Privacy policy

Effective Date: 01.06.2026

1. Introduction

365 Company Ltd (“365 Company”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, store, disclose, and protect information when you access or use Guidy, including the website located at www.guidy.ai, the Guidy desktop application, and any related products, services, software, features, and functionality (collectively, the “Platform”).

Guidy is an AI-powered desktop assistant that provides contextual guidance, recommendations, workflow assistance, and software navigation support through the analysis of screen content and user interactions.

By creating an account, accessing the Platform, or using the Services, you acknowledge that you have read and understood this Privacy Policy.

If you do not agree with this Privacy Policy, you must not use the Platform.

2. Information about the data controller

For the purposes of applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the data controller is:

365 Company Ltd

UIC: 205339138

VAT Number: BG205339138

Registered Address:
15 Henrik Ibsen Str. (Office Srebarna), floor 7, 1407, Sofia, Republic of Bulgaria;

Business Address:
Henrik Ibsen Str. (Office Srebarna), floor 7, 1407, Sofia, Republic of Bulgaria;

Email: support@guidy.ai

Website: www.guidy.ai

3. Information we collect

3.1 Account Information

When you create a Guidy account, we may collect:

  • Name;
  • Email address;
  • Password (stored in encrypted or hashed form);
  • Account preferences and settings;
  • Account Type, Premium Plan, Credit Pack, and transaction information;
  • Information provided when communicating with customer support.

We do not store or have access to your plaintext password.

3.2 Screen Data

Guidy’s core functionality requires temporary analysis of information displayed on your screen. When you request assistance through Guidy, the Platform may temporarily process:

  • Screenshots;
  • Screen content;
  • User interface information;
  • Accessibility metadata;
  • Application information;
  • Related contextual information necessary to provide AI-powered guidance.

Screen data is processed solely for the purpose of providing the requested Service. Guidy does not store screenshots or maintain a persistent archive of screen content. Screenshots are processed in real time and are discarded after the requested guidance has been generated and delivered.

IMPORTANT: Information visible on your screen may contain personal, confidential, financial, business, medical, legal, or other sensitive information.

To help protect user privacy, Guidy utilizes specialized privacy and data protection technologies designed to identify and mask certain categories of sensitive information before screenshots or screen content are processed by artificial intelligence providers.

While these measures are intended to reduce the exposure of sensitive information, no automated detection or masking system can guarantee the identification or protection of all sensitive content in every circumstance.

Accordingly, Users should exercise appropriate caution when using the Services and remain responsible for determining whether information displayed on their screen is appropriate for processing through Guidy.

By using Guidy, you acknowledge that information visible on your screen may be processed as part of the normal operation of the Platform.

You are responsible for determining whether information displayed on your screen is appropriate for processing through Guidy.

3.3 User Requests and AI Interactions

When you interact with Guidy, your requests may be processed to generate AI-powered guidance and recommendations.

Guidy does not maintain a persistent history of user conversations, prompts, screenshots, or AI-generated responses for future retrieval by Users.

User requests and AI interactions are processed only for the purpose of generating and delivering the requested guidance.

3.4 Usage Information

We collect limited information regarding how the Platform is used, including:

  • Categories of tasks requested;
  • Credit consumption;
  • Feature usage statistics;
  • Service usage frequency;
  • Error reports;
  • Diagnostic information;
  • Performance metrics;
  • Security and fraud-prevention information.

This information is used to operate, maintain, improve, secure, and support the Platform.

We do not use stored screenshots or stored conversation histories for analytics purposes because such information is not retained.

3.5 Device and Technical Information

We may automatically collect technical information including:

  • Operating system and version;
  • Device type;
  • Application version;
  • Language settings;
  • Technical diagnostics;
  • Crash reports;
  • System performance information;
  • Security-related logs.

Such information is collected solely for compatibility, troubleshooting, maintenance, security, and service improvement purposes.

3.6 Payment Information

Payments are processed by authorized third-party payment providers.

Company does not store complete payment card information.

We may receive limited billing information, transaction records, payment confirmations, and related information necessary to process purchases, manage Credits, comply with legal obligations, and provide customer support.

4. How we use your information

365 Company uses the information collected through Guidy for the following purposes:

4.1 Providing the Services

To provide AI-powered guidance, recommendations, workflow assistance, software navigation support, and other functionality requested by Users.

4.2 Account Management

To create and maintain User accounts, authenticate Users, manage Credits, process purchases, provide customer support, and communicate regarding account-related matters.

4.3 Service Improvement

To analyze usage patterns, identify technical issues, improve Platform performance, enhance reliability, and develop new features and functionality.

