Privacy Policy

Last Updated: January 11, 2025

1. Introduction

Welcome to Stupify (`"`we,`"` `"`our,`"` or `"`us`"`). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered question-answering service at stupify.app (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Service:

  • Account Information: Email address, password (encrypted), and optionally your full name
  • Payment Information: Billing information processed securely through Stripe (we do not store credit card details)
  • Communication Data: Your questions, prompts, and any other content you submit to our AI service
  • Correspondence: Information in messages you send to us (support emails, feedback, etc.)

2.2 Information Collected Automatically

When you access our Service, we automatically collect certain information:

  • Usage Data: Number of questions asked, simplicity level preferences, conversation history, timestamps
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, pages viewed, referring URLs
  • Cookies and Tracking: Authentication tokens, session identifiers, and preference settings

2.3 Information from Third Parties

We may receive information from:

  • Stripe: Payment processing status, subscription information, billing details
  • Analytics Providers: Aggregated usage statistics and performance metrics

3. How We Use Your Information

We use your information for the following purposes:

  • Provide the Service: Process your questions through AI, generate responses, manage your account
  • Improve Our Service: Analyze usage patterns, train and improve our AI models, fix bugs
  • Process Payments: Handle subscriptions, billing, and payment processing through Stripe
  • Communicate: Send service updates, respond to inquiries, provide customer support
  • Enforce Usage Limits: Track daily question limits for free tier users
  • Security: Detect fraud, prevent abuse, protect against security threats
  • Compliance: Comply with legal obligations and enforce our Terms of Service
  • Analytics: Understand how users interact with our Service to improve features

4. AI Processing and Third-Party Services

4.1 OpenAI Integration

We use OpenAI`'`s API to process your questions and generate responses. Your questions and our AI responses are transmitted to OpenAI for processing. OpenAI`'`s use of your data is governed by their own privacy policy and data usage policies. OpenAI may use your data to improve their models unless you opt out through their API settings.

Important: Do not submit sensitive personal information, confidential business information, or any data you wish to keep private in your questions.

4.2 Other Third-Party Services

  • Supabase: Database hosting and authentication services (EU/US data centers)
  • Stripe: Payment processing (PCI DSS compliant)
  • Vercel: Application hosting and content delivery

5. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

  • Account Data: Retained until you delete your account, plus 30 days for backup purposes
  • Conversation History: Retained while your account is active; deleted when you delete your account
  • Payment Records: Retained for 7 years to comply with tax and financial regulations
  • Usage Logs: Retained for 90 days for security and service improvement purposes

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With third parties who perform services on our behalf (OpenAI, Stripe, Supabase, Vercel)
  • Business Transfers: In connection with a merger, sale, or acquisition of all or part of our business
  • Legal Requirements: When required by law, court order, or government request
  • Protection of Rights: To protect our rights, property, safety, or that of our users or the public
  • With Your Consent: When you explicitly consent to sharing

7. Your Privacy Rights

7.1 General Rights

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal obligations)
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Objection: Object to processing of your personal information
  • Restriction: Request restriction of processing in certain circumstances

7.2 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local supervisory authority
  • Right to object to automated decision-making
  • Legal basis for processing: Consent, contract performance, legitimate interests

7.3 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to say no to the sale of personal information (we do not sell data)
  • Right to access your personal information
  • Right to equal service and price, even if you exercise your privacy rights

7.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at: support@stupify.app (or your contact email)

We will respond to your request within 30 days. To delete your account, you can also use the account deletion feature in your account settings.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption: Data is encrypted in transit (TLS/SSL) and at rest
  • Access Controls: Strict access controls and authentication requirements
  • Secure Infrastructure: Hosting on secure, compliant platforms (Vercel, Supabase)
  • Regular Audits: Periodic security assessments and updates
  • Password Security: Passwords are hashed using industry-standard algorithms

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and service functionality
  • Performance Cookies: Help us understand how users interact with our Service
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Service.

10. Children`'`s Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@stupify.app, and we will delete such information from our systems.

For users between 13 and 18 years of age, we recommend parental guidance when using our Service.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that are different from the laws of your country.

We ensure appropriate safeguards are in place for international data transfers, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions where applicable
  • Compliance with applicable data protection frameworks

12. Do Not Track Signals

Some browsers have a `"`Do Not Track`"` feature that lets you tell websites you do not want to have your online activities tracked. We do not currently respond to Do Not Track signals.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page
  • Updating the `"`Last Updated`"` date
  • Sending you an email notification (for material changes)

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@stupify.app

Website: https://stupify.app

Response Time: We will respond to your inquiry within 30 days

15. Dispute Resolution

If you have concerns about our privacy practices that we cannot resolve directly, you have the right to lodge a complaint with your local data protection authority or supervisory authority.

16. Acknowledgment

By using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.