prmpi

Proompi Privacy Policy

Effective Date: January 8, 2026 | Last Updated: January 8, 2026

At Proompi, we transform your ideas into expert AI prompts while maintaining the highest standards of privacy protection. This Privacy Policy explains how we collect, use, protect, and share your information in compliance with global privacy regulations including GDPR and CCPA.

Personal Data

What we collect and why

Your Rights

Access, correct, delete your data

Data Security

How we protect your information

Contact Us

Reach our privacy team

1. Information We Collect

We collect information to provide our AI prompt enhancement services effectively while maintaining transparency about our data practices.

Personal Identifiers

Email addresses, usernames, and account information necessary for service delivery and account management.

GDPR Article 13

Prompt Content

Text inputs, generated prompts, and improvement suggestions to enhance our AI models and provide personalized experiences.

Business Data

Usage Analytics

Session data, feature interactions, and performance metrics to optimize user experience and platform functionality.

Legitimate Interest

Technical Information

IP addresses, browser data, device information, and cookies for security, analytics, and service optimization.

CCPA Categories

2. How We Use Your Information

GDPR emphasizes data transparency and requires clear information regarding data practices. We process your data based on:

PurposeLegal Basis (GDPR)CCPA Category
Service Delivery - Prompt enhancement, account managementContract PerformanceCommercial Information
AI Model Improvement - Training and optimizationLegitimate InterestInferences
Security & Fraud Prevention - Platform protectionLegitimate InterestIdentifiers
Analytics & Optimization - Performance analysisLegitimate InterestInternet Activity

AI Processing Transparency: CCPA 2025 includes identifiers, commercial information, internet activity, and inferences drawn from personal data, with sensitive personal information requiring separate disclosure.

3. Your Privacy Rights

Global Privacy Rights Protection

A

Access Your Data

Enhanced right-to-know provisions extend data access windows, allowing consumers to request historical data back to January 2022

C

Correct Inaccuracies

Request corrections to personal information we maintain about you

D

Delete Your Data

Request businesses delete personal information they collected from you, with some exceptions if legally required to keep the information

O

Opt-Out Rights

Businesses must implement means for consumers to confirm opt-out status, including displaying that Global Privacy Control signals are being honored

P

Data Portability

Receive your data in a structured, machine-readable format for transfer

Exercise Your Rights: Businesses must confirm receipt within 10 business days and respond within 45 calendar days (extendable to 90 days). Email us at hi@proompi.com or use our data request portal.

4. Data Retention & Security

Retention Periods

Account Data

Retained while account is active plus 3 years for legal compliance

Prompt Content

2 years for AI model training and service improvement

Analytics Data

26 months for performance optimization and insights

Security Logs

1 year for fraud prevention and system security

GDPR requires organizations to notify authorities within 72 hours of a data breach and maintain comprehensive incident response plans.

Security Measures

Encryption

AES-256 encryption for data at rest and TLS 1.3 for data in transit

Access Controls

Role-based permissions with multi-factor authentication

Infrastructure

SOC 2 Type II certified cloud providers with EU data centers

Monitoring

24/7 security monitoring with automated threat detection

5. Cookies & Tracking Technologies

Cookies that collect personal data are subject to GDPR and require explicit consent with clear information about purposes and opt-in/out options.

Cookie TypePurposeDurationLegal Basis
EssentialAuthentication, security, basic functionalitySessionNecessity
AnalyticsUsage patterns, performance optimization24 monthsConsent
PreferencesUser settings, language, customization12 monthsConsent

Cookie Management: You can manage cookie preferences through your browser settings or our cookie preference center. Essential cookies cannot be disabled as they're necessary for service functionality.

6. Third-Party Services & Data Sharing

Updated CCPA regulations require disclosure of personal information categories disclosed to service providers and contractors in the preceding 12 months.

Service Providers

Cloud Infrastructure

AWS (EU regions) - Hosting and data processing

AI Services

Anthropic & OpenAI (USA) - AI prompt enhancement and image generation (with SCC)

Analytics

Privacy-focused analytics tools - Usage insights

Payment Processing

Stripe - Subscription and payment handling

International Data Transfers: GDPR imposes strict requirements for international transfers, requiring Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs). We ensure adequate protection through EU Standard Contractual Clauses for non-EU transfers, adequacy decisions where available, and additional safeguards including encryption and access controls.

No Data Sales: We do not sell personal information to third parties. We may share data with service providers under strict contractual obligations for business purposes only.

7. Children's Privacy

CCPA 2025 revisions include personal information of consumers under age 16 as sensitive personal information. Our services are not directed to individuals under 16 years of age.

  • •We do not knowingly collect information from users under 16
  • •If we discover collection from a minor, we delete the information immediately
  • •Parents can contact us to request deletion of their child's data
  • •Enhanced protections apply to any data from users under 18

8. AI Image Processing

When you use the image generation feature:

  • •Your prompts are sent to OpenAI to generate images
  • •Generated images are stored in Google Cloud Storage
  • •Images are automatically deleted after 24 hours (FREE users)
  • •Premium users: 14 days storage
  • •Business users: 40 days storage
  • •You can download generated images at any time

9. Updates to This Privacy Policy

CCPA revisions take effect with new obligations for automated decision-making technology, cybersecurity audits, and risk assessments.

  • •We reserve the right to update this Privacy Policy at any time
  • •Users will be notified of material changes with 30 days advance notice
  • •Continued use after changes take effect constitutes acceptance
  • •Previous versions are available upon request

10. Contact Information

For questions about data processing or to exercise your rights:

Email:hi@proompi.com
Data Protection:hi@proompi.com
Support:hi@proompi.com

Mailing Address:

ENGIT Sp. z o.o.

ul. Stefana Jaracza 39

33-100 Tarnow, Poland

KRS: 0001109234

NIP: 8733296963

REGON: 528839231

Supervisory Authority: You have the right to lodge a complaint with UODO (Polish Data Protection Authority) or your local supervisory authority.

Last Updated: January 8, 2026 | Version 2.1