Legal · Privacy · updated Apr 2026
Privacy Policy
1. Who We Are
ColPort Mill ("Mill", "we", "us") is an AI-powered SCORM course generator operated by ColPort. Our platform is hosted on EU servers in Frankfurt, Germany.
2. Data We Collect
- Account data: Name, email, password (hashed), organization name
- Course data: Topics, content, generated courses, audio files, images
- Usage data: Credits used, courses created, login timestamps
- Payment data: Processed by Stripe (we don't store card numbers)
3. How We Use Your Data
- To provide the course generation service
- To process payments and manage subscriptions
- To improve our AI models and service quality
- To send service-related communications
4. Third-Party Processors
- Anthropic (Claude AI): Content generation — US-based, DPA in place
- Google Cloud: Translation, TTS audio, image generation — EU processing available
- Hetzner Online GmbH: Database + application hosting — Falkenstein, DE
- Stripe: Payment processing — PCI DSS Level 1 certified
5. Data Retention
We retain your data for as long as your account is active. After subscription cancellation, course data is retained for 30 days, then permanently deleted. You can request immediate deletion at any time.
6. Your Rights (GDPR)
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data
- Portability: Export your data in a machine-readable format
- Objection: Object to data processing
7. Security
We use industry-standard security measures including HTTPS encryption, bcrypt password hashing, and EU-hosted infrastructure. All data is processed within the EU where possible.
8. Contact
For privacy inquiries: privacy@colport.io