Prompt Eden Logo

Privacy Policy

Last updated: February 24, 2026

This Privacy Policy explains how Prompt Eden ("Prompt Eden," "we," "our," or "us") collects, uses, and protects personal information when you use our website, applications, and AI search monitoring services (collectively, the "Services").

1. Scope

This Privacy Policy applies to information processed by Prompt Eden when you:

  • Create or use a Prompt Eden account.
  • Visit prompteden.com or app.prompteden.com.
  • Interact with our support, sales, or product teams.
  • Receive communications from us (including email and product updates).

2. Information We Collect

2.1 Information You Provide

  • Account information, such as name, email address, company name, and account credentials.
  • Workspace and campaign information, such as monitored domains, brand terms, competitor names, custom prompts, report preferences, and notification settings.
  • Communications, including support tickets, demo requests, feedback, and messages sent to us.

2.2 Billing and Transaction Information

We use Stripe to process subscription payments. We receive billing metadata from Stripe (for example, plan, billing status, transaction timestamps, and partial payment identifiers), but we do not store full payment card numbers.

2.3 Usage and Device Information

  • Log and analytics data, such as IP address, browser type, pages viewed, feature usage, error logs, and timestamps.
  • Device and connection data, such as operating system, approximate location derived from IP, and referral source.
  • Session and authentication data needed to keep you signed in and secure your account.

2.4 AI Monitoring Results and Related Data

Our Services analyze and store AI search visibility outputs, including snapshots of responses from third-party AI systems (for example, ChatGPT, Gemini, Perplexity, and similar providers), citation sources, and ranking/visibility metrics. These outputs may contain public information about brands and websites that you choose to monitor.

3. How We Use Information

We use personal information to:

  • Provide, operate, maintain, and improve the Services.
  • Authenticate users, secure accounts, and prevent fraud or abuse.
  • Process subscriptions, billing, invoices, and plan changes.
  • Generate analytics, reporting, and AI search monitoring insights.
  • Respond to support requests and communicate service updates.
  • Comply with legal obligations and enforce our Terms of Service.

4. Legal Bases for Processing (GDPR)

If you are in the EEA, UK, or Switzerland, we process personal data under one or more of these legal bases:

  • Performance of a contract (for example, to deliver paid features).
  • Legitimate interests (for example, product improvement, security, and fraud prevention).
  • Compliance with legal obligations.
  • Consent, where required (for example, for optional marketing communications or non-essential cookies in certain jurisdictions).

5. How We Share Information

We do not sell personal information. We share data only as described below:

  • Service providers that support our operations, billing, infrastructure, analytics, and security.
  • AI model providers and data partners to retrieve and process AI search results requested by you.
  • Legal authorities when required by law, subpoena, or other lawful process.
  • Corporate transactions, such as merger, financing, acquisition, or asset transfer, subject to standard confidentiality safeguards.

6. Key Third-Party Services

  • Stripe: subscription billing and payment processing.
  • Supabase: authentication, database, and backend data services.
  • Vercel: hosting and delivery infrastructure.
  • Sentry: application monitoring, diagnostics, and error tracking.
  • AI providers: generation and retrieval of AI search responses and related outputs.

7. Cookies and Similar Technologies

We use cookies and similar technologies for essential site operations, performance measurement, and product analytics. Please see our Cookie Policy at /legal/cookies for details on cookie categories, purposes, and controls.

8. Data Retention

We retain personal information for as long as necessary to provide the Services and fulfill legal, accounting, and security obligations.

  • Account and billing records are retained while your account is active and for a reasonable period afterward.
  • Monitoring data and reports are retained according to your plan settings and workspace configuration.
  • Backup and security logs are retained for limited periods consistent with operational and compliance needs.

We may anonymize or aggregate data so it no longer identifies an individual.

9. Security

We use technical and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and monitoring practices. No system is completely secure, and we cannot guarantee absolute security.

10. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to processing of personal data.

  • Access and correction: request a copy of your data or correct inaccurate data.
  • Deletion: request deletion of your personal data, subject to legal exceptions.
  • Portability/export: request export of your account data in a structured format.
  • Marketing opt-out: unsubscribe from promotional emails at any time.

To exercise rights, contact [email protected].

11. California Privacy Rights (CCPA/CPRA)

California residents may have rights to know, access, delete, and correct personal information and to opt out of certain uses of personal information. Prompt Eden does not sell personal information or share personal information for cross-context behavioral advertising.

We will not discriminate against you for exercising privacy rights.

12. International Transfers

We may process information in countries other than where you reside. When required, we use appropriate safeguards for international transfers, such as contractual protections.

13. Children's Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided personal data, contact us and we will take appropriate steps.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and provide additional notice where required.

15. Contact Us

For privacy questions, rights requests, or data protection inquiries, contact: