Legal
Privacy Policy
Effective date: 1 March 2026 · Last updated: 14 March 2026
PromptITIN ("PromptIt", "we", "us", or "our") operates the website promptitin.com and the PromptIt application. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and the rights you have over it. By using our service you agree to the practices described here.
1. Information We Collect
1.1 Account information
When you create an account we collect your email address and, if you sign in via Google, your public Google profile name and avatar. We do not store your password in plain text; authentication is managed by Supabase Auth.
1.2 Profile & onboarding data
During onboarding you may provide optional context about yourself — your profession, AI use cases, tone preferences, target audience, and skill level. This information is stored in your user profile and used solely to personalise the prompts we generate for you.
1.3 Prompt data
Every prompt you submit and every enhanced prompt we return is stored in your prompt library so you can access it later. You may delete individual prompts or your entire library at any time.
1.4 Usage & analytics data
We use PostHog to collect anonymous, aggregated usage analytics (page views, feature clicks, session duration). This data is never linked to an identifiable individual and is used only to improve the product.
2. How We Use Your Information
- To operate, maintain, and improve the PromptIt service.
- To personalise AI-generated prompts using your saved profile context.
- To manage your account, subscription, and billing via Dodo Payments.
- To send transactional emails (account verification, password reset, payment receipts). We do not send marketing emails without your explicit opt-in.
- To detect and prevent fraud, abuse, or violations of our Terms of Service.
- To comply with applicable legal obligations.
We do not sell, rent, or trade your personal data. We do not use your data to serve third-party advertisements.
3. Third-Party Services & Sub-processors
| Provider | Purpose | Data shared |
|---|---|---|
| Anthropic | AI prompt enhancement | Raw prompt text |
| Supabase | Database & authentication | Email, profile, prompts |
| Dodo Payments | Billing & subscriptions | Email, payment details |
| PostHog | Anonymous analytics | Aggregated usage events |
Each sub-processor is bound by their own privacy policy and, where applicable, a Data Processing Agreement (DPA) with us. Anthropic processes prompt data under their privacy policy.
4. Cookies & Local Storage
We use strictly necessary cookies to maintain your authenticated session (managed by Supabase) and local storage keys to track guest usage limits. We do not use advertising cookies or third-party tracking pixels. You may clear cookies and local storage at any time via your browser settings; doing so will sign you out.
5. Data Retention
We retain your account data for as long as your account is active. If you delete your account, all personal data including your prompt library and profile is permanently deleted within 30 days, except where retention is required by applicable law (e.g. financial records for tax purposes, which are kept for seven years).
6. Your Rights
Depending on your jurisdiction you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you.
- Rectification — ask us to correct inaccurate data.
- Erasure — request deletion of your data ("right to be forgotten").
- Portability — receive your prompt library as a structured export.
- Objection / Restriction — object to or restrict certain processing activities.
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
To exercise any of these rights, email privacy@promptitin.com. We will respond within 30 days.
7. Security
We implement industry-standard technical and organisational measures to protect your data, including encryption in transit (TLS), encrypted storage via Supabase, and strict Row-Level Security policies so users can only access their own data. No method of transmission or storage is 100% secure; if you discover a vulnerability please disclose it responsibly to security@promptitin.com.
8. Children's Privacy
PromptIt is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. If the changes are material, we will notify you by email or by displaying a prominent notice in the application before the changes take effect. Continued use of the service after the effective date constitutes your acceptance of the updated policy.
10. Contact Us
PromptITIN
Email: privacy@promptitin.com
Website: promptitin.com