Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your information.
Last updated: January 2025
1. Introduction & Data Controller
Welcome to Social Artisan ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content creation platform.
Data Controller: Social Artisan
Legal Entity: jiuyiai
Contact: permamindai@gmail.com
Legal Basis: GDPR Article 6(1)(b) - Contract performance and Article 6(1)(f) - Legitimate interests
2. Information We Collect
2.1 Personal Information You Provide
Account Information:
- Email address (required for account creation)
- Name (optional, can be provided via OAuth or manually)
- Profile picture (from OAuth providers only)
- Password (encrypted, never stored in plain text)
Content Data:
- Input text for AI content generation
- Generated content and variations
- Platform preferences and settings
- Content history (limited to 20 items for free users)
2.2 Information Collected Automatically
- Device information (browser type, operating system)
- IP address and general location (country/region)
- Usage analytics (pages visited, features used)
- Performance data (loading times, errors)
- Cookies and local storage data
2.3 Third-Party Information
When you use OAuth login (Google, GitHub, Discord), we receive:
- Email address and basic profile information
- Profile picture (if available and permitted)
- Account verification status
3. How We Use Your Information
🎯 Service Provision (Legal Basis: Contract Performance)
- Processing your content through AI models to generate social media posts
- Storing your content history and preferences
- Managing your account, credits, and subscription status
- Providing customer support and responding to inquiries
💳 Payment Processing (Legal Basis: Contract Performance)
- Processing subscription payments through Paddle
- Managing billing, invoices, and refunds
- Preventing payment fraud and chargebacks
📊 Service Improvement (Legal Basis: Legitimate Interest)
- Analyzing usage patterns to improve AI model performance
- Monitoring system performance and fixing bugs
- Developing new features and platform enhancements
- Conducting A/B tests for user experience optimization
🔒 Security & Compliance (Legal Basis: Legal Obligation)
- Detecting and preventing fraud, abuse, and security threats
- Complying with legal requirements and law enforcement requests
- Enforcing our Terms of Service and community guidelines
4. Information Sharing and Disclosure
🚫 We Never Sell Your Data
We do not sell, trade, or rent your personal information to third parties for marketing purposes.
We may share your information only in these specific circumstances:
🔧 Essential Service Providers
- Paddle: Payment processing (PCI DSS compliant)
- AI Providers: Google Gemini, OpenAI, Anthropic (content processing only)
- Email Service: Transactional emails (verification, notifications)
- Hosting Provider: Vercel (infrastructure and CDN)
All providers are bound by strict data processing agreements.
⚖️ Legal Requirements
When required by law, court order, or to protect our rights and safety.
🏢 Business Transfers
In connection with a merger, acquisition, or sale of assets (with user notification).
✅ Your Explicit Consent
With your clear, informed consent for specific purposes.
5. Your Rights Under GDPR
🔍 Right to Access
Request a copy of your personal data
✏️ Right to Rectification
Correct inaccurate information
🗑️ Right to Erasure
Request deletion of your data
📦 Right to Portability
Export your data in a portable format
⏸️ Right to Restrict Processing
Limit how we process your data
🚫 Right to Object
Object to certain types of processing
To exercise your rights: Email us at permamindai@gmail.com with your request. We will respond within 30 days.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal information:
All data transmission uses the latest encryption standards
All stored data is encrypted at rest using AES-256
Strict access controls and authentication measures
Regular security assessments and updates
7. Data Retention
We retain your personal information only as long as necessary:
- Account Data: Until you delete your account or request deletion
- Content History: Free users: 20 items (FIFO), Pro/Plus users: unlimited
- Payment Records: 7 years (legal requirement)
- Analytics Data: 26 months (anonymized after 14 months)
- Support Communications: 3 years
8. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequacy decisions where applicable
- Binding Corporate Rules for multinational service providers
- Your explicit consent where required
9. Children's Privacy
Our service is not intended for children under 16 years of age (13 in some jurisdictions). We do not knowingly collect personal information from children under the applicable age limit.
If you believe we have collected information from a child under the applicable age, please contact us immediately at permamindai@gmail.com.
10. Contact Information
Data Protection Officer
Email: permamindai@gmail.com
Subject Line: "Data Protection Inquiry"
Privacy Inquiries
Email: permamindai@gmail.com
Response Time: Within 30 days (GDPR requirement)
Supervisory Authority
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.
Note: This Privacy Policy may be updated from time to time. We will notify users of any material changes via email and update the "Last updated" date above. Your continued use of our service after changes constitutes acceptance of the updated policy.