Privacy Policy

What we collect

• Account info: email address and (optional) display name.
• Authentication: sessions and (optional) hashed password — managed by our auth provider (Supabase).
• Billing: subscription status and plan — payment details are handled by our payment processor (Lemonsqueezy) and never touch our servers.
• Generations: the prompts you submit, the generated .setting/.drfx files, and token usage / cost metadata.
• Bad-generation reports: what you tell us went wrong, plus the generated file you reported.
• Analytics: page views, signups, generation events, errors — used to improve the product. Aggregated, not sold.

What we do with it

• Run the service: deliver generations, persist your history, send transactional emails (welcome, low-credit warning, receipts).
• Improve generation quality: bad-gen reports help us tune prompts and the validator.
• Bill correctly: enforce per-tier credit allowances and cost caps.
• Investigate abuse: rate-limit and ban accounts that violate the terms.

Who else sees your data

We use these processors to deliver the service:

• Anthropic — runs the AI that generates your templates. Prompts and outputs are sent to Anthropic. Per Anthropic’s policy, API data isn’t used to train their models.
• Supabase — database + auth.
• Cloudflare R2 — object storage for generated .setting / .drfx files.
• Lemonsqueezy — subscription billing.
• Resend — transactional email.
• PostHog — product analytics.
• Sentry — error monitoring.

Retention

• Account: kept until you delete it.
• Generated files: 90 days by default. Files attached to a bad-generation report: 1 year.
• Generation metadata (cost, token counts, kind): kept indefinitely for billing and quality analysis.

Your rights

• Access / export: ask for a copy of your data.
• Deletion: delete your account from /account; everything user-scoped is removed within 30 days.
• Correction: update your display name and email anytime in /account.

Cookies

Strictly necessary cookies (session, security) are always set. Analytics cookies require your consent and can be revoked anytime via the cookie banner.

Security

Data in transit is TLS-encrypted. Database access is restricted with row-level security so users can only see their own data. Secrets are stored in our hosting provider’s secret manager, never in code or logs.

Contact

Questions about your data? Email privacy@templavi.com.