Privacy Policy
Effective date: February 27, 2026
1. Information We Collect
When you use PromptShield, we may collect account information (such as your email), project data, API key metadata (not plaintext keys), usage metrics (such as call counts), audit logs (such as request ID, endpoint, risk labels, and risk score), and configuration data submitted in the dashboard.
2. How We Use Information
We use this information to provide and improve the service, including authentication, project and key management, policy execution, audit views, billing and credits calculations, security monitoring, troubleshooting, and support.
3. Third-Party Services
We use Supabase for authentication and database services, Creem for hosted checkout and subscription payments, and email providers for verification emails. These providers process required data under their own privacy policies.
4. Data Retention
Audit logs are retained for visibility based on plan level: Basic is typically 30 days, and Pro is typically 90 days. Data beyond the retention window is not visible in the dashboard.
5. Data Security
We apply reasonable technical and organizational safeguards, including access control, authentication, and audit logging. No system can be guaranteed 100% secure.
6. Your Rights
You can manage data from your account and project settings, or contact support to request export or deletion of account-related information, subject to applicable law.
7. Contact
For privacy questions, contact: support@promptshield.space