Privacy Policy

1. Introduction

This Privacy Policy describes how Puzzle Book Smith (the "Company", "we", "our", or "us") collects, uses, stores, and shares information when you use our website and service (the "Service"). It also describes the choices and rights you have regarding that information.

By using the Service you consent to the practices described in this Policy. If you do not agree, do not use the Service. This Policy is part of our Terms of Service.

2. Information We Collect

We collect the following categories of information:

• Account information: the email address and password you supply at registration, your display name, and your selected plan.
• Billing information: payment is processed by our payment provider (Stripe). We do not store your full credit-card number or CVV on our servers. We receive only a tokenised reference, your subscription status, and the last four digits of your card.
• Content you create: puzzle book projects, page configurations, custom word lists, AI prompts, uploaded images, and any custom fonts you upload.
• Usage data: the credit-based actions you take (puzzle generations, AI calls, exports), timestamps, the puzzle types and models you use, and aggregate counts used for billing and abuse prevention.
• Technical data: IP address, browser type, device type, operating system, and pages visited, collected via standard server logs and analytics.
• Error reports: when something breaks, we capture an error trace (file, line, stack), your user ID, and the page you were on, so we can debug and fix it.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and operate the Service for you.
• Process payments, manage subscriptions, and meter Credit usage.
• Generate AI content on your behalf by sending your prompts to third-party AI providers.
• Investigate, diagnose, and fix bugs, performance issues, and abuse.
• Send transactional emails (account confirmation, password resets, payment receipts, important service notices). We do not send marketing emails without your explicit opt-in.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not use your puzzle content, AI prompts, or generated output to train AI models for ourselves or anyone else.

4. Third-Party Service Providers

The Service relies on a small set of third-party providers, each of which receives only the data they need to perform their function:

• Supabase hosts our database (PostgreSQL with row-level security), authentication, and file storage. Your account credentials, projects, and uploaded images live here.
• Stripe processes subscription payments and one-time token-pack purchases. Stripe receives your billing details directly; we do not see or store your card number.
• OpenRouter (and the underlying AI providers it routes to) receives the prompts you submit for AI content generation. We send only the prompt and the model selection; we do not attach your email or other identifying information to AI requests.
• Sentry receives application error reports (stack traces, your user ID, and the page where the error occurred) so we can debug issues.
• Google Analytics receives anonymised pageview and event data so we can understand how the Service is used. We do not send personally identifying information to Google.
• CyberPanel / LiteSpeed on our hosting provider handles web serving and standard access logs (IP, request path, status code, user agent).

Each provider has its own privacy policy. We choose providers we believe handle data responsibly, but we cannot guarantee the practices of any third party.

5. AI Content and Prompts

When you use AI features, the prompt you submit (theme, age range, custom instructions, etc.) is sent to a third-party AI provider via OpenRouter. The AI provider may retain that prompt and the generated output according to its own policies, typically for a short period for abuse monitoring.

Do not include personal information, confidential information, or anything you would not want a third party to see in AI prompts. Treat any AI prompt as if it could be reviewed by the AI provider.

6. Cookies and Tracking

The Service uses cookies and similar technologies for the following limited purposes:

• Authentication: to keep you signed in across pages and visits.
• Preferences: to remember your in-app settings (theme, draft state, recent selections).
• Analytics: Google Analytics sets cookies to measure aggregate usage. These do not identify you personally.

You can disable or clear cookies in your browser settings, but doing so will sign you out and may prevent the Service from working correctly.

7. Data Storage, Security, and Location

Your account data, projects, and uploads are stored on Supabase, which currently hosts our database in the United States. Backups are managed by Supabase as part of its standard service.

We protect your data using:

• PostgreSQL row-level security, so other users on the platform cannot read your rows even via direct queries.
• Encrypted transport (HTTPS / TLS) for all traffic between your browser and our servers, and between our servers and our providers.
• Server-side enforcement of credit limits, rate limits, and admin-only operations via signed JSON Web Tokens.
• Limited internal access: only authorised maintainers can access production data, and only when required for support or debugging.

No system is perfectly secure. We will notify affected users without undue delay if a breach materially affects their data, as required by applicable law.

8. Data Retention

We retain your data for as long as your account is active. Specific retention rules:

• Account, projects, and pages: retained while your account exists. Not deleted on subscription cancellation. Re-subscribe at any time and your work is intact.
• Uploaded custom-page images: retained while you have an active subscription. After cancellation, retained for 30 days, then deleted automatically. Re-subscribe within that window and they remain available.
• Audit and credit logs: retained for up to 100 days for billing dispute resolution and abuse investigation.
• Server access logs and error reports: retained for up to 90 days, then aggregated or deleted.
• Stripe billing records: retained by Stripe according to its policies and applicable tax / accounting law (typically several years).

9. Your Rights

Depending on where you live, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Portability: receive a machine-readable export of your projects, generated content, and account data.
• Correction: ask us to correct inaccurate information.
• Deletion: ask us to delete your account, projects, pages, and uploaded images. We will retain anonymised usage records (no identifying information) for accounting purposes.
• Objection / restriction: object to certain processing, or ask us to restrict it.
• Withdraw consent: withdraw any consent you have previously given.

To exercise any of these rights, contact support via the contact information posted on our website. We will respond within 30 days. We may need to verify your identity before acting on a request.

Residents of California (under the CCPA), the European Economic Area and the United Kingdom (under the GDPR), and other jurisdictions with similar laws have specific protections. This Policy is intended to satisfy our obligations under those laws; the rights above apply to you whether or not your jurisdiction explicitly requires them.

10. Children's Privacy

The Service is not directed to children under 18, and we do not knowingly collect personal information from children under 18. If you believe a child has created an account, contact support and we will delete the account and the associated data.

You may use the Service to create puzzle content intended for children. That use is governed by the Terms of Service; nothing in this Policy is consent on behalf of any child to provide personal information to the Service.

11. International Users

The Service is hosted in the United States. If you use the Service from outside the United States, you understand that your data will be transferred to, stored in, and processed in the United States and in any other country where our providers operate. By using the Service you consent to that transfer.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated by email or via in-app notice at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance of the revised Policy.

13. Contact

Questions, complaints, or requests under this Privacy Policy should be sent to support via the contact information posted on our website.