4.4 Security and Fraud Prevention

To detect, investigate, prevent, and respond to fraud, abuse, unauthorized access, security incidents, and violations of applicable laws or our Terms of Use.

4.5 Communications

To send transactional communications, including:

  • Account verification emails;
  • Security notifications;
  • Payment confirmations;
  • Purchase receipts;
  • Service announcements;
  • Customer support communications.

4.6 Legal Compliance

To comply with applicable laws, regulations, court orders, governmental requests, tax obligations, accounting requirements, and legal processes.

Where the GDPR or other applicable data protection laws apply, 365 Company processes personal data on one or more of the following legal bases:

5.1 Performance of a Contract

Processing necessary to provide the Services requested by the User, including:

  • Account creation and management;
  • Credit management;
  • Processing purchases;
  • Providing AI-powered guidance;
  • Customer support.

5.2 Legitimate Interests

Processing necessary for our legitimate interests, including:

  • Improving the Platform;
  • Maintaining security;
  • Preventing fraud and abuse;
  • Diagnosing technical issues;
  • Protecting our legal rights;
  • Operating and developing our business.

5.3 Consent

Where required by law, we process information based on the User’s consent, including certain marketing communications and other optional activities. Users may withdraw consent at any time where processing is based on consent.

5.4 Legal Obligations

Processing necessary to comply with legal obligations, including accounting, tax, anti-fraud, regulatory, and law enforcement requirements.

6. Third-party AI providers

Guidy relies on third-party artificial intelligence providers to generate guidance, recommendations, and other AI-powered functionality.

6.1 AI Processing

When a User requests guidance, relevant information may be transmitted to third-party AI providers for processing, including:

  • User requests;
  • Temporary screenshot data;
  • User interface information;
  • Application context;
  • Information necessary to generate the requested guidance.

6.2 AI Providers

Guidy may use one or more artificial intelligence providers, including but not limited to:

  • OpenAI;
  • Anthropic;
  • Microsoft;
  • Google;
  • Other AI service providers selected by 365 Company.

The list of providers may change over time as the Platform evolves.

6.3 Provider Data Handling

365 Company seeks to work with providers that offer appropriate privacy and security protections. However, 365 Company does not control the privacy practices, operational procedures, or future policies of third-party providers. Users are encouraged to review the privacy policies of relevant providers where appropriate.

6.4 No Training of Models by 365 Company

365 Company does not use screenshots, user prompts, or AI responses retained from Guidy sessions to train proprietary AI models because such content is not retained as persistent user history.

7. Payment processing

Payments for Premium Plans, Credit Packs, and other Services are processed by authorized third-party payment processors.

7.1 Payment Information

When making a purchase, payment information is transmitted directly to the relevant payment processor. 365 Company does not store complete payment card information, card numbers, expiration dates, or security codes.

7.2 Information Received

We may receive limited information necessary to process transactions, including:

  • Payment confirmations;
  • Transaction identifiers;
  • Billing information;
  • Purchase history;
  • Credit allocation information.

7.3 Third-Party Payment Providers

Payment processing is subject to the terms, privacy policies, and security practices of the relevant payment provider. 365 Company is not responsible for the operation, availability, or security practices of third-party payment processors.

8. Data retention

365 Company retains personal information only for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and protect the Platform.

The following retention practices apply:

8.1 Screen Data

Screenshots, screen content, user interface information, and related contextual information are processed temporarily for the purpose of generating AI-powered guidance.

Guidy does not maintain a persistent archive of screenshots or screen content.

Such information is discarded after the requested guidance has been generated and delivered.

8.2 User Requests and AI Interactions

Guidy does not maintain a persistent history of user prompts, screenshots, conversations, or AI-generated responses for future retrieval by Users.

User requests and AI interactions are processed only for the purpose of generating and delivering the requested Services.

8.3 Account Information

Account information may be retained for as long as the User maintains an active Account.

Following account deletion, personal information will be deleted or anonymized within a reasonable period unless retention is required by law or necessary for the establishment, exercise, or defense of legal claims.

8.4 Operational and Security Data

Usage statistics, diagnostic information, performance metrics, fraud-prevention information, and security logs may be retained for operational, security, compliance, and service improvement purposes.

8.5 Financial Records

Transaction records, invoices, and accounting information may be retained for the periods required under applicable tax, accounting, financial, and regulatory laws.

9. Data sharing and disclosure

365 Company does not sell personal information. We may share information only in the circumstances described in this Privacy Policy.

