1. Information We Collect

We collect information you provide when creating an account, configuring workspaces, and using the Service:

  • Account information: email address and password
  • Workspace settings: brand voice, industry, target audience, website URL, brand colors, and content pillars
  • Generated content: posts, replies, blogs, and newsletters you create through the Service
  • Brand assets: images and files you upload to the Service
  • Usage data: API calls, content generation counts, and feature usage
  • Payment information: processed securely by Stripe. We do not store credit card numbers.

2. How We Use Your Information

We use your information to:

  • Provide and improve the Service
  • Generate AI content tailored to your brand voice and settings
  • Process payments and manage subscriptions
  • Send important service notifications
  • Monitor and enforce usage limits
  • Analyze usage patterns to improve the product

3. Brand Detection and Website Analysis

When you provide a website URL for brand detection, we fetch publicly available information from that URL (meta tags, page content, Open Graph data) to analyze your brand voice and industry. This information is processed by our AI and stored as workspace settings. We only analyze URLs you explicitly provide.

4. AI Processing

Content generation is performed using third-party AI models (OpenAI GPT-4o, DALL-E 3). Your workspace settings and content prompts are sent to these services for processing. We recommend reviewing the privacy policies of these providers. We do not use your content to train AI models.

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Stripe: for payment processing
  • OpenAI: for AI content generation
  • Supabase: for data storage and authentication
  • Vercel: for hosting

We may also disclose information if required by law or to protect the rights, safety, or property of our users.

6. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) with row-level security policies. API keys are stored as SHA-256 hashes. We use HTTPS for all data transmission. While we implement reasonable security measures, no system is 100% secure.

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Object to processing of your data

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

10. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect information from children.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify users of material changes via the Service. Continued use after changes constitutes acceptance.