1. Consent

By using our services, you consent to the data practices described in this policy. You will be explicitly asked for consent before any important data collection takes place, and you have the right to withdraw consent at any time as seen on: Cookies

2. Personal Data We Collect

We collect the following types of personal data to facilitate your use of our services:

• Name and contact information (e.g., email address)
• Payment information (processed via Stripe)
• Account login credentials (encrypted)
• Content you create or upload (e.g. Comments)
• Technical data (e.g., IP address, browser type, device information)
• Interaction data (e.g., pages visited, features used, time spent on site)

For more info refer to: Cookies

3. How We Use Your Data

Your data is used for the following purposes:

• Processing transactions and managing your account.
• Providing customer support and responding to inquiries.
• Improving and customizing our services (e.g., through analytics and user feedback).
• Sending you promotional communications, which you can opt out of at any time.
• Complying with legal obligations (e.g., tax, fraud prevention).

For more info refer to: Cookies

4. Third-Party Services

We use third-party services to perform certain functions on our behalf. These third parties are carefully selected and are required to comply with GDPR and this Privacy Policy.

• AWS S3 & CloudFront: Used for secure storage and delivery of digital assets. Data is stored within the European Union or in other locations as permitted by GDPR. As seen on: AWS3
• Heroku: Our platform is hosted on Heroku, which may store your data in the United States or other jurisdictions. As seen on: Heroku
• Stripe: Handles payment processing. We do not store your credit card information. Stripe's privacy policy applies. As seen on: Stripe
• Google Services (OAuth, Recaptcha, Analytics, Search Console): We use Google services for authentication, security, analytics, and site indexing. These services may collect data such as your IP address and browsing behavior. As seen on: Google
• Cloudflare: Used for content delivery network (CDN) services and security purposes, including DDoS protection. Cloudflare may process data such as IP addresses to provide these services. As seen on: Cloudflare
• Mailchimp: Used for email marketing. We may share your email address and name with Mailchimp for sending promotional emails. See Mailchimp's privacy policy for details. As seen on: Mailchimp
• EmailJS: Used for sending email notifications and communications. Your email address and message content may be processed by EmailJS. As seen on: EmailJS
• Redis: Used for managing active user sessions, caching (only our data), and breaking news feeds. Data stored in Redis is managed according to its privacy and security policies. As seen on: Redis
• Github: Used for version control and collaboration on our codebase. If you contribute code or report issues, your contributions and associated data may be stored on Github. As seen on: Github
• Rate Limiting Services: We implement IP and session-based rate limiting to protect our platform from abuse. Data such as your IP address and session details may be temporarily stored for these purposes.
• Database Services (Supabase, PostgreSQL on Heroku, and Others): We could utilize Supabase, PostgreSQL on Heroku, and other database services to store and manage user data, such as account information, content, and transaction records. These services are designed to ensure data integrity and security. For more detailed information on how your data is managed and protected, please refer to their respective privacy policies: Supabase, Heroku PostgreSQL.
• OpenAI: We use OpenAI's models to process your prompts and generate responses. Your data may be sent to OpenAI and temporarily stored to deliver and improve their services.
• Together AI: We also integrate Together AI to provide model access and routing. Your data may be processed through Together AI's infrastructure as part of delivering responses.

5. Data Security

We implement strong encryption, SSL certificates, and other security measures to protect your data from unauthorized access, disclosure, alteration, or destruction. However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. See more on: Site's Security

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your user experience, perform analytics, and for security purposes (e.g., to manage sessions and rate-limiting). You can manage your cookie preferences through your browser settings or as seen on: Cookies

7. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

• Right to access your data and obtain a copy.
• Right to rectification of inaccurate or incomplete data.
• Right to erasure (right to be forgotten).
• Right to data portability.
• Right to object to processing or to restrict processing.
• Right not to be subject to automated decision-making.
• Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

9. Data Breach Notification

In the event of a data breach, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with GDPR requirements.

10. International Data Transfers

Your personal data may be transferred to, and processed in, countries outside of the European Economic Area (EEA). These countries may have data protection laws that are different from the laws of your country. However, we take steps to ensure that your data is treated securely and in accordance with this Privacy Policy. For more visit: Cookies

11. Use of Async and Sync Servers

We use both asynchronous (async) and synchronous (sync) servers to handle various aspects of our platform's operations. Async servers may process tasks such as background jobs and notifications, while sync servers handle immediate user interactions. Data processed by these servers is managed according to this Privacy Policy.

12. SSL Certificates

We use SSL certificates to encrypt data in transit between your browser and our servers, ensuring that your information remains secure.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. We will notify you of any material changes by posting the new Privacy Policy on this page and, where appropriate, notifying you via email.