Privacy Policy
Last updated: April 10, 2025
At PromptiFill, we take your privacy seriously. This policy explains what data we collect, how we use it, and your rights regarding your personal information. We keep this simple and honest — no hidden practices.
1. Who We Are
PromptiFill ("we", "us", "our") operates the website promptifill.com, an AI-powered prompt generation tool. For privacy inquiries, contact us at:
hi@promptifill.com2. Information We Collect
Information you provide directly:- Name and email address (when signing in with Google)
- Profile picture (from your Google account)
- Form inputs you fill when generating prompts
Information collected automatically:- Usage data — which categories you use, how many prompts you generate
- Browser type, device type, and operating system
- IP address and approximate geographic location
- Pages visited and time spent on the Service
Payment information:- We do NOT store your credit card or payment details
- All payments are processed by Paddle, who has their own privacy policy
- We only receive confirmation of successful payments and your subscription status
3. How We Use Your Information
We use your information to:
- Provide, operate, and improve the PromptiFill service
- Save your generated prompts and prompt history (signed-in users)
- Manage your subscription and billing
- Send essential service emails (account confirmation, billing receipts)
- Enforce our rate limits and plan restrictions
- Detect and prevent abuse or fraud
- Analyze usage patterns to improve the product (anonymized)
We do NOT sell your personal data to third parties. Ever.
4. Data Storage and Security
Your data is stored in secure PostgreSQL databases hosted on Railway (railway.app), located in data centers with enterprise-grade security. We use:
- HTTPS encryption for all data in transit
- Encrypted database connections
- Secure session management via NextAuth.js
- Regular security updates and monitoring
While we implement industry-standard security measures, no method of transmission over the internet is 100% secure.
5. Third-Party Services
We use the following third-party services that may process your data:
- Anthropic (Claude API): Your prompt inputs are sent to Anthropic to generate outputs. See: anthropic.com/privacy
- Google OAuth: Used for sign-in. See: policies.google.com/privacy
- Paddle: Payment processing. See: paddle.com/legal/privacy
- Vercel: Website hosting. See: vercel.com/legal/privacy-policy
- Railway: Database hosting. See: railway.app/legal/privacy
6. Cookies
We use minimal, essential cookies only:
- Session cookies — to keep you logged in
- CSRF protection cookies — for security
We do not use advertising cookies or third-party tracking cookies. You can disable cookies in your browser settings but this may affect your ability to stay signed in.
7. Data Retention
- Account data: retained while your account is active
- Generated prompts: retained until you delete them or your account
- Usage logs: retained for 90 days then automatically deleted
- Payment records: retained for 7 years as required by financial regulations
When you delete your account, we delete your personal data within 30 days, except where retention is required by law.
8. Your Rights
You have the right to:
- Access: Request a copy of all data we hold about you
- Correction: Request correction of inaccurate personal data
- Deletion: Request deletion of your account and all associated data
- Portability: Request your data in a machine-readable format
- Objection: Object to processing of your personal data
To exercise any of these rights, email:
hi@promptifill.comWe respond to all requests within 30 days.
9. Children's Privacy
PromptiFill is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete it immediately.
10. International Data Transfers
PromptiFill operates globally. Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or a prominent notice on our website. Continued use of the Service after changes constitutes acceptance of the updated policy.