ApolloTrail application logoApolloTrail application logo

Privacy Policy

Last updated: 16.04.2026

Welcome to the Privacy Policy for ApolloTrail, available at apollotrail.com. This Policy explains what Personal Data we collect, how we use it, who we share it with, how long we keep it, and what rights you may have.

Latest update: April 16, 2026

Summary

ApolloTrail is an AI-powered gaming assistant. To operate the Service, we process account data, chat and prompt data, billing and subscription data, technical data, and limited marketing data when you choose to receive emails from us.

We do not sell Personal Data. We do not knowingly allow children under 13 to use ApolloTrail. We use third-party service providers such as Google and Stripe to provide authentication, AI infrastructure, fonts, and payment services. We may use analytics providers such as Google Analytics where enabled with any legally required consent.

If you have privacy questions or want to exercise your rights, contact us at [email protected].

Owner and Data Controller

Oleh Anfimov
Szlachecka 2/41
03-259 Warsaw
Poland VAT ID: PL5213991661

Owner contact email: [email protected]

For users in the European Economic Area, United Kingdom, Switzerland, and other jurisdictions with similar privacy laws, the Owner is the data controller unless this Policy says otherwise.

Age Restrictions and Children

ApolloTrail is not directed to children under 13 years old, and children under 13 are prohibited from creating an account or using the Service.

We do not knowingly collect Personal Data from children under 13. If you believe that a child under 13 has provided Personal Data to ApolloTrail, contact us at [email protected]. If we confirm that we collected such data, we will delete it unless we are legally required to keep it.

Users who are at least 13 but under the age of majority in their country or state may use ApolloTrail only with permission from a parent or legal guardian, where required by applicable law.

Personal Data We Collect

We collect Personal Data directly from you, automatically from your device and browser, and from service providers that help us operate ApolloTrail.

Account and Authentication Data

We may collect:

  • email address;
  • password or password-related authentication data;
  • Google account information when you use Google sign-in;
  • account identifiers;
  • email verification status;
  • login method;
  • password reset and password change information;
  • account settings and subscription status.

We use this data to create and manage accounts, authenticate users, secure the Service, provide account settings, process account deletion and export requests, and prevent abuse.

Chat, Prompt, and AI Interaction Data

When you use ApolloTrail's AI features, we may process:

  • prompts, messages, questions, and other user-provided content;
  • AI responses;
  • chat history;
  • chat identifiers;
  • timestamps;
  • selected settings such as whether web search is enabled;
  • usage limits, credits, and feature usage;
  • technical diagnostics related to streaming responses.

Do not submit sensitive Personal Data, confidential information, payment card numbers, government identification numbers, health information, or information about children in prompts or chat messages.

We use chat and prompt data to provide AI responses, maintain conversation history, apply usage limits, troubleshoot errors, secure the Service, prevent abuse, and improve ApolloTrail where permitted by law.

Billing and Subscription Data

Payments are processed by Stripe. We do not intentionally collect or store full payment card numbers.

We may receive and process:

  • email address, name, and billing contact information;
  • subscription plan, billing interval, payment status, renewal status, cancellation status, and related timestamps;
  • Stripe customer, checkout, payment, invoice, and subscription identifiers;
  • limited payment confirmation data;
  • tax, accounting, fraud-prevention, and dispute information where applicable.

We use billing and subscription data to process purchases, manage subscriptions, provide access to paid features, handle billing support, comply with tax and accounting obligations, prevent fraud, and enforce our legal rights.

Marketing and Newsletter Data

If you subscribe to our newsletter or choose marketing updates during registration, we may process:

  • email address;
  • subscription status;
  • consent or opt-in source;
  • unsubscribe or suppression records;
  • basic email delivery and engagement information if provided by our email service provider.

You can unsubscribe from marketing emails by using the unsubscribe method in the email or by contacting [email protected]. We may still send non-marketing messages about your account, security, purchases, legal notices, or service changes.

Technical, Device, Usage, and Log Data

We may automatically collect:

  • IP address;
  • device, browser, operating system, and language information;
  • pages viewed, session statistics, referrer, timestamps, and usage events;
  • cookies, similar technologies, and local storage values;
  • authentication cookie status;
  • service worker and progressive web app state;
  • crash, error, security, and diagnostic logs;
  • approximate location derived from IP address;
  • analytics events and identifiers, where Google Analytics or similar analytics technologies are enabled with any legally required consent.

We use this data to operate, secure, debug, analyze, and improve ApolloTrail; maintain sessions; remember limited user choices; detect abuse; measure usage and performance; and understand aggregate usage.

