This Privacy Policy describes how ABIB Ltd. ("we," "us," or "our") collects, uses, and protects your personal data when you use Mr.Prompty. We are committed to transparency and the protection of your privacy under the EU General Data Protection Regulation (GDPR).
1. Data Controller
ABIB Ltd. is the data controller for the personal data processed through the Service.
Email: [email protected]
2. Data We Collect
We only collect data that is necessary to provide the Service:
- Account Data: Email address and authentication data (via Google Auth or similar).
- Payment Data: Handled entirely by Stripe. We do not see or store your credit card numbers; we only receive confirmation of payment and subscription status.
- Usage Data: IP address, browser type, and interaction logs with our website to ensure security and performance.
- AI Input & Output: The text, files, and prompts you provide, and the resulting AI-generated content.
- Shared Content: Any data you explicitly choose to make public via our "Content Sharing" feature.
3. How We Use Your Data
We process your data based on the following legal grounds:
- Contractual Necessity: To manage your account, process payments, and provide the AI agent services.
- Legitimate Interest: To improve our AI models (anonymized), prevent fraud, and ensure the security of our platform.
- Consent: When you explicitly choose to share content or opt-in to marketing communications.
4. Special Note: Private Browser & Credentials
Our Service allows AI agents to perform tasks within your browser environment.
Important: Mr.Prompty is designed so that we never have access to, nor do we store, the credentials (passwords, cookies, or tokens) of the third-party sites you visit via the agent. These remain local to your session or are handled by the browser environment without being transmitted to our permanent databases.
5. Data Processors (Third Parties)
We share data with the following essential providers to run the Service:
- Google Cloud Platform (GCP): For hosting our servers and storing database information. Data is stored in EU-based data centers whenever possible.
- Stripe: For secure payment processing.
- AI Model Providers: To generate responses, your prompts (anonymized where possible) are sent to our AI model infrastructure.
6. International Data Transfers
While we prioritize EU-based servers, some processing (via Google or Stripe) may involve data transfer to the United States. We ensure these transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission to ensure a high level of data protection.
7. Data Retention
- Active Data: We keep your prompts and history while your account is active.
- Deletion: If you request account deletion, we will remove your personal data and AI history within 60 days.
- Legal Exceptions: Transactional data (invoices) will be kept for 10 years as required by Bulgarian tax and accounting laws.
8. Your Rights (GDPR)
As an EU resident, you have the following rights:
- Access: Request a copy of the data we hold about you.
- Rectification: Correct inaccurate data.
- Erasure ("Right to be Forgotten"): Request that we delete your data.
- Portability: Request your data in a machine-readable format.
- Object/Restrict: Object to certain types of processing.
To exercise these rights, contact us at [email protected].
9. Cookies
We use essential cookies to keep you logged in and functional cookies to remember your preferences. We do not use third-party tracking cookies for advertising without your consent.
10. Supervisory Authority
If you believe we have violated your privacy rights, you have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP):
Commission for Personal Data ProtectionWebsite:
www.cpdp.bgAddress: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria.