Consula
Privacy

Privacy Policy

Last updated: 16 June 2026

This policy explains what personal data Consula collects, why we collect it, how we look after it, and the rights you have. We have tried to write it in plain language. If anything is unclear, please write to us at privacy@consula.nl and we will explain.

1. Who we are

Consula ("Consula", "we", "us") provides software that helps people prepare presentations, handouts, and facilitator plans. For the purposes of the General Data Protection Regulation (the GDPR), we are the "controller" of your personal data, which means we decide why and how it is processed.

Consula is operated from the Netherlands. For our full legal and registration details, or for any privacy request, write to privacy@consula.nl.

2. What we collect

We only collect what we need to run the service.

If you join the waitlist

  • Your email address.

If you create an account

  • Your email address and a password. Your password is stored only in a hashed form by our authentication provider, which means we never see or store the password itself.
  • An invite code you used to register.
  • Optional profile details you choose to add.

The content you give us

  • The briefs you type (such as your audience, goal, and duration), any files you upload (for example a PDF or an image), source text you paste, and the presentations, handouts, and plans the service generates for you.

Technical and usage data

  • Basic information your browser sends, such as your device and browser type, your IP address, an approximate location derived from that address, and timestamps.
  • Records of how the service is used, so we can keep it working and improve it.
  • Small pieces of data stored in your browser (cookies and local storage). See section 9.

3. Why we use your data, and our legal basis

Under the GDPR we must have a lawful reason ("legal basis") for each use of your data.

  • To provide the service you asked for (creating your account, generating your decks and documents, saving your work). Legal basis: performance of a contract with you.
  • To keep you on the waitlist and tell you when a spot opens. Legal basis: your consent, which you can withdraw at any time.
  • To keep the service secure, prevent abuse, and improve it. Legal basis: our legitimate interests in running a safe, reliable product, balanced against your rights.
  • To meet legal obligations where the law requires it. Legal basis: legal obligation.

4. How your content is processed

To generate your slides, handout, and plan, we send the brief and content you provide to trusted processing providers that produce the output on our behalf. We choose providers that, under their business terms, do not use content submitted through their service to train their systems, and we aim to process content on European infrastructure where that option is available.

Please do not paste highly sensitive personal data (for example health, financial, or government identifiers about identifiable people) into the service. You are responsible for having the right to use any material you submit. See our Terms for more on this.

5. Who we share data with

We do not sell your personal data, and we never will. We share it only with service providers ("processors") who help us run Consula, and only as far as needed. These include:

  • A hosting provider, for running the website and the application on European servers.
  • A database and authentication provider, for storing your account and content within the European Union.
  • A content-generation provider, for producing your outputs (see section 4).
  • An email provider, for sending the messages you ask for, such as your invite.

Each processor is bound by a contract that requires them to protect your data and use it only on our instructions. We may also disclose data if the law requires it, or to protect our rights and the safety of others.

6. Where your data is stored, and transfers outside Europe

Your account and content are stored on servers located in the European Union. Some processing may take place outside the European Economic Area depending on the provider and region in use. Where that happens, we rely on safeguards approved under the GDPR, such as the European Commission's Standard Contractual Clauses, to protect your data. We work towards keeping processing within Europe wherever it is practical.

7. How long we keep your data

  • Waitlist email: until you ask us to remove it, or until we close the waitlist.
  • Account and content: for as long as your account is open. If you close your account, we delete or anonymise your personal data within a reasonable period, unless we must keep some of it to meet a legal obligation.
  • Technical logs: for a limited period needed for security and troubleshooting.

8. Your rights

Under the GDPR you have the right to ask for a copy of your data (access), have inaccurate data corrected (rectification), have your data deleted (erasure), limit how we use it (restriction), receive it in a portable format (portability), object to certain uses including direct marketing (objection), and withdraw any consent you gave, at any time, without affecting earlier processing.

To use any of these rights, email privacy@consula.nl. We will respond within the time the law allows, normally one month. If you are unhappy with how we handle your data, you have the right to complain to the Dutch data protection authority, the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl), or the authority in your own country.

9. Cookies and local storage

We keep cookies and browser storage to a minimum. We use essential storage to keep you signed in and remember basic settings, which is needed for the service to work. If we add analytics, we will only use it with your consent, and you can decline without losing access. You can clear or block cookies in your browser settings, although some features may then stop working.

10. How we protect your data

We use technical and organisational measures appropriate to the risk, including encryption of data in transit and at rest, access controls, and the principle of least access. No system is perfectly secure, but we take protecting your data seriously and review our measures over time.

11. Children

Consula is not intended for children. In the Netherlands, children under 16 may only use services like this with the consent of a parent or guardian. If you believe a child has given us personal data without that consent, please contact us and we will remove it.

12. Changes to this policy

We may update this policy as the service grows or the law changes. When we make a material change, we will update the date above and, where appropriate, let you know by email or in the app.

13. Contact

For any privacy question or request, write to privacy@consula.nl. We are happy to help.