Privacy Policy

• To provide and maintain our service
• To authenticate and authorize your access
• To improve our platform and user experience
• To analyze usage patterns and performance
• To communicate important updates
• To detect and prevent fraud or abuse
• To comply with legal obligations

• End-to-end encryption for data in transit (HTTPS/TLS)
• Encryption at rest for stored data
• Row-level security policies on all database tables
• Secure authentication via Supabase
• Regular security reviews and updates
• SOC 2 Type II compliance at the Supabase infrastructure layer

• User Data: Retained while your account is active
• Activity Logs: Retained for 90 days and then archived
• Analytics Data: Aggregated and anonymized after 6 months
• Deleted Accounts: Permanently deleted within 30 days

• Access the personal data we hold about you
• Correct inaccurate or incomplete information
• Request deletion of your account and data
• Withdraw consent for non-essential cookies
• Export your data where applicable

To exercise these rights, visit your Account Settings or contact us.

We rely on the following third-party services:

• Supabase: Database, authentication, and storage
• Google OAuth: Optional authentication method
• OpenRouter/OpenAI: AI request processing when applicable

These providers maintain their own privacy policies and data processing practices.

Your data may be processed outside the European Economic Area when our service providers operate in other jurisdictions.

• Standard Contractual Clauses and other appropriate safeguards
• Technical and organizational security measures
• Ongoing review of the protections offered by our providers

If you have questions about this Privacy Policy or how we handle personal data, contact us using the email address below.

• Email: [email protected]
• Support: [email protected]