Voice and Browser Speech Features

ApolloTrail may provide a browser-based speech input feature. If you use it, your browser or operating system may process microphone audio to generate text. ApolloTrail receives the resulting transcript only when it is entered or submitted through the Service.

Microphone permission, speech recognition, and audio processing may be controlled by your browser, operating system, or device provider. ApolloTrail does not intentionally store raw microphone audio through this feature.

Support, Legal, and Communications Data

If you contact us, exercise privacy rights, submit a legal request, or communicate with support, we may process:

  • your contact information;
  • message contents;
  • account identifiers;
  • verification information;
  • request history;
  • related legal or administrative records.

We use this data to respond to you, verify requests, resolve disputes, enforce our terms, comply with law, and protect our rights and users.

Purposes and Legal Bases

Where the GDPR, UK GDPR, Swiss FADP, or similar laws apply, we rely on the following legal bases.

Performance of a Contract

We process Personal Data to provide ApolloTrail, including account creation, login, AI chat, conversation history, subscription access, billing flows, account settings, account export, and account deletion.

Legitimate Interests

We process Personal Data for legitimate interests such as security, fraud prevention, abuse monitoring, service reliability, debugging, analytics, product improvement, legal claim management, and protecting ApolloTrail, users, and third parties.

When we rely on legitimate interests, you may object where required by law.

Consent

We rely on consent where required, including for marketing emails, certain cookies or analytics technologies, and certain uses of sensitive data if they ever become necessary. You may withdraw consent at any time.

For users in jurisdictions where consent is required for analytics cookies or similar technologies, ApolloTrail will request consent before enabling Google Analytics or similar non-essential analytics technologies.

Legal Obligations

We process Personal Data when necessary to comply with tax, accounting, consumer protection, payment, privacy, law-enforcement, regulatory, and other legal obligations.

AI Processing

ApolloTrail uses artificial intelligence technologies to generate gaming assistance, recommendations, explanations, and contextual responses.

Known AI infrastructure providers include Google LLC services such as Gemini and Google Cloud Vertex AI. These providers may process prompts, messages, technical metadata, and generated outputs to provide the AI functionality.

Unless we clearly state otherwise, user prompts submitted through ApolloTrail are not used to train third-party foundation models. ApolloTrail may use prompts, outputs, usage patterns, and diagnostics to maintain, secure, debug, evaluate, and improve the Service where permitted by law and subject to appropriate safeguards.

AI responses may be inaccurate or incomplete. ApolloTrail does not use AI features to make decisions that produce legal or similarly significant effects about users, such as credit, employment, housing, insurance, healthcare, or legal eligibility decisions.

We may review AI interactions when necessary to investigate abuse, troubleshoot technical issues, enforce our terms, improve safety, comply with law, or respond to user support requests.

Cookies, Local Storage, and Similar Technologies

ApolloTrail uses cookies, local storage, service workers, and similar technologies.

We may use these technologies to:

  • keep users signed in;
  • secure accounts and sessions;
  • remember limited interface and checkout state;
  • support progressive web app installation;
  • measure usage and performance;
  • detect abuse and troubleshoot errors.

Examples include an authentication cookie, local storage values for pending checkout or progressive web app installation state, analytics technologies, and browser storage used by service workers.

You can control cookies through your browser settings. Blocking some cookies or storage technologies may prevent ApolloTrail from working correctly. Where required by law, we will request consent before using non-essential cookies or similar technologies. For more details about the Trackers we use and how to manage preferences, see our Cookie Policy.

ApolloTrail may use Google Analytics to understand how users find and use the Service, measure performance, improve product flows, and diagnose usage issues. Google Analytics may process online identifiers, IP-derived approximate location, device and browser information, pages viewed, referrers, session information, and interaction events. Where required, Google Analytics will be disabled until you provide the required consent, and we will send applicable consent signals to Google.

Service Providers and Recipients

We share Personal Data with service providers only as needed to operate ApolloTrail, comply with law, or protect rights and safety.

Known service providers include:

  • Google Ireland Limited, Google LLC, and their affiliates for Google sign-in, Google Analytics where enabled with any required consent, Google Fonts, and AI infrastructure such as Gemini and Google Cloud Vertex AI;
  • Stripe, Inc. and its affiliates for payment processing, checkout, subscription management, invoices, fraud prevention, and billing support;
  • backend API, hosting, database, email delivery, newsletter, logging, security, monitoring, and support providers that help us operate ApolloTrail.

The exact providers used for infrastructure, database, email, newsletter, logging, monitoring, and support functions may change as ApolloTrail's operations evolve. ApolloTrail keeps provider records internally and will provide current provider information upon request where required by law.

