Privacy Policy

Last updated: April 2026

1. Controller Information

Sparrowise
Spanker 2
Oude Wetering 2377VW
Netherlands
VAT: NL005202754B97

Email: info@sleepwalker.ai
Phone: +31618368830

Sparrowise acts as the data controller for your personal data.

2. Information We Collect

We collect the following data when you use Sleepwalker:

  • Account Information: email address, name, account settings
  • URLs You Monitor: web pages you choose to analyze
  • Prompts and Queries: search prompts you enter
  • Brand and Competitor Data: names you track
  • Usage Data: features used, monitoring frequency
  • Device Information: browser type, IP address, general location

3. Legal Bases for Processing (GDPR)

We process your data based on:

  • Contract: to provide and operate the Service
  • Legitimate interests: improving performance, security, fraud prevention
  • Legal obligation: tax and compliance requirements
  • Consent: where applicable

4. How We Use Your Information

We use your data to:

  • provide and maintain the Service
  • process subscriptions and payments
  • generate AI-based insights and reports
  • send alerts and notifications
  • improve functionality and performance
  • respond to support requests
  • comply with legal obligations

We do not sell your personal data.

5. Third-Party Processors

To provide the Service, we use the following third-party AI and infrastructure providers:

  • OpenAI
  • Google (Gemini)
  • xAI (Grok)
  • Perplexity AI
  • Supabase
  • Stripe

These providers act as data processors on our behalf.

Depending on the functionality used, the following data may be processed:

  • URLs and web page content
  • prompts and queries submitted by you
  • brand names and competitor data
  • structured outputs generated by the Service

This processing is necessary to deliver AI-based analysis, visibility tracking, and reporting features.

All providers are contractually bound to process data in accordance with applicable data protection laws.

6. International Data Transfers

Some providers (including OpenAI and xAI) process data outside the European Economic Area (EEA), including in the United States.

We ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs)
  • use of providers with GDPR-aligned frameworks

7. Data Retention

We retain your data:

  • while your account is active
  • for up to 30 days after account deletion

Exceptions:

  • billing records retained for 7 years (legal requirement)
  • anonymized or aggregated data may be retained for analytics

8. Data Security

We implement industry-standard security measures, including:

  • encryption in transit (SSL/TLS)
  • secure storage practices
  • access controls

No method of transmission or storage is completely secure, but we take reasonable steps to protect your data.

9. Your Privacy Rights

Under GDPR, you have the right to:

  • access your data
  • correct inaccurate data
  • request deletion
  • request data portability
  • withdraw consent
  • object to processing

To exercise your rights, contact: info@sleepwalker.ai

10. California Privacy Rights

If you are a California resident, you may request:

  • access to your personal data
  • deletion of your data
  • correction of inaccurate data

We do not sell or share personal data.

11. Cookies

We use essential cookies for:

  • authentication
  • session management
  • security

We do not use tracking or advertising cookies.

12. Changes to This Policy

We may update this Privacy Policy from time to time.

Material changes will be communicated via email or within the Service.

13. Contact

For any privacy-related questions:

info@sleepwalker.ai