Privacy Policy

Last updated: 2026-05-12 · Operator: dataPalatable Inc. · Contact: hello@datapalatable.ai

This Privacy Policy explains what information dataPalatable ("we," "us") collects when you use the service at app.datapalatable.ai, how we use that information, who we share it with, and the choices you have. It applies to all visitors, whether logged in or not.

1. Information we collect

1.1 Account information

If you create an account, we collect your username, email address, display name, optional bio, and a password hash (we never store your plaintext password). Pro accounts also have a tier flag.

1.2 Content you create

The numbers, questions, and free-text inputs you submit to the perspective engine. Library entries you save or publish. Reference images you upload. Feedback (thumbs up/down) you give on perspectives.

1.3 Technical data

IP address (logged in audit and server logs; truncated to first hop when behind a proxy).
User-Agent string (browser + OS identifiers).
Request timestamps and response codes (for diagnostics and abuse detection).

1.4 Cookies and similar technologies

We use a single first-party session cookie (dp_session, HttpOnly, Secure, SameSite=Lax) to keep you signed in. We do not use third-party advertising cookies. We do not use analytics cookies. We do not embed third-party trackers.

2. How we use the information

To provide the service (generate perspectives, store libraries, authenticate sessions).
To process AI features you invoke (text rewriting, image generation, question-answering) — see "Subprocessors" below.
To detect abuse (rate limiting, brute-force login defense).
To debug errors and improve reliability (Sentry, internal logs).
To comply with legal obligations (audit log retention, response to lawful requests).

3. Subprocessors

We share limited information with the following service providers to operate the platform. Each is bound by their own privacy commitments.

Provider	Purpose	What is shared
Railway	Hosting	Application code, runtime data
Groq	Text generation (rewriting, classification)	Your text input + context
OpenAI	Image generation (Pro tier)	Image prompts derived from your input
Anthropic	Fallback text generation	Your input + context (only when Groq is unavailable)
Sentry	Error reporting	Stack traces + request metadata; no auto-attached PII
Better Stack	Uptime monitoring	Health-probe responses only (no user data)

4. Retention

Account data: kept until you delete your account.
Library entries: kept until you delete them or the account.
Audit log: kept for at least 12 months for security and compliance.
Server logs: rolling 7 days on the hosting provider.
Backups: encrypted snapshots retained 30 days.

5. Your rights

Depending on where you live, you may have the following rights regarding your personal data:

Access: a copy of the personal data we hold about you.
Correction: fix data that is wrong or incomplete.
Deletion: delete your account and the data tied to it.
Portability: receive your data in a machine-readable format (JSON).
Objection / restriction: ask us to stop processing your data for specific purposes.
Complaint: if you're in the EEA or UK, complain to your local data-protection authority.

To exercise any of these rights, email hello@datapalatable.ai. We respond within 30 days.

5.1 California residents (CCPA / CPRA)

We do not sell or share your personal information for cross-context behavioral advertising. California residents have additional rights under CCPA/CPRA, including the right to know, delete, correct, and opt out of sale/share. Use the same contact email above.

6. International transfers

Our servers and subprocessors are located in the United States. If you access the service from outside the US, your data will be transferred to and processed in the US. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Children

dataPalatable is not intended for users under 16. If you believe a child has provided us personal information, contact us and we will delete it.

8. Security

We use TLS for transport security, bcrypt password hashing, HttpOnly Secure session cookies, audit logging, automated dependency vulnerability scanning, and Sentry-driven error monitoring. No service is perfectly secure; we work to reduce risk continuously.

9. Changes to this policy

When we make material changes to this policy, we will update the "Last updated" date and, for significant changes, notify you by email or in-app banner before the changes take effect.

10. Contact

Questions or concerns? Email hello@datapalatable.ai.