Privacy Policy - genui.sh

At genui.sh, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API service for creating shareable UI artifacts.

1. Information We Collect

Account Information

When you create an account, we collect your email address for authentication purposes. We use magic link authentication, which means we do not store passwords.

Usage Data

We automatically collect information about how you interact with our Service, including:

API request logs and timestamps
Artifact creation and view counts
IP addresses and device information
Browser type and operating system

Payment Information

Payment processing is handled entirely by Stripe. We do not store your credit card numbers or banking information on our servers. We only retain your Stripe customer ID to manage your subscription.

Content Data

We store the artifacts you create through our Service, including markdown content, chart data, tables, and PDF configurations. This data is necessary to provide the core functionality of our Service.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our Service
Process your transactions and manage your subscription
Send you technical notices and support messages
Respond to your comments and questions
Monitor and analyze usage patterns to improve user experience
Detect, prevent, and address technical issues or fraud
Enforce our Terms of Service and rate limits

3. Data Storage & Security

Your data is stored securely using industry-standard practices:

Database: We use Neon (PostgreSQL) for primary data storage with encryption at rest
Caching: Upstash (Redis) is used for rate limiting and performance optimization
Hosting: Our application is hosted on Vercel with enterprise-grade security
API Keys: All API keys are hashed using SHA-256 before storage

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

4. Third-Party Services

We use the following third-party services to operate our platform:

Stripe: Payment processing and subscription management
Vercel: Application hosting and edge network
Neon: PostgreSQL database hosting
Upstash: Redis caching and rate limiting
Resend: Transactional email delivery

Each of these services has their own privacy policies governing their use of your data. We encourage you to review their policies.

5. Data Retention

We retain your account information for as long as your account is active. Artifacts may have configurable expiration times set by you. Upon account deletion, we will remove your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes. Aggregated, anonymized data may be retained indefinitely for analytics purposes.

6. Your Rights

You have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate personal data
Deletion: Request deletion of your account and associated data
Export: Request a portable copy of your data
Objection: Object to certain processing of your data

To exercise any of these rights, please contact us at hello@genui.sh.

7. Cookies

We use essential cookies to maintain your session and authentication state. These cookies are strictly necessary for the operation of our Service. We do not use advertising or tracking cookies. Our session cookies are httpOnly and secure, with a 30-day expiration period.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

9. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us at hello@genui.sh.