Privacy Policy

Effective: August 1, 2025 · Last Updated: September 7, 2025

1. Scope

This Privacy Policy applies to Promptev's websites (including promptev.ai), applications, APIs, and related services. Third-party services connected to the platform maintain their own separate privacy policies.

2. Information We Collect

Account & Contact Data

Name, email, company affiliation, job role, hashed password, and profile information.

Billing Data

Payment methods and transaction records (processed by our payment processor).

Service Data Provided by You

Prompts, files, documents, context sources, configuration, and AI outputs — collectively designated as Customer Content.

Integration Data

Tokens and identifiers for third-party service connections (Google Drive, Notion, Jira, etc.); includes scope and metadata information.

Usage & Diagnostics

Log files, device/browser details, IP addresses, timestamps, feature usage metrics, latency data, token/cost analytics, and crash reports.

Cookies & Similar Technologies

Used for session maintenance, preference storage, and usage analysis (see Section 8).

3. How We Use Information

We use collected data to:

Provide, operate, and secure the Services
Process prompts through selected model providers and enabled integrations
Monitor performance, detect abuse, prevent fraud, and enforce Terms of Service
Improve Services through aggregate diagnostics and user experience research
Communicate service notices, updates, and permitted marketing communications
Comply with legal obligations

We do not use Customer Content to train Promptev foundation models or third-party models without your explicit opt-in.

De-identified, aggregated telemetry may be used for reliability and security improvements.

4. Legal Bases (EEA / UK / Switzerland)

Where GDPR and UK GDPR apply, personal data processing relies on:

Contractual necessity — service provision
Legitimate interests — security, improvement, analytics
Explicit consent — marketing cookies, optional features
Legal obligations — tax, compliance requirements

5. Sharing of Information

Data may be shared with:

Service providers and processors — hosting, analytics, email, payment, support
Model providers you select — OpenAI, Anthropic, Google, Mistral — for generating outputs
Connectors/integrations you authorize — Notion, Google, Jira, Slack — for context retrieval
Business transfer recipients — merger, acquisition, financing, or asset sale scenarios
Legal authorities — to comply with law, enforce Terms, or protect rights, safety, and security

We do not sell personal data. We do not share for targeted advertising where restricted by law; where required, we offer opt-out.

6. International Transfers

Data may transfer to countries with different data protection standards. We use appropriate safeguards including EU Standard Contractual Clauses for such transfers. UK transfers utilize the UK Addendum/IDTA as applicable.

7. Data Retention

Personal data retention continues as long as needed to provide the Services and for legitimate purposes (security, legal, accounting). You may request deletion; we commit to reasonable deletion timelines unless retention is legally required or justified by legitimate interests.

8. Cookies & Analytics

We employ cookies and similar technologies for authentication, preferences, and analytics (including GA4 with privacy enhancements where possible). You can control cookies through browser settings and our cookie banner. Disabling certain cookies may impact functionality.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to processing or withdraw consent.

EEA / UK / Swiss Users

Exercise your GDPR rights by emailing privacy@promptev.ai. You may lodge complaints with your supervisory authority.

California (CPRA) Users

Your rights include knowing, deleting, correcting, and opting out of sale/sharing. No discrimination applies for exercising rights. Contact privacy@promptev.ai or use available web forms. We verify requests and respond within statutory timeframes.

10. Children's Privacy

The Services are not intended for children under 13 (or under the relevant age where you live). We do not knowingly collect personal data from children. Contact us to request deletion if a child's data was submitted.

11. Security

We apply industry-standard safeguards (encryption in transit, key management, access controls, logging). However, no system is 100% secure. You bear responsibility for maintaining credential and API key confidentiality.

12. Third-Party Links & Services

Our Services may link to third-party websites or include third-party SDKs/APIs. Their privacy practices are governed by their own respective policies, not this document.

13. Automated Decision-Making

We use AI models to generate requested outputs but do not engage in solely automated decisions that produce legal or similarly significant effects without human involvement.

14. Changes

We may update this policy. Material changes will be posted with a new "Last updated" date and required notifications where applicable. Continued service use indicates acceptance of changes.

15. Controller & Contact

Promptev, Inc.
privacy@promptev.ai

Data Processing Addendum (B2B)

Roles

Promptev acts as Processor of Customer Personal Data; Customer is Controller.

Sub-processors

Hosting (AWS/GCP/Azure), email, analytics, support, error tracking, and selected enabled model providers. An updated list is available upon request.

Processing Scope

Limited to providing Services as documented. We follow Customer instructions and implement appropriate security measures.

International Transfers

Via SCCs / UK Addendum as applicable.

Breach & Cooperation

Notifications occur without undue delay; cooperation with audits per agreement.

Termination

Personal data deletion or return occurs upon termination.