Quick Navigation

1. Information We Collect

Account Information:

Email address and password (encrypted)
Account creation timestamp and IP address
Subscription tier and payment status
Usage statistics and generation counts

Product Information You Provide:

Product names, descriptions, and features you input
Selected categories, tones, and target audiences
Keywords and custom specifications
Generated product descriptions you save

Technical Information:

IP address, browser type, and device information
Session data and authentication tokens
Usage patterns and feature interactions
Error logs and performance metrics

Enhanced Tracking (With Your Consent):

Browser fingerprinting data for abuse prevention (screen resolution, timezone, installed fonts, hardware information)
Cross-session identification to prevent limit bypassing
Anonymous device characteristics (cannot identify you personally)
Automatically deleted after 30 days for privacy compliance

Your Choice: Enhanced tracking is optional and requires your explicit consent. You can opt out at any time and still use our service with basic tracking only.

Payment Information:

Payment method details (processed by Stripe)
Billing address and tax information
Transaction history and subscription changes
Refund and cancellation records

2. Cookies & Tracking Technologies

Cookie Usage

We use cookies and similar technologies to ensure the functionality of our service, analyze usage patterns, and support essential features such as login sessions. You can manage cookies via your browser settings.

Types of Cookies & Tracking We Use:

Essential Cookies: Required for authentication, session management, and core functionality
Analytics Cookies: Help us understand how users interact with our service (Vercel Analytics)
Payment Cookies: Enable secure payment processing through Stripe
Preference Cookies: Remember your settings like dark/light mode preferences
Guest Tracking: Multiple storage methods (cookies, localStorage, sessionStorage) to prevent abuse of free services
Browser Fingerprinting: Optional advanced tracking with explicit consent for enhanced abuse prevention

Browser Fingerprinting Details:

With Your Consent Only: We may collect browser fingerprinting data to prevent abuse of our free service.

Screen resolution and color depth
Timezone and language settings
Installed fonts and plugins
Hardware specifications (anonymized)
Browser version and capabilities

This data cannot identify you personally and is used solely for abuse prevention. All fingerprint data is automatically deleted after 30 days.

Managing Cookies:

You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our service, particularly authentication and payment features.

3. How We Use Your Information

AI Processing

Your product information is sent to Anthropic Claude 3.5 Haiku AI to generate descriptions. This data is processed temporarily and not stored permanently by Anthropic.

Service Provision:

Generate AI-powered product descriptions
Provide SEO optimization suggestions
Track usage limits and subscription features
Save and organize your generated content

Account Management:

Authenticate and secure your account
Process payments and manage subscriptions
Provide customer support and technical assistance
Send important account and service notifications

Service Improvement:

Analyze usage patterns to improve our AI prompts
Monitor system performance and reliability
Develop new features and enhancements
Ensure compliance with our Terms of Service

4. Information Sharing and Third Parties

We do not sell, rent, or trade your personal information to third parties for commercial purposes. We only share data with trusted service providers necessary for our operations.

Essential Service Providers:

Anthropic Claude AI

Product information is sent to generate descriptions. Data is processed but not permanently stored by Anthropic.

Stripe (Payment Processing)

Payment information, billing details, and transaction data for subscription management and refunds.

Supabase (Database & Authentication)

Account data, generated content, and usage statistics stored securely with encryption.

Vercel (Hosting & Analytics)

Website hosting, performance monitoring, and anonymized usage analytics.

Legal Requirements:

We may disclose information when required by law, court order, or to protect our rights, property, or safety of our users.

5. Data Security

Security Measures

End-to-end encryption for data transmission (HTTPS/TLS)
Encrypted password storage using industry-standard hashing
Row-level security policies in our database
Regular security audits and vulnerability assessments
Access controls and authentication for all systems
Secure API endpoints with rate limiting

Data Breach Response:

In the unlikely event of a data breach, we will notify affected users within 72 hours and take immediate steps to secure the system and investigate the incident.

6. Your Privacy Rights

GDPR & CCPA Compliance

We comply with the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) to protect your privacy rights.

You have the right to:

Access: Request a copy of all personal data we hold about you
Rectification: Correct inaccurate or incomplete information
Erasure: Request deletion of your personal data ("right to be forgotten")
Portability: Receive your data in a structured, machine-readable format
Restriction: Limit how we process your personal data
Objection: Object to processing based on legitimate interests
Withdraw Consent: Revoke consent for data processing at any time

How to Exercise Your Rights:

To exercise any of these rights, please contact us at privacy@productdescai.com. We will respond to your request within 30 days.

7. Data Retention

Retention Periods:

Account Data: Retained while your account is active, plus 3 years after deletion
Generated Content: Retained while your account is active, deleted upon account closure
Payment Data: Retained for 7 years for tax and accounting purposes
Usage Logs: Retained for 2 years for service improvement and security
Support Communications: Retained for 3 years after resolution

Automated Deletion:

We automatically delete temporary data (AI processing requests, session tokens) within 24 hours. Inactive accounts are reminded and may be deleted after 2 years of inactivity.

8. International Data Transfers

Data Processing Locations:

Primary data processing occurs in the United States
Supabase data centers are located in the US with GDPR compliance
Anthropic AI processing occurs in the US with appropriate safeguards
Stripe payment processing follows international data protection standards

Safeguards:

All international transfers are protected by appropriate safeguards including encryption, standard contractual clauses, and adequacy decisions where applicable.

9. Children's Privacy

Age Restriction

ProductDescAI is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

10. Changes to This Privacy Policy

Notification of Changes:

We will notify users via email of any material changes to this Privacy Policy
Updates will be posted on this page with a new "Last Updated" date
Continued use of our service after updates constitutes acceptance
For significant changes, we may require explicit re-consent

11. Contact Us

Privacy Questions & Requests:

Email: support@productdescai.com

Response Time: Within 72 hours for privacy requests

12. Governing Law

This policy is governed by and interpreted in accordance with the laws of the State of Delaware, United States.