Our commitment in plain terms
Your writing is yours. We do not sell it, share it, or use it to train AI. We collect only what is needed to run the service — and we give you the tools to delete it whenever you want.
1. What we collect
We collect a minimal set of data to operate Creative Editor:
- Account information — your name, email address, and profile photo, provided via Google OAuth when you sign in.
- Your documents — the text, structure, and metadata (title, mood, word count) of documents you create on the platform. Stored encrypted in our database.
- Session and activity data — writing session goals, durations, and streak records, used to power flow tracking and streak features.
- Dictation audio — voice recordings you create using the Dictate feature, stored in encrypted object storage linked to your account.
- Settings and preferences — font choices, animation preferences, default mood, and flow threshold settings.
- Credit and billing records — transaction history, subscription status, and credit balance, managed via Stripe. We do not store card details on our servers.
- Usage signals — coarse activity signals (words produced, active seconds) used to estimate flow state. Not linked to what you actually write.
2. What we do not collect
- We do not run advertising trackers or analytics pixels.
- We do not collect keystroke-level data or record your typing patterns.
- We do not build behavioural profiles for advertising or third-party marketing.
3. How we use your data
Your data is used solely to provide and improve Creative Editor:
- To operate the service — authenticating you, loading your documents, delivering AI features, processing payments.
- To improve the service — understanding aggregate patterns (e.g. which features are most used) to prioritise what to build next. This analysis is always at the aggregate level; we do not read individual documents.
- To deliver AI features — when you invoke Echo, Verify, Review, or Heteroglossia, the relevant text is sent to a third-party language model provider to generate a response. This is done to fulfil your explicit request. See Section 5 for what is and is not shared.
4. What we never do
Sell your data
We do not sell, rent, or trade your personal information or writing to any third party, including data brokers, advertising networks, or marketing services.
Use your writing to train AI
The content of your documents, notes, and dictations is never used to fine-tune, train, or improve any AI or machine learning model — by us or by any third party through us. AI providers we work with are contractually bound not to train on your data.
Target you with ads
Creative Editor contains no advertising. Your data is never used for ad-targeting, retargeting, or audience profiling.
Access your documents without reason
Our team does not read your private documents. Access to user data by staff is restricted, logged, and limited to situations required by law or to investigate a reported security incident with your knowledge.
5. Third-party services
We work with a small number of trusted providers:
- Supabase — database and authentication. Your documents and account data are stored on Supabase's encrypted infrastructure.
- Stripe — payment processing. Card details go directly to Stripe and never pass through our servers.
- AI language model providers — when you invoke an AI feature, the relevant text snippet is sent to generate a response. These providers are bound by data processing agreements that prohibit training on your content.
- Tavily — web search, used only when you invoke the Verify feature on selected text. Only the selected claim is sent, not your full document.
We do not use Google Analytics, Facebook Pixel, or similar advertising/tracking SDKs.
6. Data security
Your data is encrypted in transit (TLS) and at rest. We use row-level security on our database so that your documents are structurally inaccessible to other users. Dictation audio files are stored in a private bucket with time-limited signed URLs for playback.
No system is perfectly secure. We are committed to responsible disclosure and will notify affected users promptly in the event of a breach that affects their data.
7. Your rights and controls
- Access — you can view all your documents, sessions, and account data within the app at any time.
- Correction — you can rename, edit, or delete any content you have created.
- Deletion — deleting a document removes it from active systems. You may delete your account entirely by contacting us; this permanently removes your documents, sessions, dictations, and profile data.
- Export — documents can be exported to PDF from within the Review panel. Full data export on request.
- Portability — your writing is yours and you may export or delete it at any time. We will not hold it hostage behind a paid plan.
8. Data retention
We retain your data for as long as your account is active. If you delete your account, your documents and personal data are purged from active systems within 30 days. Backup retention may extend up to 90 days before full deletion.
9. Children
Creative Editor is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has created an account, please contact us.
10. Changes to this policy
We will notify you of material changes to this Privacy Policy via email or an in-app notice before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.
11. Contact
Privacy questions or data requests: [email protected]