1. Controller
[NAME], [ADDRESS], email: [EMAIL ADDRESS]
2. Data we process
- Account data: email address, name (optional), password (stored as a hash) or Google sign-in
- Project data: your projects, prompts and generated files
- Usage data: token consumption per model and project (for billing)
- Payment data: for token purchases amount, reference and status (bank/PayPal details stay with the payment provider)
- Cookies: session cookie (login), language and theme preference
3. Purposes and legal bases
We process this data to provide the service and perform the contract (Art. 6(1)(b) GDPR), for billing, and based on legitimate interests in security and abuse prevention (Art. 6(1)(f) GDPR).
4. AI processing
To generate websites, your prompts and project content are transmitted to AI providers (currently: [DeepSeek / OpenAI / Anthropic — adjust]). Do not include sensitive personal data in prompts.
5. Other recipients
- Hosting: [IONOS SE, Germany — adjust]
- Google OAuth (only when using "Sign in with Google")
- Supabase (only if you connect your own Supabase database)
- CDN services for fonts and editor components
6. Retention
We store account and project data until you delete your account. Billing-relevant data is retained according to statutory periods.
7. Your rights
You have the right of access, rectification, erasure, restriction of processing, data portability and objection (Art. 15–21 GDPR), and the right to lodge a complaint with a supervisory authority.
8. Contact
For privacy requests: [EMAIL ADDRESS]
Last updated: [DATE]