AISO Studio← Back to Home

Privacy Policy

Last updated: [DATE]

DRAFT - This document is under legal review and will be finalized before public launch.

1. Introduction

AISO Studio ("we", "our", "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Account Information

  • Email address
  • Name
  • Authentication data (managed by Clerk)

2.2 Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. We receive: last 4 digits, card type, billing address, subscription status.

2.3 Content Data

KEY CONCERN - CONTENT STORAGE

We store:

  • URLs submitted for audit
  • Content scraped from those URLs
  • Audit results and scores
  • AI-generated/improved content
  • Content strategies and topics
  • Lead discovery data

Need to clarify: retention periods, deletion rights, what happens on account closure.

2.4 Usage Data

  • Pages visited
  • Features used
  • Time spent on Service
  • Browser/device information

3. How We Use Your Information

  • To provide and maintain the Service
  • To process your subscription and payments
  • To send service-related communications
  • To improve the Service
  • To respond to support requests
  • To detect and prevent fraud or abuse

4. Third-Party Services

We share data with the following services:

ServicePurposeData Shared
ClerkAuthenticationEmail, name, auth tokens
StripePaymentsPayment info, billing address
Anthropic (Claude)AI ProcessingContent submitted for audit/generation
NeonDatabaseAll stored data
VercelHostingRequest logs, IP addresses

CONCERN - ANTHROPIC DATA

Content is sent to Anthropic's Claude API for processing. Need to review Anthropic's data retention and training policies. As of current knowledge, Anthropic does not use API inputs for training, but this should be verified and disclosed.

5. Data Retention

[NEED TO ADDRESS:]

  • How long we keep audit history
  • How long we keep generated content
  • Tier-based retention (Agency = unlimited, others = limited)
  • Data deletion upon account closure

6. Data Security

We implement security measures including:

  • SSL/TLS encryption for data in transit
  • Encrypted database connections
  • Secure authentication via Clerk
  • Access controls for employee access

However, no method of transmission or storage is 100% secure.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of marketing communications

CONCERN - GDPR/CCPA

If serving EU users (GDPR) or California users (CCPA), additional disclosures and rights may be required. Current target market is US marketing agencies.

8. Cookies

[NEED TO ADDRESS: What cookies we use, Clerk cookies, analytics cookies if any]

9. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this Privacy Policy. We will notify you of changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

Questions about this Privacy Policy? Contact us at [EMAIL].

Notes for Legal Review

  • Business type: B2B SaaS for marketing agencies
  • Primary market: United States
  • Key data concern: We process/store content from URLs users submit (may be third-party content)
  • AI processing: Content sent to Anthropic Claude API
  • Payment: Stripe handles all payment data
  • Auth: Clerk handles authentication
  • Database: Neon PostgreSQL (hosted)
  • Hosting: Vercel
  • No analytics currently: May add in future