We may also disclose Personal Data:

  • to comply with law, legal process, or lawful government requests;
  • to enforce our terms or agreements;
  • to protect ApolloTrail, users, and third parties from fraud, abuse, security incidents, or harm;
  • in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar corporate transaction;
  • with your consent or at your direction.

We require service providers to process Personal Data only for authorized purposes and to protect it appropriately.

International Data Transfers

ApolloTrail is operated from Poland, and our service providers may process Personal Data in the European Economic Area, the United States, and other countries.

Where Personal Data is transferred internationally, we use safeguards required by applicable law, such as adequacy decisions, Standard Contractual Clauses, data processing agreements, and supplementary measures where appropriate.

You may contact us to request more information about international transfer safeguards.

Data Retention

We keep Personal Data only for as long as reasonably necessary for the purposes described in this Policy, unless a longer period is required or permitted by law. We set retention periods based on the type of data, the reason we process it, legal obligations, security needs, and dispute risk.

Our standard retention practices are:

  • account data: kept while your account is active. After account deletion is completed, account data is deleted or anonymized from active systems within 30 days, except for limited records that we need for security, fraud prevention, billing, legal compliance, dispute handling, or enforcing our rights;
  • scheduled account deletion records: kept during the deletion waiting period shown in the Service and then kept in limited form for up to 24 months to document the request, prevent abuse, respond to disputes, and demonstrate compliance;
  • chat history, prompts, AI responses, and chat metadata: kept while your account is active so we can provide conversation history, operate the Service, troubleshoot issues, enforce limits, and investigate abuse. If you delete a chat, we delete or remove it from active systems within 30 days, unless we need to keep limited information for security, abuse prevention, legal compliance, or dispute handling;
  • account export records: generated when requested and not intentionally kept longer than needed to provide the export, troubleshoot the request, and document completion;
  • billing and subscription records: kept while needed to manage subscriptions, process payments, issue invoices, handle chargebacks, prevent fraud, comply with tax and accounting obligations, and resolve disputes. Some billing, invoice, tax, and accounting records may need to be kept for the period required by applicable law;
  • Stripe identifiers and payment confirmation records: kept as long as needed for subscription management, payment reconciliation, fraud prevention, chargebacks, accounting, and legal claims;
  • marketing and newsletter records: kept until you unsubscribe or withdraw consent. We may keep limited suppression records for as long as needed to honor opt-outs and avoid sending marketing emails to unsubscribed addresses;
  • technical application logs: usually kept for 30 to 90 days, unless a longer period is needed to investigate bugs, service reliability issues, abuse, fraud, security incidents, legal requests, or disputes;
  • security, fraud-prevention, and abuse logs: usually kept for 90 to 180 days, unless a longer period is needed for incident investigation, account protection, abuse prevention, legal compliance, or dispute handling;
  • Google Analytics data: if Google Analytics is enabled, kept according to the retention period configured in Google Analytics and used for analytics and reporting purposes, subject to any required consent choices and Google Analytics controls. ApolloTrail will configure and document the active Google Analytics retention period before using Google Analytics in public production;
  • support, privacy rights, legal, and administrative requests: kept for up to 24 months after closure, unless a longer period is needed for legal compliance, dispute handling, or defending legal claims;
  • backups: deleted or overwritten on a rolling schedule, usually within 30 to 90 days, unless a longer backup period is necessary for security, disaster recovery, legal compliance, or incident response.

When retention ends, we delete, anonymize, aggregate, or otherwise restrict Personal Data unless we are legally allowed or required to keep it.

Security

We use reasonable technical, organizational, and administrative measures designed to protect Personal Data against unauthorized access, disclosure, alteration, and destruction.

These measures may include access controls, authentication safeguards, encryption in transit, service-provider controls, logging and monitoring, backup practices, and internal limits on who can access Personal Data.

No online service is completely secure. You are responsible for keeping your login credentials confidential and for using a strong, unique password.

Your Privacy Rights

Depending on where you live, you may have rights to:

  • access Personal Data we process about you;
  • receive a copy of your Personal Data in a portable format;
  • correct inaccurate Personal Data;
  • delete Personal Data;
  • restrict or object to processing;
  • withdraw consent;
  • opt out of certain marketing, sale, sharing, targeted advertising, or profiling activities where applicable;
  • appeal a denied privacy request where applicable;
  • lodge a complaint with a data protection authority.

To exercise rights, contact [email protected]. We may need to verify your identity before responding. We will not discriminate against you for exercising privacy rights.

