Privacy Policy

1. Information We Collect

Information You Provide

• Account Information — When you create an account, we collect your name, email address, and password. If you sign up using a third-party authentication provider (such as Google), we receive your name and email from that provider.
• Payment Information — When you purchase credits or subscribe to a plan, payment is processed by our third-party payment processor (Stripe). We do not store your full credit card number, CVV, or bank account details. We receive and store a transaction ID, the last four digits of your card, and billing address for record-keeping purposes.
• Generated Content — When you use Copy Create to generate marketing content, we process the information you provide in your briefs (business descriptions, audience details, product information, etc.) and store the AI-generated content produced by the Service. Each generation consumes credits from your account balance.
• Communications — If you contact our support team, we collect the content of your messages and any attachments you provide.

Information Collected Automatically

• Usage Data — We collect information about how you interact with the Service: pages visited, features used, content types generated, credits consumed, session duration, and referring URLs.
• Device and Browser Information — We collect your IP address, browser type and version, operating system, device type, and screen resolution.
• Cookies and Similar Technologies — We use cookies and similar tracking technologies as described in our Cookie Policy.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery — To create and manage your account, process your briefs through our AI content generation system, deliver generated marketing content, and track your credit balance.
• Payment Processing — To process credit purchases and subscription payments, issue receipts, and manage your billing history.
• Service Improvement — To understand how the Service is used, identify bugs and performance issues, and develop new features and content types.
• Communication — To send you account-related notifications (purchase confirmations, credit balance alerts, policy updates) and, with your consent, marketing communications about new features and offers.
• Security — To detect and prevent fraud, abuse, and unauthorized access to the Service.
• Legal Compliance — To comply with applicable laws, regulations, and legal processes.

We do not sell your personal information. We do not use the content of your briefs or generated outputs to train AI models.

3. How We Share Your Information

We share personal information only in the following circumstances:

• Payment Processor (Stripe) — We share necessary billing information with Stripe to process payments. Stripe's privacy policy governs their handling of your data: stripe.com/privacy.
• AI Provider — Your brief inputs are sent to our AI provider to generate content. These inputs are processed in real time and are not retained by the AI provider for model training. We contractually require our AI provider to process data solely for the purpose of providing the Service.
• Analytics Providers — We use analytics tools to understand Service usage. These providers receive anonymized or pseudonymized usage data.
• Legal Requirements — We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers — In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction. We will notify you of any such change.

We do not share your generated content with other users or make it publicly accessible.

4. Cookies

We use cookies and similar technologies for essential functionality, analytics, and preference storage. For full details on the cookies we use and how to manage them, please see our Cookie Policy.

5. Data Retention

• Account Data — We retain your account information for as long as your account is active. If you delete your account, we remove your personal information within 30 days, except where retention is required for legal or regulatory purposes.
• Generated Content — Your briefs and AI-generated content are retained in your account for as long as your account is active. You can delete individual generations at any time from your dashboard.
• Payment Records — We retain transaction records for 7 years to comply with financial and tax regulations.
• Usage Data — Anonymized usage data may be retained indefinitely for analytics purposes.

6. Data Security

We implement industry-standard security measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Secure authentication with hashed and salted passwords.
• Regular security assessments and monitoring.
• Access controls limiting employee access to personal data on a need-to-know basis.

No method of electronic storage or transmission is 100% secure. While we take reasonable steps to protect your information, we cannot guarantee absolute security.

7. Your Rights

For All Users

You have the right to:

• Access your personal information stored in your account.
• Correct inaccurate information by updating your account settings.
• Delete your account and associated personal information.
• Export your generated content from your dashboard.
• Opt out of marketing communications at any time using the unsubscribe link in any email.

Additional Rights for EU/UK Residents (GDPR)

If you are located in the European Union or United Kingdom, you also have the right to:

• Withdraw consent for data processing where consent is the legal basis.
• Data portability — Receive your personal data in a structured, machine-readable format.
• Restrict processing under certain circumstances.
• Object to processing based on legitimate interests.
• Lodge a complaint with your local data protection authority.

Our legal basis for processing personal data under GDPR includes: performance of a contract (Service delivery), legitimate interests (analytics, security), consent (marketing communications), and legal obligations.

Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose.
• Delete your personal information (subject to certain exceptions).
• Opt out of the sale of personal information — We do not sell personal information.
• Non-discrimination — We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at [email protected].

8. Children's Privacy

Copy Create is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected information from a child under 16, we will delete it promptly.

9. International Data Transfers

If you access the Service from outside the country where our servers are located, your information may be transferred across borders. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required by GDPR.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a prominent notice on the Service. Your continued use of the Service after the changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at: