Privacy policy
Last updated: May 2026
At Blimp, we take your privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and your rights under the General Data Protection Regulation (GDPR).
1. Who we are
Currently operated by: Diana Aya Falkenberger Strasse 160, 13088 Berlin Germany. Email: hello@we-blimp.com
Future entity: Blimp GbR (in Gründung), represented by Diana Aya and Liubov Höpfner. This policy will be updated once registration is complete; this will not change how your data is handled.
2. What data we collect
Account data: name, email address, password (hashed), and account preferences
Content you provide: information you enter into the Blimp canvas and related tools (your business ideas, plans, and related content)
Usage data: how you interact with the Service (e.g., features used, session activity)
Beta application data: if you applied for beta access, the information you submitted in that application
Communications: messages you send us (e.g., support requests)
3. How we use your data
We use your data to:
Provide and operate the Service, including AI-assisted features
Maintain your account and respond to support requests
Improve the Service based on aggregated, non-identifying usage patterns
Communicate with you about your account or material changes to the Service
We do not use the content you enter into Blimp to train AI models, and we do not sell, share, or distribute your business information to third parties for marketing or any other purpose.
4. Legal basis for processing
We process your data based on:
Contract (Art. 6(1)(b) GDPR) — to provide the Service you signed up for
Legitimate interest (Art. 6(1)(f) GDPR) — to maintain and improve the Service
Consent (Art. 6(1)(a) GDPR) — where required, e.g., for certain cookies (see Cookie Policy)
5. Who we share data with
We use the following service providers ("processors") to operate Blimp:
Hosting and database Supabase, hosted in the EU (Frankfurt, Germany).
AI processing To power certain in-app features, the relevant input is sent to the following providers, only as needed to generate a response to your request:
Lovable AI Gateway (using Google Gemini models) — for the in-app help chat
OpenAI (Whisper) — for voice-to-text transcription, if you use voice input
Perplexity AI — for deep research / search features
Payments: Stripe
Beta application handling: Make.com and ClickUp, used to process and manage beta access applications
Website hosting: Framer
We do not permit any provider to use your data for their own purposes, including AI model training.
International data transfers
Our hosting (Supabase) is located in the EU. The AI providers listed above (Lovable AI Gateway, OpenAI, and Perplexity AI) are based in the United States. When you use features that rely on these providers — such as the help chat, voice-to-text, or deep research search — the relevant data (e.g., your message, audio, or search query) is transferred to the US for processing.
Where this occurs, we rely on appropriate safeguards under GDPR. The providers listed above include Standard Contractual Clauses (SCCs), or equivalent GDPR transfer mechanisms, as part of their standard data processing terms.
6. Data retention
We retain your account data and content for as long as your account is active. If you delete your account, your data is deleted in line with the process described in Section 7, except where we are required to retain certain information by law.
7. Your rights
Under GDPR, you have the right to:
Access the personal data we hold about you
Correct inaccurate data
Request deletion of your data
Export your data (data portability)
Object to or restrict certain processing
Withdraw consent where processing is based on consent
You can access, export, and delete your account data directly via your account settings. For any other requests, contact us at hello@we-blimp.com.
You also have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU member state of your residence or place of work.
8. Security
We take reasonable technical and organizational measures to protect your data against unauthorized access, loss, or misuse. No system is completely secure, and we cannot guarantee absolute security.
9. Cookies
We use cookies and similar technologies as described in our Cookie Policy.
10. Changes to this policy
We may update this policy as Blimp evolves. We will notify you of material changes by email or in-app notification at least 14 days before they take effect.
11. Contact
Questions about this policy or your data: hello@we-blimp.com

