PromptSafe Privacy Policy

1. Core Privacy Principle

PromptSafe is designed for local-first processing. Document and text content you submit for anonymisation, redaction, or compliance checks is processed in your browser and is not uploaded by PromptSafe.

Because processing occurs locally, PromptSafe does not retain document payloads, detected entity payloads, or anonymised output payloads as application records.

2. Document Content We Don't Collect

PromptSafe does not collect or store your underlying document text, uploaded PDF contents, extracted entities, mapping vault content, or final redacted/anonymised output as server-side content records.

For FRCP Checker specifically, checks run in-browser and do not require account creation to process a file.

3. Information PromptSafe Does Collect

PromptSafe collects limited operational data needed to provide the service. This includes account email address (for authentication), subscription status, and billing metadata where paid plans are used.

Payment processing is handled by Stripe. PromptSafe does not store full payment card numbers. PromptSafe receives limited billing metadata (for example, card type, last four digits, and billing status) from payment processors.

4. Analytics and Usage Signals

PromptSafe collects basic page-level analytics and infrastructure logs to maintain reliability, improve product usage flows, and prevent abuse.

Analytics do not include document content or checker results. PromptSafe does not use document payload content for advertising profiling. Cookie handling for authentication and essential functionality is described in Section 9.

5. Third-Party Service Providers

PromptSafe uses third-party service providers for limited platform functions such as authentication, billing, hosting, and delivery infrastructure. Typical providers include Supabase (auth), Stripe (payments), and infrastructure/CDN services.

These providers receive only the data necessary for their operational role and are not used as document-content processors for local workflow execution.

6. Browser-Local Storage and Session Data

PromptSafe stores configuration, feature preferences, and session-related state in your browser to preserve workflow continuity. This storage remains under your browser/device controls and can be removed by clearing site data.

7. Data Retention

Where PromptSafe holds account or billing-related records, retention is limited to what is reasonably required for service delivery, legal compliance, dispute resolution, fraud prevention, and accounting obligations.

Locally processed document content is not retained by PromptSafe as part of server-side application storage in the normal workflow.

8. Security

PromptSafe applies reasonable technical and organisational measures to protect account and operational data. No method of transmission or storage is absolutely secure; users remain responsible for local endpoint security and browser hygiene.

9. Cookies

PromptSafe uses essential cookies or equivalent browser mechanisms for authentication and core product operation. PromptSafe does not use advertising cookies for document-processing workflows.

10. Children’s Privacy

PromptSafe is not directed to children under 13, and PromptSafe does not knowingly collect personal information from children under 13.

11. Your Rights and Requests

Subject to applicable law, you may request access, correction, deletion, or export of your account-related personal information held by PromptSafe. You may also opt out of non-essential product communications.

Requests can be submitted to hello@promptsafe.app.

12. Policy Updates and Contact

PromptSafe may update this policy periodically. Material updates are reflected by updating the effective date on this page and, where appropriate, by additional notice.

Questions about this policy can be sent to hello@promptsafe.app or via promptsafe.app/contact.