Privacy Policy (GDPR) – Relicxs

Relicxs is a trade name of The Next Ten (“we”, “us”).

Country: The Netherlands

Contact: hello@relicxs.com

a) Data you provide

• Name, email, organization and role (if provided)
• Messages and information you submit in beta applications or contact forms
• Account information needed to provide login and access

b) Data we collect automatically

We currently do not use cookies for analytics or advertising. We may still process basic technical data needed to operate and secure the service (for example IP address, device/browser type, timestamps, and event logs).

c) Customer Data and uploaded content

If you upload files, metadata, descriptions, rights information, or other content to the service (“Customer Data”), that content may include personal data (for example author names, credits, or licensing contacts). You are responsible for ensuring you have the rights to upload and use Customer Data.

We use personal data to:

• Provide, maintain, secure, and support the service (including authentication)
• Review and process beta applications and onboarding
• Respond to inquiries and communicate service-related updates
• Monitor and prevent abuse, fraud, and security incidents
• Comply with legal obligations and enforce our agreements

We rely on:

• Contract (Art. 6(1)(b)) to provide the service you request
• Legitimate interests (Art. 6(1)(f)) to secure and improve the service and respond to inquiries
• Consent (Art. 6(1)(a)) where required (for example, if we introduce non-essential cookies later)
• Legal obligation (Art. 6(1)(c)) where applicable

The service may generate metadata suggestions (for example descriptions, tags, captions) using machine learning (“AI Outputs”). AI Outputs can be inaccurate or incomplete and should be reviewed where accuracy matters.

Model training: By default, customer-provided content is not used to train or fine-tune models for other customers. We may use aggregated or de-identified usage data to improve performance and reliability.

Please do not upload special categories of personal data under GDPR or other highly sensitive personal data unless explicitly agreed in writing (for example in an enterprise agreement and data processing addendum).

To run Relicxs, we rely on trusted providers for infrastructure (for example hosting, file storage, and email delivery). This can involve processing limited personal data (such as account email addresses or support messages). These providers are not allowed to use your data for their own purposes and must protect it.

We may also disclose personal data if required by law, or to protect rights, safety, and the integrity of the Services.

A list of subprocessors is available upon request.

We support users outside the EU/UK. Where personal data is transferred outside the EEA/UK, we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures where needed.

We keep personal data only as long as necessary:

• Beta applications and contact requests: typically up to 12 months after last interaction, unless you request deletion sooner
• Account data: while your account is active, then for a limited period for security, backups, and legal compliance
• Logs: retained for limited periods appropriate for security and troubleshooting

We use appropriate technical and organizational measures designed to protect personal data, including access controls and encryption in transit and at rest where applicable.

If you are in the EEA/UK, you may have rights to access, correct, delete, restrict, object, or port your personal data. You may also withdraw consent where processing is based on consent. You can lodge a complaint with your supervisory authority.

To exercise rights, contact hello@relicxs.com.

We currently do not use non-essential cookies. If we introduce them later, we will update this policy and request consent where required.

Questions: hello@relicxs.com