Legal

Privacy Policy

Last updated: 1/29/2026

Return home

This privacy policy explains how the SaaS platform handles user data when you interact with the application. It reflects the integrations included in the starter kit (Supabase Auth, OpenAI, Replicate, LemonSqueezy, Mixpanel, and AWS infrastructure). You should tailor this document to match your actual vendors and compliance requirements before going live.

1. Information We Collect

  • Profile data provided during account registration, including name, email address, and company details.
  • Authentication details handled by Supabase (passwords and OAuth tokens are managed by Supabase and are never stored in this application).
  • Usage analytics such as page views and feature interactions when cookie consent is granted.
  • Billing and subscription metadata provided by the payment processor when a purchase is completed.

2. How We Use Information

  • Provide and maintain core SaaS functionality, including authentication, dashboards, and AI-powered features.
  • Manage billing, credits, and subscription status to deliver the correct plan entitlements.
  • Monitor service reliability, diagnose issues, and protect against fraudulent or abusive activity.
  • Improve the product experience through aggregated analytics when consent is granted.

3. Data Sharing

  • Identity and profile data necessary for authentication flows are processed by Supabase.
  • Payment details and subscription state are handled by the configured payment provider (for example, LemonSqueezy).
  • AI prompts and generated content are relayed to external AI vendors (such as OpenAI or Replicate) only when you initiate a request.
  • Analytics events are sent to Mixpanel only after the user grants cookie consent.

4. Cookies & Tracking

  • Essential cookies are required to maintain secure sessions.
  • Optional analytics and marketing cookies are disabled by default and can be managed at any time using the in-app cookie banner.
  • If you decline analytics cookies, Mixpanel tracking is disabled immediately.

5. Data Retention

  • Account data is retained while an account remains active.
  • Subscription and billing records are stored to satisfy legal and accounting obligations.
  • Aggregated analytics data may be retained for trend analysis but does not include personal identifiers.

6. Your Rights

  • You can update profile information from your dashboard or by contacting support.
  • You may request account deletion or export of your data by emailing support@example.com.
  • You can change cookie consent preferences at any time using the cookie banner link.

7. Contact

  • For privacy inquiries, reach us at support@example.com.

Note: This template is provided for demonstration purposes. It does not constitute legal advice. Consult a qualified professional to ensure your privacy policy satisfies regional regulations (GDPR, CCPA, etc.) and accurately represents your product.