Privacy Policy

Last updated: November 30, 2025

1. Introduction

PromptRail ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by PromptRail.

2. Information We Collect

Account Information: When you create an account, we collect your email address and authentication details (via Supabase).
API Keys: We collect and store API keys for third-party providers (e.g., OpenAI) that you choose to connect. These keys are stored using industry-standard encryption (AES-256) and are only decrypted at runtime to execute your requests.
Usage Data: We collect data on how you interact with our Service, including logs of API executions, latency, and token usage.
User Content: We process the prompts and configurations you submit to the platform.

3. How We Use Your Information

  • To provide, operate, and maintain our Service.
  • To execute AI workflows on your behalf using your provided API keys.
  • To improve, personalize, and expand our Service.
  • To understand and analyze how you use our Service.
  • To communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Service.
  • To find and prevent fraud.

4. Data Retention

Execution Logs: We retain logs of your API executions (inputs/outputs) for 30 days to allow for debugging and history viewing. After 30 days, logs may be archived or deleted.
Account Data: We retain your account information and prompts for as long as your account is active. You may request deletion of your account and all associated data at any time.

5. Data Sharing & Sub-processors

To provide our Service, we use the following third-party sub-processors. We have Data Processing Agreements (DPAs) in place with these vendors where applicable.

  • Supabase: Database hosting and authentication.
  • Vercel: Frontend hosting and edge functions.
  • Render: Backend API hosting and compute.
  • LLM Providers: (OpenAI, Anthropic, etc.) - Only when you explicitly use their models.

5. Data Security

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

6. Your Data Rights

Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete your data. You can manage your account data directly within the application or contact us for assistance.

7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@promptrail.io.