SheetFormula AI.

Privacy Policy

Last updated: June 12, 2025

1. Introduction

Sheet Formula AI ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we handle information in connection with your use of our website and services (collectively, the "Service"). We strive to minimize the personal data we collect and process, adhering to the principles of the General Data Protection Regulation (GDPR).

2. Data Controller

Sheet Formula AI is the data controller for the information processed according to this policy, except where otherwise stated (e.g., for payment processing).

3. Information We Process and Why

We aim to operate our Service by collecting as little personal data as possible. The information we process generally falls into the following categories:

When using our Google Sheets or Microsoft Excel extensions, we explicitly affirm that Google Workspace APIs and Microsoft APIs are not used to develop, improve, or train generalized AI and/or ML models. Furthermore, no API requests or responses (including your data or formulas) are saved or used in any way to develop, improve, or train generalized AI and/or ML models.

  • Account Information: If you create an account, we process necessary information to manage your account, such as your email address and potentially a username. This is processed based on the necessity to perform our contract with you (providing the Service).
  • Payment Information: We do not directly collect or store your full payment card details. When you subscribe, you provide your payment information directly to our third-party payment processor, Stripe. Stripe processes your payment information according to their Privacy Policy. We may receive limited information from Stripe, such as the last four digits of your card, expiration date, and billing postcode, for verification, support, and record-keeping purposes. This processing is necessary for the performance of our contract.
  • Formula Generation Input: The text or data you input into our Service for the purpose of generating formulas is processed to provide the core functionality. We process this data solely to generate the requested formula and do not store it long-term associated with your account, nor do we use it to personally identify you or train our AI models on your specific input data unless explicitly stated otherwise in a separate consent request. Additionally, no API requests or responses are saved or used to develop, improve, or train generalized AI and/or ML models. The legal basis for processing this input is the performance of the contract (providing the formula generation service).
  • Usage Data (Aggregated & Anonymized): We may collect technical information about how you interact with our Service (e.g., feature usage, performance metrics). This data is collected in an aggregated and anonymized form and cannot be used to identify you personally. We use this data to improve the Service, based on our legitimate interest in maintaining and enhancing our product.
  • Contact Information: If you contact us via email (e.g., [email protected]) or the contact form, we will process your name, email address, and the content of your message to respond to your inquiry. This is based on our legitimate interest in providing customer support and communication.

We do not actively collect sensitive personal data.

4. Legal Basis for Processing (GDPR)

We process personal data based on the following legal grounds under GDPR:

  • Contract Performance: Processing necessary to provide the Service you subscribed to (e.g., account management, processing formula requests, facilitating payments via Stripe).
  • Legitimate Interests: Processing for purposes like improving our Service (using anonymized data), security, and responding to user inquiries, provided these interests are not overridden by your data protection rights.
  • Consent: Where required by law (though we aim to minimize reliance on consent), we will obtain your explicit consent before processing data for specific purposes (e.g., certain types of cookies or marketing communications).
  • Legal Obligation: Processing necessary to comply with legal requirements (e.g., tax laws, accounting regulations).

5. Data Storage and International Transfers

Our primary servers and data processing infrastructure are located within the European Union (EU). We take appropriate technical and organizational measures to ensure your data is stored securely and protected against unauthorized access, loss, or destruction.

While our main operations are EU-based, some necessary third-party services (like Stripe for payment processing) may process data outside the EU. We ensure that any such transfers rely on appropriate safeguards as required by GDPR, such as Standard Contractual Clauses (SCCs) or adequacy decisions.

6. Data Sharing

We do not sell your personal data. We share information only in the following limited circumstances:

  • Service Providers: With third-party vendors who help us operate our Service, such as payment processors (Stripe), hosting providers (within the EU), and potentially analytics or support tool providers. These providers are contractually obligated to protect your data and use it only for the services they provide to us.
  • Legal Requirements: If required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law (e.g., for tax or accounting purposes). Data related to formula generation requests is not stored long-term in an identifiable way. Account information is retained as long as your account is active and for a reasonable period thereafter as necessary for our records or legal obligations.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or UK, you have certain data protection rights:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification.
  • The right to object to processing.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent (where processing is based on consent).

You can exercise some of these rights through your account settings. For other requests, please contact us at [email protected]. We may need to verify your identity before responding to your request.

You also have the right to complain to a Data Protection Authority about our collection and use of your Personal Data.

9. Cookies

We use minimal cookies necessary for the functioning of our website (e.g., session management, security). For detailed information about the cookies we use, please see our Cookie Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: [email protected].