If you have an ApolloTrail account, some rights may also be available through account settings, such as account export or account deletion.

Further Information for Users in the European Union, EEA, United Kingdom, and Switzerland

You may have the rights described under the GDPR, UK GDPR, Swiss FADP, or similar laws.

You may lodge a complaint with your local supervisory authority. If you are in Poland, the relevant authority is the President of the Personal Data Protection Office, known as UODO.

When we process Personal Data based on legitimate interests, you may object to the processing based on your particular situation. When we process Personal Data for direct marketing, you may object at any time.

When we process Personal Data based on consent, withdrawing consent does not affect processing that occurred before withdrawal.

Further Information for Users in Brazil

If the Brazilian Lei Geral de Protecao de Dados applies to you, you may have rights to confirm processing, access data, correct incomplete or inaccurate data, anonymize, block, or delete unnecessary or excessive data, obtain portability, receive information about sharing, withdraw consent, and lodge a complaint with the ANPD.

You can exercise these rights by contacting [email protected].

Further Information for Users in the United States

This section supplements the rest of this Policy for residents of U.S. states with comprehensive privacy laws, including California and other states where applicable.

Categories of Personal Information Collected

In the past 12 months, we may have collected the following categories:

  • identifiers, such as name, email address, account identifiers, IP address, and online identifiers;
  • customer records, such as account, billing, and subscription information;
  • commercial information, such as purchases, subscription plans, invoices, payment status, and renewal or cancellation status;
  • internet or other electronic network activity information, such as usage data, device data, browser data, cookies, logs, session statistics, and interactions with the Service;
  • geolocation information, such as approximate location derived from IP address;
  • audio or sensory information, only to the extent browser speech features generate transcripts that you submit;
  • inferences, such as product usage patterns, subscription status, feature eligibility, and abuse or risk signals;
  • sensitive Personal Information, only where applicable, such as account login credentials and any sensitive content you choose to submit in prompts or messages.

Purposes for Collection

We collect these categories for the purposes described in this Policy, including providing the Service, authentication, AI chat, payments, subscriptions, security, fraud prevention, Google Analytics and similar analytics where enabled with any required consent, support, marketing with consent, legal compliance, and product improvement.

Sources

We collect Personal Information from you, your device and browser, your interactions with ApolloTrail, and service providers such as Google and Stripe.

Disclosure

We may disclose the categories above to service providers and recipients described in this Policy, including payment processors, Google Analytics and similar analytics providers where enabled with any required consent, AI infrastructure providers, authentication providers, hosting and infrastructure providers, email providers, security providers, and professional advisers.

Sale, Sharing, and Targeted Advertising

We do not sell Personal Information for money. We do not knowingly sell or share Personal Information of children under 16.

We do not currently use Personal Information for cross-context behavioral advertising or targeted advertising. If that changes, we will update this Policy and provide legally required choices.

Sensitive Personal Information

We do not use or disclose sensitive Personal Information for purposes that require a right to limit under California law unless we provide the required notice and choice.

U.S. Privacy Requests

Depending on your state, you may request access, correction, deletion, portability, opt-out, limitation of sensitive-data use, or appeal of a denied request. Contact [email protected] to submit a request.

We will respond within the period required by applicable law. For California requests, we generally respond within 45 days, unless an extension is permitted. We may verify your identity and, where allowed, deny requests that we cannot verify, that conflict with legal obligations, or that are otherwise exempt.

Authorized agents may submit requests where permitted by law, but we may require proof of authorization and verification of the consumer's identity.

Legal Requests and Enforcement

We may preserve, use, or disclose Personal Data when we believe it is reasonably necessary to:

  • comply with law, subpoenas, court orders, government requests, or legal process;
  • enforce our Terms of Service or other agreements;
  • detect, investigate, or prevent fraud, abuse, security incidents, or technical issues;
  • protect the rights, property, safety, and security of ApolloTrail, users, or others;
  • establish, exercise, or defend legal claims.

Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will update the date above and provide additional notice where required by law.

If a change requires consent, we will request consent where required.

Definitions

Personal Data or Personal Information means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked to an identified or identifiable person.

Processing means any operation performed on Personal Data, such as collection, recording, storage, use, disclosure, transfer, deletion, or restriction.

Service means ApolloTrail and related websites, applications, features, APIs, and services.

User means an individual who accesses or uses the Service.

Controller means the person or entity that determines the purposes and means of processing Personal Data.

Processor or service provider means a person or entity that processes Personal Data on behalf of the controller or business.

Cookies and similar technologies include cookies, local storage, service workers, pixels, identifiers, and other technologies that store or access information on a device or browser.