PromptBee Privacy Policy
Effective Date: 20 June 2025 | Last Updated: 20 June 2025
1 · Who We Are
PromptBee ("we," "our," "us") is a Canada-based website for creating, saving, and sharing AI prompts. This notice explains what personal information we collect, how we use it, where it is stored, and the choices available to you.
2 · Quick Summary
- We collect only what we need: account details, prompt content, basic usage analytics, and (soon) billing info.
- We never sell your personal data.
- We do not train AI models on your prompts.
- Data lives on trusted providers—Supabase (database & auth), Netlify (hosting), Microsoft Azure (AI model, East US 2), and Stripe (payments).
- Minimum age: 13 years globally and 16 years in the EU (parent / guardian consent required for minors).
3 · Information We Collect
| Category | Details | Purpose |
|---|---|---|
| Account Information | Email, display name, password hash, optional profile photo | Create and secure your account |
| Prompt Content | Text you enter and the AI responses you receive | Save, reuse, and share prompts |
| Usage Data | IP address, browser/device type, pages visited, error logs | Maintain reliability, prevent abuse, improve features |
| Payment Data (future) | Card type, last 4 digits, billing address (processed by Stripe) | Process subscriptions or purchases |
| Cookies & Similar Tech | Small files in your browser | Keep you signed in, remember preferences, measure traffic |
4 · How We Use Your Information
- Provide the service – log you in, store your prompts, generate AI responses.
- Improve PromptBee – analyse aggregated usage data to fix bugs and add features.
- AI safety & abuse prevention – automatically check prompts/outputs for spam, illegal, or harmful content.
- Legal & security – detect fraud, comply with legal obligations, enforce our Terms.
No model-training:
PromptBee does not use your prompt content to train or fine-tune AI models. If this ever changes, we will update this policy before collecting data for that purpose.
5 · Where Your Data Lives
| Provider | Role | Primary Location(s) |
|---|---|---|
| Supabase | Database & authentication | United States (with EU backups) |
| Netlify | Website hosting & CDN | Global edge network |
| Azure | Runs the AI model | East US 2 (Virginia, USA) |
| Stripe | Payment processing (when enabled) | Stripe global infrastructure |
| SendGrid | Transactional email (password reset, etc.) | United States |
All traffic is encrypted (HTTPS/TLS). Providers are contractually bound to process data only for PromptBee and to apply industry-standard security controls (ISO 27001, SOC 2, or equivalent).
6 · How Long We Keep Your Data
| Data Type | Retention Period | Deletion Method |
|---|---|---|
| Prompt history (when history on) | Until you delete it or close your account | Immediate removal from live DB; purged from backups within 30 days |
| Prompt interactions (history off or logged-out) | 30 days for abuse monitoring | Automatic purge at 30 days |
| Payment records (future) | As required by tax & accounting laws (≈ 7 years) | Secure archival then deletion |
| Server logs & analytics | 12 months | Aggregated or deleted |
7 · Sharing and Disclosure
We do not sell or rent personal data. We share it only:
- Service providers listed above who help us run PromptBee.
- Corporate transactions – if PromptBee merges or is acquired, data may transfer under the same protections.
- Legal reasons – to comply with lawful requests, enforce our Terms, or protect user safety.
- With your consent – e.g., when you publish a prompt publicly or connect third-party integrations.
8 · Your Privacy Rights
Depending on your region (GDPR, UK GDPR, PIPEDA, CCPA/CPRA, etc.) you may:
- Access – request a copy of personal data we hold.
- Correct – fix inaccurate data.
- Delete – close your account and erase stored data.
- Portability – obtain your data in a machine-readable format.
- Restrict / object – limit certain processing (for example, marketing).
- No discrimination – you will not receive different prices or quality for exercising rights.
How to exercise your rights
Submit a request via our Support channel at promptbee.ca/support. We will verify your identity and respond within 30 days.
9 · Children's Privacy
- PromptBee is not directed to children under 13.
- Users under 16 in the EU/EEA require parent or guardian permission.
- We do not knowingly collect data from anyone under the applicable minimum age.
- Parents who believe their child has provided personal data can request removal through promptbee.com/support.
10 · International Transfers
Your data may be processed in the United States or other countries whose privacy laws differ from yours. We rely on:
- Standard Contractual Clauses for transfers from the EEA/UK.
- Equivalent safeguards for all users worldwide.
11 · Security
- TLS encryption in transit
- AES-256 encryption at rest (Supabase & Azure)
- Role-based access controls and least-privilege staff access
- Continuous monitoring and regular security audits
No system is 100% secure, but we take reasonable steps to protect your information. Please keep your password safe.
12 · Payments (Coming Soon)
PromptBee will use Stripe to process payments. Stripe receives your card details directly over encrypted connections. PromptBee stores only a payment token and minimal billing data.
13 · Marketing Messages
- We send essential transactional emails (account verification, password resets, receipts).
- Optional newsletters or product updates are sent only with your explicit consent. You can unsubscribe at any time in your account settings.
14 · Changes to This Policy
We may update this Privacy Policy as services or laws change. When we do, we'll update the "Last Updated" date and, for significant changes, post a notice within PromptBee.