GoodTalk← Back to home

Privacy Policy

Last updated: 3 June 2026

This Privacy Policy explains how Nicolette Jooste ("GoodTalk", "we", "us") collects and uses your personal data when you use the GoodTalk web application (the "Service"). GoodTalk is operated as a sole trader based in the United Kingdom, and acts as the data controller for personal data processed through the Service.

1. Personal data we collect

  • Account data — your email address and an encrypted password when you create an account.
  • Usage data — the questions and context you submit to the Service in order to receive AI-generated guidance, plus token balance and history.
  • Technical data — IP address, browser type, device information and basic log data needed to operate and secure the Service.
  • Payment data — name, billing address and card details are collected and processed by our payment provider, Paddle. We do not see or store your card number. We receive a confirmation that a payment was made, the amount, and a Paddle transaction ID.

2. How we use your data

  • To create and operate your account and provide the Service (contract).
  • To process payments and issue refunds via Paddle (contract).
  • To generate AI responses to the prompts you submit (contract).
  • To keep the Service secure and prevent fraud or abuse (legitimate interests).
  • To comply with our legal and tax obligations (legal obligation).

3. Where your data is stored

Account and usage data is stored using Lovable Cloud, our managed backend platform, which hosts data on infrastructure inside the EU/UK region where available. Payment data is held by Paddle as Merchant of Record. AI prompts are processed by trusted third-party AI providers solely for the purpose of generating your response.

4. Sharing your data

  • Paddle.com Market Ltd — payment processing, billing, tax, and customer-payment support as our Merchant of Record.
  • Lovable Cloud — hosting, database and authentication.
  • AI model providers — to generate the AI responses you request.
  • Authorities — where we are legally required to disclose data.

We do not sell your personal data.

5. International transfers

Some of our providers may process data outside the UK/EEA. Where this happens we rely on appropriate safeguards such as UK adequacy decisions or the ICO's International Data Transfer Agreement / Standard Contractual Clauses.

6. How long we keep your data

We keep account and usage data for as long as your account is active. If you delete your account, we delete or anonymise your personal data within 30 days, except where we are required to keep records (for example, financial records kept for 6 years for UK tax purposes).

7. Your rights under UK GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data corrected.
  • Ask us to erase your data ("right to be forgotten").
  • Restrict or object to how we use your data.
  • Receive your data in a portable format.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, email us at the address below. We will respond within one month.

8. Security

We apply appropriate technical and organisational measures including encryption in transit, hashed passwords, access controls and audit logging.

9. Cookies

We use only strictly necessary cookies and local storage required to keep you logged in and to track your free-question count before sign-up. We do not use advertising or cross-site tracking cookies.

10. Contact

Data controller: Nicolette Jooste (sole trader), United Kingdom.
Contact email: hello@goodtalk.example (placeholder — update before going live)