SOLANIQ
Log inStart free trial

Legal

Privacy Policy

Last updated: 23 June 2026

This Privacy Policy explains how SOLANIQ (“SOLANIQ”, “we”, “us”) collects, uses, shares, and protects information when you use our carbon reporting platform at [your-domain] and related services (the “Service”). We built SOLANIQ to help Moroccan SME exporters turn their own energy and production data into buyer-ready, verification-ready carbon reports — and we treat that data with care.

1. Who we are (Data Controller)

The data controller responsible for your information is [SOLANIQ legal entity name, e.g. SOLANIQ SARL], registered in Morocco at [registered address, city] (commercial register [RC number], ICE [ICE number]). For any privacy question or to exercise your rights, contact us at [privacy@your-domain].

2. The short version

  • We collect the account, company, and energy/production data you enter so we can calculate your carbon footprint and generate your reports.
  • When you upload an electricity bill for automatic reading, the file is processed by our AI provider (Anthropic) solely to extract the figures — see Section 6.
  • We do not sell your data, and we do not use it for advertising.
  • You can access, correct, export, or permanently delete your data at any time — including full account deletion from your settings.

3. Information we collect

We collect only what the Service needs to do its job:

Account & profile data

  • Your email address and password (passwords are hashed by our authentication provider — we never see them in plain text).
  • Company details: legal company name, ICE (tax identifier), sector, site address and city, EU export markets, and your reporting period.
  • Optional contact information: contact name, phone number, website, and a company logo or avatar image you choose to upload.

Carbon activity data

  • Electricity consumption (monthly or annual kWh).
  • Fuel consumption (e.g. diesel, gasoline, LPG, natural gas) used on your sites.
  • Production quantity and unit, used to compute carbon intensity.
  • The carbon footprint results and reports we generate from the above.

Evidence files

If you choose to upload supporting evidence (such as an ONEE electricity bill), we store that file so it can be attached to your report. These documents may contain a meter reference, billed amounts, and an address. Files are kept in a private storage bucket and are accessible only to you (and to us where strictly necessary to operate the Service).

Payment data

If and when paid plans are active, payments are processed by our payment provider (Stripe). We do not store full card numbers on our servers; we retain only limited billing metadata (such as subscription status) needed to manage your plan.

Technical data

Like most online services, our infrastructure providers automatically process limited technical data (such as IP address, browser type, and request logs) to keep the Service secure and reliable. See our Cookie Notice for cookies we use.

4. How and why we use your data

Under the EU General Data Protection Regulation (GDPR) and Morocco’s Law No. 09-08 on the protection of individuals with regard to the processing of personal data, we rely on the following legal bases:

  • To perform our contract with you — creating your account, calculating your footprint, generating and storing your reports, and providing support.
  • Our legitimate interests — securing the Service, preventing abuse, and improving how the product works (without profiling you).
  • Your consent — for any optional processing, such as uploading a bill for AI reading; you can decline and enter data manually instead.
  • Legal obligations — where we must retain or disclose information to comply with applicable law.

5. AI processing of uploaded bills

Our “scan a bill” feature is optional. If you use it, the bill you upload is sent to our AI provider, Anthropic, and analysed only to extract the relevant figures (such as the billing period, kWh, amount, and meter reference), which are then returned to you to confirm or edit. We do not use your uploaded bills to train AI models. If you prefer not to use this feature, every figure can be entered manually.

6. Who we share data with (sub-processors)

We do not sell your data. We share it only with the service providers that make SOLANIQ work, under contracts that require them to protect it:

  • Supabase — database, authentication, and file storage.
  • Anthropic — AI extraction of uploaded bills (optional feature, see Section 5).
  • Stripe — payment processing (when paid plans are active).
  • [hosting/CDN provider, e.g. Vercel] — application hosting and delivery.

We may also disclose data where required by law, or to protect the rights, safety, and security of SOLANIQ and our users.

7. International data transfers

Your data is hosted with our infrastructure providers in [hosting region — to confirm in Supabase project settings]. Some of our providers may process data outside Morocco or the EU. Where data is transferred internationally, we rely on appropriate safeguards (such as the European Commission’s Standard Contractual Clauses and the providers’ own compliance frameworks) to keep your data protected to the standard described in this policy.

8. How long we keep your data

We keep your account and report data for as long as your account is active and for as long as needed to provide the Service. You can delete individual content or permanently delete your entire account at any time from Settings → Danger zone; deletion removes your company, reports, inputs, and uploaded files. We may retain limited records where required for legal, accounting, or security reasons.

9. How we protect your data

  • Data is encrypted in transit (HTTPS/TLS).
  • Row-level security ensures each account can only access its own data.
  • Evidence files live in a private bucket and are served only through short-lived signed links.
  • Sensitive keys are server-side only and never exposed to the browser.

No system is perfectly secure, but we work to protect your information and to limit who can access it.

10. Your rights

Depending on your location, you have the right to access, correct, update, export (portability), restrict, or object to the processing of your data, to withdraw consent, and to request erasure. To exercise any of these, email [privacy@your-domain] or use the in-app controls in your account settings. You also have the right to lodge a complaint with a supervisory authority — in Morocco, the CNDP (Commission Nationale de contrôle de la protection des Données à caractère Personnel); in the EU, your local data protection authority.

11. Children

The Service is a business tool intended for organisations and is not directed at children. We do not knowingly collect personal data from anyone under 18.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the app.

13. Contact us

Questions about this policy or your data? Contact [privacy@your-domain], or write to us at [registered address, city, Morocco]. See also our Terms of Service and Cookie Notice.