Privacy Policy

Effective 12 June 2026. We collect as little data as possible to run the service.

1. Data we collect

• Account: email address and login identity, managed by our authentication provider (Clerk).
• Content: the business description you enter, the generated design specification, and your brand kits.
• Stationery contact (optional): the name, title, phone and address you provide for business cards/letterhead — used solely to compose your files.
• Transactions: order number, amount and payment status. We never see or store your card/bank details — payments are processed directly by Pakasir.
• Technical: basic access logs (IP address, user agent) for security and abuse prevention.

2. How data is used

• Your business description is sent to an AI model provider (via OpenRouter) solely to produce the design specification.
• Email is used for authentication and transactional messages (receipts, download links) via Resend.
• Brand kits are stored on Cloudflare R2 so you can re-download them.
• We never sell your personal data to anyone.

3. Third-party processors

Clerk (authentication), Supabase (database), OpenRouter (AI models), Pakasir (payments), Cloudflare (network & storage), Resend (email). Each processes data strictly within its function.

4. Retention & deletion

Kits and purchase history are kept while your account is active. You may request deletion of your account and all its data via the email listed on the site; deletion is processed within 30 days.

5. Security

All traffic is encrypted (HTTPS). Database access happens only from our servers; previews and kit downloads use signed links that expire automatically.

6. Changes

Material changes to this policy will be announced on the site.