Privacy Policy

Scenteia (“we”, “us”) is the data controller for personal data collected through this website. You can reach us at hello@scenteia.com.

When you submit our contact form, we collect:

• Identity & contact: name, email address, role, company.
• Context you provide: website or social link, what you make, current formula format, the workflow problem you describe, and any optional message.
• Preferences: whether you opt in to a research call, early access, or sharing an anonymised sample formula.
• Consent evidence: a timestamp, the consent text shown to you, and the IP address used to submit the form.

We do not use advertising cookies or third-party analytics trackers on this site.

• To respond to your enquiry and to send you a confirmation email — legal basis: consent (Art. 6(1)(a) GDPR), given via the consent checkbox on the form.
• To follow up about research calls or early access if you opted in — legal basis: consent.
• To keep an audit trail of consent and to prevent abuse of the form — legal basis: legitimate interests (Art. 6(1)(f)).

Your submission is read by the Scenteia team. We use the following processors to operate the service:

• Lovable Cloud / Supabase — hosting and database (EU region).
• Cloudflare — content delivery and edge runtime.
• Our transactional email provider — to deliver the confirmation and notification emails.

We do not sell your personal data and we do not share it with third parties for their own marketing.

Where any processor is located outside the EEA / UK, transfers are protected by Standard Contractual Clauses (SCCs) or an equivalent safeguard recognised under the GDPR.

• Contact submissions: kept for up to 24 months from your last interaction, then deleted or anonymised.
• Email send logs: kept for up to 12 months for deliverability and abuse prevention.
• Suppression list (unsubscribes / bounces): kept indefinitely so we do not contact you again.

Under the GDPR you have the right to:

• Access the personal data we hold about you.
• Have it corrected if it is inaccurate.
• Have it erased (“right to be forgotten”).
• Restrict or object to our processing.
• Receive a portable copy (data portability).
• Withdraw consent at any time, without affecting prior lawful processing.
• Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, email hello@scenteia.com. We respond within 30 days.

Data is stored in an access-controlled database with row-level security. Only the Scenteia team — using authenticated server credentials — can read submissions. Traffic is encrypted in transit (TLS).

We may update this policy as the product evolves. Material changes will be reflected by updating the date at the top of this page.