Legal
Privacy Policy
Last updated: June 10, 2026
This Privacy Policy explains how DeviseAi collects, uses, and protects information when you use the product planning, collaboration, billing, AI generation, and export features in the application.
Information we collect
We collect the account information you provide, including your email address and authentication details managed through Supabase.
We store project information you enter into DeviseAi, including app ideas, target users, constraints, generated blueprints, execution tasks, architecture notes, launch checklists, investor-readiness materials, and collaboration records.
When you use paid features, Stripe processes payment information. DeviseAi stores billing identifiers and subscription status, but does not store full card numbers.
If you invite teammates, we store invite recipient emails, invite status, role selection, and related project collaboration data.
How we use information
We use your information to provide authentication, save your workspace, generate AI-assisted product planning outputs, manage premium access, send invite or account emails, and improve product reliability.
Project content may be sent to AI providers to generate blueprints, task plans, architecture guidance, launch checklists, and investor-readiness outputs.
We may use aggregated, non-identifying product usage patterns to improve onboarding, reliability, and feature quality.
Third-party services
DeviseAi uses Supabase for authentication and database storage, OpenAI for AI generation, Stripe for checkout and subscriptions, Vercel or similar hosting providers for deployment, and Resend for optional transactional emails.
These providers process information as needed to operate the service. Their use of information is governed by their own policies and service terms.
Data sharing
We do not sell your personal information.
We share information only with service providers required to operate DeviseAi, comply with legal obligations, protect the service, or complete actions you request, such as sending a team invite.
Security and retention
We use server-side API keys for sensitive integrations and do not intentionally expose secret keys in client-side code.
We retain account, project, and billing-status data while your account is active or as needed for legal, operational, and security purposes.
No online service can guarantee absolute security. You are responsible for protecting your login credentials and reviewing generated outputs before relying on them.
Your choices
You can request deletion of your account or project data by contacting support.
You can manage paid subscription status through the Stripe billing portal when available in your account settings.
You can choose not to configure optional team invite email delivery. Invite links may still be generated inside the app depending on your plan and configuration.
Contact
For privacy requests, account deletion, or data questions, contact the DeviseAi support address listed on the production website.