Skip to Content

Legal Center

Legal Center is your comprehensive resource for Power Prompt's terms, policies, and agreements that guide your relationship with us. 

We've organised everything based on what you're doing - whether you are a customer, partner, or just exploring our site. Our goal is simple: make legal information clear, accessible, and easy to understand.

Privacy Policy

This Privacy Policy describes how Digital Business Services S.à r.l., located at 2, rue Tresch, L-8373 Hobscheid, Luxembourg (hereinafter "DBS"), processes personal data in connection with the marketing, access, use, administration, support and operation of the Power Prompt solution, the powerprompt.eu website,  of the app.powerprompt.eu application and associated services.

This Policy forms part of the documentation framework applicable to Power Prompt alongside the Terms of Use, the Terms of Sale, the Data Processing Agreement, and the Cookie Policy. Its purpose is to inform data subjects of the processing carried out when DBS acts as a data controller for its own purposes.

Where DBS processes personal data on behalf of a customer in connection with the Services, the relevant provisions are primarily subject to the applicable Data Processing Agreement.

This version is applicable from 02/05/2026.
Last updated: 02/05/2026.

1. Data controller and scope of this Policy

DBS acts as a data controller when it processes personal data for its own purposes, in particular for the management of the commercial relationship, contracting, invoicing, accounting, website management, security of its systems, prevention of abuse, management of contact requests, communication with prospects and customers,  compliance with its legal obligations and the defence of its rights.

When DBS processes personal data on behalf of a business customer in connection with the use of the Power Prompt Services, DBS is acting as a processor within the meaning of the GDPR. Such processing is not governed by this Policy but by the applicable Data Processing Agreement between the parties.

Some Power Prompt Services may rely on artificial intelligence technologies or models provided by third-party providers. Personal data processed on behalf of customers in connection with the Services is not used by DBS to train generic artificial intelligence models.

The use of the Services is based on the instructions provided by the customer, who remains responsible for the data submitted and the uses made.

Unless there is a temporary technical need to operate the Service, and unless the user explicitly chooses to register a prompt enhancement, DBS does not retain the results provided by third-party providers.

We also do not record, in our database, the history of exchanges, instructions or prompts entered via the Services. Only temporary technical cache data, necessary to display the result to the user and ensure the immediate operation of the Service, may be kept for a limited period of time.


2. Categories of personal data processed

Depending on the situation, we may process the following categories of data: identification and contact data, business information, account and authentication data, billing and payment data, correspondence, support requests, technical and connection data, event logs, browsing data, information relating to the use of the site and the Services, as well as any information voluntarily provided in the context of a request,  a demonstration, a contract or an interaction with our teams.


3. Purposes of the processing

We process personal data for the following purposes: to manage contact and information requests; Create and administer accounts when direct access is opened. provide, operate, secure and maintain the Website and Services; manage demos, trials, subscriptions, orders, and renewals; ensure invoicing, collection and accounting; provide support and deal with incidents; to prevent abuse, fraud and illicit use; Ensure security, logging, and service continuity. communicate with customers and prospects; comply with legal, regulatory and tax obligations; and, where appropriate, defend or enforce our rights. 


4. Legal bases for processing

Depending on the case, the processing is based on one or more of the following legal bases: the performance of a contract or pre-contractual measures; compliance with a legal obligation; our legitimate interest in managing, securing, promoting and improving our business and Services; or, where required, your consent. Where processing is based on consent, consent may be withdrawn at any time without affecting the lawfulness of the processing carried out prior to such withdrawal.


5. Origin of the data

Data may be collected directly from you when you fill out a form, create an account, request a demo, sign up for a subscription, communicate with us by email or phone, use the website or Services, or provide us with information in the context of a contractual relationship. It may also come from your employer, organization, authorized partners, technical providers, system logs, cookies, or other similar technologies where applicable. 


6. Recipients of the data

Personal data may be accessible, within the limits of their respective attributions, to DBS's authorized teams, its advisors, technical service providers, hosting providers, authentication providers, payment service providers, subcontractors and partners involved in the operation, security, support, maintenance, invoicing or compliance of the Services. When some of these service providers process data on our behalf, we make sure that their intervention is accompanied by appropriate contractual commitments.

Depending on the services and processing involved, this may include, in particular, hosting and infrastructure providers such as RCarré, as well as payment providers such as Stripe Inc. for payment and collection processing under our own business as a controller. Other service providers may intervene depending on the functionalities activated, the integrations chosen or the reasonable evolution of our organization and our services. 


7. Data transfers outside the European Economic Area

Where the performance of certain processing operations involves a transfer of personal data outside the European Economic Area, we ensure that an appropriate transfer mechanism is in place in accordance with Chapter V of the GDPR, such as an adequacy decision, standard contractual clauses or any other mechanism recognised as valid under applicable law,  accompanied, if necessary, by appropriate additional measures.


8. Security and Privacy

We implement reasonable and appropriate technical and organizational measures to protect personal data against destruction, loss, alteration, unauthorized disclosure or unauthorized access.

These measures may include, as appropriate, access control, authentication, logging, environment segmentation, backup, recovery, vulnerability management, encryption in transit and/or at rest where relevant, as well as internal procedures relating to security and incident management.

As no security measure can guarantee an absolute absence of risk, each user also remains responsible for the confidentiality of his or her identifiers and the use of his or her access. 


9. Retention period

We retain personal data for no longer than is necessary for the purposes for which it was collected, subject to the retention periods required by law, accounting and tax obligations, reasonable technical constraints, backup cycles, security management, as well as our legitimate needs for proof,  compliance and advocacy.

When the data is no longer required, it is deleted, anonymised or archived in an appropriate manner.

Where DBS processes personal data for its own purposes as a Data Controller, the retention periods shall be determined in accordance with this Article.

Where data is processed on behalf of a customer as a Data Processor, the periods and methods of retention, return or deletion are governed by the applicable Data Processing Agreement.


10. Rights of data subjects

Subject to the conditions and limits provided for by the applicable regulations, you have the right to access, rectify, delete, limit, oppose, and, where applicable, have the right to the portability of your data. You may also withdraw previously given consent for processing based on this basis at any time. Finally, you have the right to lodge a complaint with the competent supervisory authority if you believe that your rights have not been respected.


11. Cookies and similar technologies

The website and certain associated services may use cookies, trackers or similar technologies to ensure their operation, measure the audience, improve the user experience, secure access or memorize certain preferences, under the conditions provided for in the applicable Cookie Policy.


12. Links to Third-Party Services

The Website or Services may contain links, integrations, connectors, interfaces, or references to third-party services. These services are subject to their own terms and privacy policies. We invite you to read them, as DBS does not exercise control over the own practices of these third parties outside of what is its legal or contractual responsibility.


13. Changes to this Policy

We may modify this Privacy Policy to reflect legal, regulatory, technical, organizational, or Power Prompt Service developments. The updated version will be brought to the attention of the persons concerned by any appropriate means. In the event of an adverse material change, we will endeavour to provide reasonable notice prior to its entry into force where relevant.


14. Contact

If you have any questions about this Privacy Policy or to exercise your rights, you can contact us at the following contact details: 

Digital Business Services S.à r.l.
2, rue Tresch
L-8373 Hobscheid
Luxembourg

Contact form: https://powerprompt.eu/contactus