Privacy Policy
How we collect, use, and protect your information.
Last updated: October 30, 2025
This Privacy Policy describes how Prompt Manage, LLC ("Prompt Manage", "we", "us", or "our") collects, uses, discloses, and protects your information when you use our website, applications, API, and services (collectively, the "Platform" or "Service").
By accessing or using the Platform, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use the Platform.
1. Information We Collect
Personal Information You Provide
We collect information you provide directly to us when you:
- • Create an account (name, email address, password)
- • Subscribe to a paid plan (billing information handled by Stripe)
- • Create, edit, or share prompts and content
- • Contact us for support or feedback
- • Participate in surveys or promotions
- • Update your profile or account settings
Automatically Collected Information
When you use our Platform, we automatically collect:
- • IP address and general location (city/country level)
- • Device information (browser type, operating system, device type)
- • Usage data (pages visited, features used, time spent, click patterns)
- • Referral source (how you found our Platform)
- • Cookies and similar tracking technologies
- • API usage metrics and logs
User Content
We store the prompts, descriptions, tags, and other content you create on the Platform ("User Content"). You control whether this content is private or public.
Third-Party Information
If you sign in using a third-party service (e.g., Google OAuth), we receive basic profile information (name, email) from that service in accordance with your privacy settings on that platform.
2. How We Use Your Information
We use the information we collect to:
- • Provide, maintain, and improve the Platform
- • Process your transactions and manage subscriptions
- • Send you technical notices, updates, security alerts, and support messages
- • Respond to your comments, questions, and customer service requests
- • Communicate about products, services, offers, and events
- • Monitor and analyze usage patterns, trends, and user behavior
- • Detect, prevent, and address technical issues, fraud, and abuse
- • Personalize your experience and provide relevant content
- • Enforce our Terms of Service and protect our rights and property
- • Comply with legal obligations and respond to legal requests
- • Facilitate account creation and authentication
- • Generate aggregate, anonymized statistics about Platform usage
3. Information Sharing and Disclosure
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
We may share your information only in the following circumstances:
Service Providers:
We share information with trusted third-party service providers who assist in operating our Platform:
- • Vercel (hosting and infrastructure)
- • Supabase (database and authentication)
- • Stripe (payment processing, subscription billing, PCI DSS Level 1 certified)
- • OpenAI, Anthropic (AI model APIs for prompt execution)
See our Subprocessors page for a complete list.
When you subscribe to a paid plan, your payment information is securely processed by Stripe. We never store or have access to your payment card details. For more information about Stripe's security practices, visit Stripe's Security page.
Legal Requirements:
We may disclose your information if required by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, government agencies).
Protection of Rights:
We may disclose information to protect and defend the rights, property, or safety of Prompt Manage, our users, or the public, including enforcing our Terms of Service.
Business Transfers:
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.
With Your Consent:
We may share information with third parties when you explicitly consent to such sharing.
Public Content:
If you make your prompts or profile public, that information is visible to other users and may be indexed by search engines.
Aggregated and Anonymized Data:
We may share aggregated, anonymized data that cannot reasonably be used to identify you.
4. Data Security
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- • Encryption of data in transit (TLS/HTTPS) and at rest (AES-256)
- • Secure authentication mechanisms (OAuth 2.0, password hashing with bcrypt)
- • Regular security audits and vulnerability assessments
- • Access controls and role-based permissions
- • Secure backup and disaster recovery procedures
- • Employee training on data protection and security
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
5. Data Retention
We retain your personal information for as long as necessary to provide the Platform and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Active Accounts: We retain your data while your account is active and for a reasonable period thereafter.
Deleted Accounts: When you delete your account, we permanently delete your personal information and User Content within 30 days, except where we are required to retain certain information for legal, accounting, or security purposes.
Backups: Deleted data may persist in backups for up to 90 days before permanent deletion.
See our Data Erasure Policy for details on requesting data deletion.
6. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
Access and Portability:
Request a copy of the personal information we hold about you in a structured, machine-readable format.
Correction:
Request correction of inaccurate or incomplete personal information.
Deletion:
Request deletion of your personal information, subject to certain legal exceptions.
Objection and Restriction:
Object to or request restriction of certain processing of your personal information.
Withdraw Consent:
Withdraw consent for processing where we rely on your consent as the legal basis.
Opt-Out of Marketing:
Unsubscribe from marketing communications via the link in our emails or by contacting us.
To exercise any of these rights, contact us at legal@promptmanage.com. We will respond to your request within 30 days.
7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and store information about your use of the Platform.
Essential Cookies:
Required for the Platform to function (authentication, security, session management).
Analytics Cookies:
Help us understand how users interact with the Platform to improve functionality and user experience.
Preference Cookies:
Remember your settings and preferences (theme, language, display options).
You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of the Platform.
8. Third-Party Services and Links
The Platform may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our Platform.
9. Children's Privacy
Our Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information. If you believe we have collected information from a child under 18, please contact us at legal@promptmanage.com.
10. International Data Transfers
Prompt Manage is based in the United States. Your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we comply with applicable data protection laws regarding international data transfers. We use standard contractual clauses and ensure our service providers maintain appropriate safeguards.
11. GDPR Compliance (EU/UK Users)
If you are located in the European Economic Area or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):
Legal Basis for Processing:
- • Contractual necessity (to provide the Platform and services you request)
- • Legitimate interests (to improve our services, prevent fraud, ensure security)
- • Consent (for marketing communications, optional features)
- • Legal obligations (to comply with applicable laws)
Data Protection Officer:
For GDPR-related inquiries, contact us at legal@promptmanage.com.
Right to Lodge a Complaint:
You have the right to lodge a complaint with your local supervisory authority if you believe we have violated your privacy rights.
12. CCPA Compliance (California Residents)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:
Right to Know:
Request disclosure of the categories and specific pieces of personal information we have collected about you.
Right to Delete:
Request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out:
We do not sell your personal information. If our practices change, we will update this policy and provide you with an opt-out mechanism.
Non-Discrimination:
We will not discriminate against you for exercising your CCPA rights.
To exercise your rights, contact us at legal@promptmanage.com. We may need to verify your identity before processing your request.
13. Do Not Track
Some browsers have a "Do Not Track" feature that lets you tell websites that you do not want your online activities tracked. We do not currently respond to Do Not Track signals.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:
- • Posting the updated Privacy Policy on this page
- • Updating the "Last Updated" date at the top of this policy
- • Sending you an email notification (for significant changes)
- • Displaying a prominent notice on the Platform
Your continued use of the Platform after we post changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.
15. Related Pages
Terms of Service
Terms governing your use of Prompt Manage
Security Overview
Data encryption, infrastructure, and compliance
Data Protection Addendum
GDPR compliance and data processing agreements
Data Erasure Policy
How to request deletion of your account and data
Subprocessors
Third-party service providers we work with
Accessibility
Our commitment to WCAG 2.1 compliance
15. Official Government Resources
For more information about privacy laws and data protection regulations, please consult these official government resources:
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Prompt Manage LLC
125 Stoughton Street, Unit 2
Boston, MA 02125
Privacy Questions:
legal@promptmanage.com