Legal

Privacy Policy

Last updated: June 10, 2026

This Privacy Policy explains how DeviseAi collects, uses, and protects information when you use the product planning, collaboration, billing, AI generation, and export features in the application.

Information we collect

We collect the account information you provide, including your email address and authentication details managed through Supabase.

We store project information you enter into DeviseAi, including app ideas, target users, constraints, generated blueprints, execution tasks, architecture notes, launch checklists, investor-readiness materials, and collaboration records.

When you use paid features, Stripe processes payment information. DeviseAi stores billing identifiers and subscription status, but does not store full card numbers.

If you invite teammates, we store invite recipient emails, invite status, role selection, and related project collaboration data.

How we use information

We use your information to provide authentication, save your workspace, generate AI-assisted product planning outputs, manage premium access, send invite or account emails, and improve product reliability.

Project content may be sent to AI providers to generate blueprints, task plans, architecture guidance, launch checklists, and investor-readiness outputs.

We may use aggregated, non-identifying product usage patterns to improve onboarding, reliability, and feature quality.

Third-party services

DeviseAi uses Supabase for authentication and database storage, OpenAI for AI generation, Stripe for checkout and subscriptions, Vercel or similar hosting providers for deployment, and Resend for optional transactional emails.

These providers process information as needed to operate the service. Their use of information is governed by their own policies and service terms.

Data sharing

We do not sell your personal information.

We share information only with service providers required to operate DeviseAi, comply with legal obligations, protect the service, or complete actions you request, such as sending a team invite.

Security and retention

We use server-side API keys for sensitive integrations and do not intentionally expose secret keys in client-side code.

We retain account, project, and billing-status data while your account is active or as needed for legal, operational, and security purposes.

No online service can guarantee absolute security. You are responsible for protecting your login credentials and reviewing generated outputs before relying on them.

Your choices

You can request deletion of your account or project data by contacting support.

You can manage paid subscription status through the Stripe billing portal when available in your account settings.

You can choose not to configure optional team invite email delivery. Invite links may still be generated inside the app depending on your plan and configuration.

Contact

For privacy requests, account deletion, or data questions, contact the DeviseAi support address listed on the production website.