The short version
Your dreams are yours. We process them to give you an interpretation, then we let them go. We don’t store your dream text on our servers, we don’t use it to train AI models, and we never sell or share your personal data. This policy explains exactly what we collect, why, and what happens to it.
1. Who we are
Somniary is an EU-based dream interpretation service operated from the Czech Republic. As an EU operator, all data processing is subject to the General Data Protection Regulation (GDPR). We are the data controller for personal data processed through somniary.com.
For any privacy-related questions, contact us at hello@somniary.com.
2. What data we collect and why
2.1 Dream text and mood selection
What: The text you write in our dream interpreter and the mood you select.
Why: To generate your personalized dream interpretation using AI.
Legal basis: Your consent (GDPR Art. 6(1)(a)) – you actively choose to submit your dream.
Sensitive data notice (GDPR Art. 9): Dream descriptions may incidentally contain special categories of personal data – such as information relating to your health, intimate life, religious beliefs, or emotional state. By submitting your dream text, you provide your explicit consent (Art. 9(2)(a)) for the processing of any such sensitive data, solely and exclusively for the purpose of generating your personalized interpretation. This data is not stored, profiled, or used for any other purpose.
Retention: Your dream text is sent to our AI provider (Anthropic) for processing and is not stored on our servers. Once the interpretation is generated, the dream text exists only in your browser session. When you close the tab, it is gone.
2.2 Payment information (paid plans)
What: Name, email, payment card details. Why: To process your subscription payment. Legal basis: Performance of a contract (GDPR Art. 6(1)(b)). Retention: Payment processing is handled entirely by Stripe, Inc. We do not store your full card number.
2.3 Usage analytics
What: Anonymized, aggregated data about site usage. Why: To improve Somniary. Legal basis: Legitimate interest (GDPR Art. 6(1)(f)). Retention: Up to 26 months, non-identifiable.
2.4 Email address (if you create an account)
What: Your email address. Why: Authentication, recovery, and (with consent) updates. Legal basis: Contract (Art. 6(1)(b)) for functionality; consent (Art. 6(1)(a)) for marketing. Retention: Until you delete your account.
3. How your dream interpretation works
When you click "☽ Read Your Dream", your dream text is sent from your browser to our EU-based server, forwarded to Anthropic’s Claude API for processing, and the interpretation is returned and displayed. We do not log, store, or save your dream text at any point – it exists in server memory only for the duration of the API call and is discarded immediately after.
Your dreams are never used to train AI models. Anthropic’s API usage policy explicitly states that API inputs are not used for model training. We have no access to your dream text after the interpretation is delivered. No human at Somniary reads your dreams. No dataset of user dreams exists. This is by design, not by accident.
4. Cookies
Essential cookies: Minimal, required for function, no consent needed. Analytics cookies: Consent required before placement. We do not use advertising cookies, social media cookies, or cross-site tracking of any kind.
5. Third-party services
Anthropic (Claude) – AI interpretation, dream text shared but not stored. Stripe – payment processing. Forpsi (Czech Republic) – hosting, server logs stored within the EU. We do not sell, rent, or share your data with anyone else.
6. International data transfers
Somniary is based in the Czech Republic (EU). Our hosting infrastructure is located within the European Union. When your dream text is sent to Anthropic (US) for AI processing, and when payments are processed by Stripe (US), these transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission. Your data is never stored outside the EU – it is only temporarily processed by US-based AI and payment providers and immediately discarded.
7. Your rights under GDPR
As an EU/EEA resident, you have the right to: access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent. Contact hello@somniary.com – we respond within 30 days. You may also lodge a complaint with the Office for Personal Data Protection (ÚOOÚ).
8. Data security
All transmission is encrypted via HTTPS/TLS. Secure infrastructure. Restricted access. Regular security reviews. For a full explanation of our technical and ethical safeguards, see Security & Ethics.
9. Children’s privacy
Somniary is not intended for children under 16. We do not knowingly collect data from children.
10. Changes to this policy
Material changes will be announced on our website at least 30 days before taking effect.
11. Contact
Email: hello@somniary.com. For the full legal contact path, see the contact page.