legal

Privacy Policy

Last updated: 2026-05-19

This Privacy Policy explains how toPrompt ("we", "us", or "our") collects, uses, and protects your personal information when you use our services.

1. Information We Collect

We collect the following types of information:

  • Account information — your name, email address, and password (stored as a one-way hash).
  • Usage data — pages you visit, features you use, prompts you submit, and the apps you generate.
  • Billing data — subscription plan, payment status, and transaction history. Card details are handled by our payment processor and never stored on our servers.
  • Technical data — IP address, browser type, device type, and similar diagnostic information.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process your transactions and manage your account.
  • Send you transactional emails (account verification, billing receipts, security alerts).
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with our legal obligations.

3. Sharing of Information

We do not sell your personal information. We share it only in the following limited cases:

  • Service providers — payment processors, email delivery, error monitoring, and hosting providers, each bound by data-processing agreements.
  • AI model providers — when you generate apps, your prompts are sent to third-party LLM providers (such as Anthropic and OpenAI) under their respective data-handling terms.
  • Legal requests — when required by valid legal process, and only to the extent strictly required.

4. Cookies and Tracking

We use first-party cookies and similar technologies to keep you signed in, remember your preferences, and analyze aggregate usage. You can disable cookies in your browser, but parts of the Service may stop working.

5. Data Retention

We retain your account data for as long as your account is active. Generated apps and project artifacts are retained according to your plan's storage policy. 

6. Security

We use industry-standard safeguards to protect your data, including TLS encryption in transit, AES-256 encryption at rest for sensitive secrets, and strict access controls. No system is perfectly secure; you can read more about our practices on our security page.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain types of processing.
  • Receive a portable copy of your data.

8. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

9. International Transfers

We may transfer and process your information in countries other than your own. When we do, we rely on appropriate safeguards such as standard contractual clauses.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Last updated" date above and, where appropriate, by direct notification.

11. Contact Us

If you have any questions about this Privacy Policy, contact us at Support@toPrompt.ai.

This is placeholder content. The final Privacy Policy will be reviewed and published by our legal team.