getfolio.ai. Folio Ltd is the data controller responsible for your personal data.
When we say "Folio", "we", "us", or "our" in this policy, we mean Folio Ltd.
2. What personal data we collect
2.1 Data you provide
- Email address — collected when you use our free translation tier or opt to receive your translated file by email.
- Payment information — collected by Stripe, our payment processor, when you purchase a translation. We do not store card details.
2.2 Data collected automatically
- Usage data — pages visited, browser type, device type, and anonymised IP address, collected via analytics tools.
- Cookies — session and preference cookies. See Section 8 for details.
2.3 Document content
When you upload a document, its content is transmitted to our translation processors (see Section 4). We do not read, review, or analyse the content of your documents for any purpose other than translating it. Documents are automatically deleted from our systems within 24 hours of translation completing.
3. How and why we use your data
- To deliver the translation service you have requested.
- To process payment and send you a receipt (via Stripe).
- To send your translated document to the email address you provide.
- To improve the reliability and performance of our service through anonymised analytics.
- To comply with legal obligations applicable to us as an Irish company subject to EU law.
We do not use your data for advertising, profiling, or sale to third parties.
4. Third-party processors
We share data with the following processors, each bound by data processing agreements:
- DeepL SE (Germany) — primary translation engine. Processes document content. DeepL does not use customer content to train its models.
- Google LLC — Gemini AI is used for quality assurance on certain document types. Document content may be passed to Gemini via the Google Cloud API. Google processes this data under its Cloud Data Processing Addendum and does not use it to train models.
- Stripe, Inc. (USA) — payment processing. Stripe is certified to PCI DSS Level 1. Data is transferred under EU Standard Contractual Clauses.
- Hosting provider — Folio is hosted on infrastructure contractually bound to EU data protection standards.
5. Legal basis for processing (GDPR Article 6)
- Contract performance (Art. 6(1)(b)) — processing your email address and document to deliver the translation you have requested.
- Legitimate interests (Art. 6(1)(f)) — anonymised analytics to improve the service; fraud prevention.
- Legal obligation (Art. 6(1)(c)) — retaining transaction records as required by Irish tax law.
- Consent (Art. 6(1)(a)) — use of non-essential cookies, where you have accepted via our cookie banner.
6. Data retention
- Document content: deleted within 24 hours of translation completing.
- Email address: retained for 90 days after your last transaction, then deleted.
- Payment records: retained for 7 years as required by Irish tax law.
- Analytics data: anonymised and retained for up to 26 months.
7. Your rights under GDPR
As a data subject under the GDPR, you have the following rights: access, rectification, erasure, restriction of processing, data portability, the right to object, and the right to withdraw consent.
To exercise any of these rights, email stuart@getfolio.ai. We will respond within 30 days. You also have the right to lodge a complaint with the Data Protection Commission (Ireland) at dataprotection.ie.
8. Cookies
We use the following types of cookies:
- Strictly necessary cookies — required for the service to function. These cannot be declined.
- Analytics cookies — only set if you accept via our cookie consent banner. You may withdraw consent at any time by clearing your cookies or adjusting your browser settings.
We do not use advertising or tracking cookies.
9. International data transfers
Some of our processors are located outside the EEA (including Stripe and Google in the USA). Where this is the case, we ensure appropriate safeguards are in place, including EU Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46 GDPR.
10. Children's privacy
Folio is not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected such data, please contact us at stuart@getfolio.ai.
11. Changes to this policy
We may update this policy from time to time. We will post the updated version on getfolio.ai with a revised effective date.
12. Contact
Data controller: Folio Ltd
Email: data@getfolio.ai
Website: getfolio.ai
