Privacy Statement
Last updated: 15 June 2026
This Privacy Statement explains what personal data Voltaic — a research product of Verkko Robotics ("we", "us") — collects, why, and what rights you have. It applies to voltaic.live and the Voltaic application at app.voltaic.live.
1. Who is responsible
Verkko Robotics is the controller responsible for your personal data in connection with the Service. You can reach us at hello@voltaic.live for any privacy matter, including the exercise of your rights.
2. What we collect
| Category | Examples |
|---|---|
| Account & identity | Your name and email address provided by your sign-in provider (Google or Microsoft) when you authenticate. We never receive your password. |
| Access requests | If you request access, the name, email, organisation, and message you submit, plus the IP address and browser user-agent of the request. |
| Content you provide | Conversations, messages, uploaded files, and facts you teach the system, stored within your workspace. |
| Usage & security logs | Sign-in events, actions taken in your workspace, and an audit trail used to operate and secure the Service. |
| Cookies | A single, signed session cookie that keeps you logged in. We do not use third-party advertising or tracking cookies. |
3. Why we use it (legal bases)
- To provide the Service — authenticate you, run your workspace, store your content, and adapt the model to your use (performance of a contract).
- To secure and improve the Service — prevent abuse, debug, and maintain reliability (legitimate interests).
- To respond to access requests and communicate with you about the Service (legitimate interests / your consent).
- To meet legal obligations where applicable.
We do not sell your personal data, and we do not use your content to train models for other customers. Continual learning is scoped to your workspace.
4. Who we share it with
We share data only with service providers that help us run Voltaic, under appropriate safeguards:
- Identity providers — Google and Microsoft, for sign-in (OpenID Connect).
- Cloud hosting — our infrastructure provider, which hosts the application and database on servers located in the European Union.
We may also disclose data where required by law, or to protect the rights, safety, and security of our users and the Service.
5. Where your data is stored
The Service runs on servers located in the European Union. Where data is transferred outside the EU/EEA (for example, via an identity provider), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.
6. How long we keep it
We keep your account data and content for as long as your account is active. Access-request and audit records are retained for a reasonable period for security and compliance, then deleted. You can ask us to delete your account and associated content at any time (see your rights below).
7. Your rights
Subject to applicable law (including the GDPR), you have the right to:
- access the personal data we hold about you;
- correct inaccurate data;
- delete your data ("right to be forgotten");
- restrict or object to certain processing;
- receive your data in a portable format;
- withdraw consent at any time, where processing is based on consent;
- lodge a complaint with your local data-protection authority.
To exercise any of these, email hello@voltaic.live.
8. Security
We use industry-standard measures to protect your data, including encrypted transport (HTTPS), access controls, signed session cookies, and an audit trail. No method of transmission or storage is completely secure, but we work to protect your data and to address vulnerabilities promptly.
9. Children
The Service is not directed to children under 16, and we do not knowingly collect their data.
10. Changes to this statement
We may update this Privacy Statement from time to time. Material changes will be reflected by the "Last updated" date above. Please review it periodically.
11. Contact
For any privacy question or request, contact us at hello@voltaic.live.