9.1 Artificial Intelligence Providers

Information necessary to generate AI-powered guidance may be shared with third-party AI providers as described in Section 6.

9.2 Payment Providers

Transaction-related information may be shared with payment processors and financial service providers for payment processing, fraud prevention, accounting, and compliance purposes.

9.3 Service Providers

365 Company may engage trusted service providers to assist with:

  • Hosting services;
  • Cloud infrastructure;
  • Security services;
  • Analytics;
  • Customer support;
  • Technical operations;
  • Legal and compliance services.

Such providers may process information only to the extent necessary to perform services on our behalf.

9.4 Legal Requirements

We may disclose information where required by:

  • Applicable law;
  • Court orders;
  • Government authorities;
  • Regulatory obligations;
  • Law enforcement requests;
  • Legal proceedings.

9.5 Protection of Rights

We may disclose information where reasonably necessary to:

  • Protect the rights, property, or safety of 365 Company;
  • Protect Users or third parties;
  • Investigate fraud, abuse, security incidents, or violations of law;
  • Enforce our Terms of Use and other agreements.

9.6 Business Transactions

In the event of a merger, acquisition, financing transaction, restructuring, sale of assets, or similar business transaction, information may be transferred to the relevant successor entity.

10. International data transfers

Guidy may use service providers, infrastructure providers, artificial intelligence providers, and payment processors located in countries outside the European Economic Area (“EEA”).

Where personal information is transferred outside the EEA, 365 Company will implement appropriate safeguards as required by applicable law, including:

  • Adequacy decisions issued by the European Commission;
  • Standard Contractual Clauses;
  • Other lawful transfer mechanisms recognized under applicable law.

By using the Platform, the User acknowledges that certain processing activities may involve international data transfers.

11. Data security

365 Company implements reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, loss, destruction, or misuse. Such measures may include:

  • Encryption of data in transit;
  • Access controls;
  • Authentication mechanisms;
  • Security monitoring;
  • Infrastructure security measures;
  • Internal access restrictions.

Despite these safeguards, no method of electronic transmission, storage, or processing can be guaranteed to be completely secure.

Accordingly, 365 Company cannot guarantee absolute security and disclaims liability for events beyond its reasonable control.

Users are responsible for maintaining the confidentiality of their account credentials and for protecting access to their devices and accounts.

12. Your privacy rights

Subject to applicable law, Users may have the following rights regarding their personal information.

12.1 Right of Access

The right to request information regarding the personal data we process and obtain a copy of such information.

12.2 Right to Rectification

The right to request correction of inaccurate or incomplete personal information.

12.3 Right to Erasure

The right to request deletion of personal information where permitted by applicable law.

12.4 Right to Restrict Processing

The right to request restriction of certain processing activities under applicable law.

12.5 Right to Data Portability

The right to receive personal information in a structured, commonly used, and machine-readable format where applicable.

12.6 Right to Object

The right to object to certain processing activities based on legitimate interests.

12.7 Right to Withdraw Consent

Where processing is based on consent, the User may withdraw consent at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out before withdrawal.

12.8 Right to Lodge a Complaint

Users located within the European Union have the right to lodge a complaint with the competent supervisory authority responsible for data protection matters. Requests relating to privacy rights may be submitted to: support@guidy.ai

14. Cookies and tracking technologies

The Guidy desktop application does not use browser cookies. The Guidy website may use cookies and similar technologies necessary for:

  • Authentication;
  • Security;
  • Session management;
  • Website functionality;
  • Performance monitoring.

Where required by applicable law, Users will be provided with appropriate notice and consent options regarding non-essential cookies.

15. Changes to this Privacy Policy

365 Company may update this Privacy Policy from time to time.

The most current version will always be available on the Platform and will indicate the effective date of the latest revision.

Where required by applicable law, material changes will be communicated through the Platform, email, or other reasonable means.

Continued use of the Platform after the effective date of an updated Privacy Policy constitutes acknowledgment of the revised Privacy Policy.

16. Contact information

Questions, requests, concerns, or complaints regarding this Privacy Policy or the processing of personal information may be directed to:

365 Company Ltd

UIC: 205339138

Registered Address:
15 Henrik Ibsen Str. (Office Srebarna), floor 7, 1407, Sofia, Republic of Bulgaria;

Business Address:
15 Henrik Ibsen Str. (Office Srebarna), floor 7, 1407, Sofia, Republic of Bulgaria;

Email:
support@guidy.ai

Website:
www.guidy.ai

365 Company will make reasonable efforts to respond to privacy-related inquiries within the time periods required by applicable law.