Last updated: March 5, 2026
This Privacy Policy explains how Heggie Design (“we,” “us,” or “our”) collects, uses, discloses, and safeguards personal information when you use Promppp (the “Service”). By using the Service, you acknowledge this Policy.
1. Information We Collect
1.1 Information you provide
- Account and login data: name, email, login method, and encrypted password credentials (for email/password accounts).
- Profile data: username, bio, avatar, and onboarding preferences.
- Age-gating data: date of birth and NSFW preference status.
- Content: prompts, comments, votes, saves, and other information you submit.
- Chat data: chat prompts/messages, model choices, and conversation history for signed-in users.
- Uploads: prompt images, avatars, and optional bug report screenshots.
- Support submissions: bug report details, optional name/email, page URL, and user agent.
- Billing metadata: Stripe customer IDs, subscription status, and payment event metadata (we do not store full card numbers).
1.2 Information collected automatically
- Technical and device data: IP-derived network information, browser type, operating system, and request metadata.
- Usage and diagnostics: page views, feature interactions, performance/telemetry data, error logs, and abuse/rate-limit signals.
- Local storage/cookies: session-related cookies and locally stored consent/preferences (including cookie-consent choices).
- Anonymous chat counter: a short-lived cookie used to enforce anonymous usage limits.
2. How We Use Information
- Provide, maintain, and improve the Service
- Authenticate users and protect account security
- Host, display, and manage prompts/content and profiles
- Power AI chat functionality and conversation features
- Process subscriptions and payments
- Respond to support requests and bug reports
- Detect, prevent, and investigate abuse, fraud, and policy violations
- Analyze performance and usage trends
- Comply with legal obligations and enforce our Terms
3. AI Processing Disclosure
To provide AI features, we may transmit prompts, messages, and relevant conversation context to third-party model providers. This can include providers such as OpenAI, Anthropic, Google, and Z.ai, depending on model selection and availability.
We do not control how those providers process data once received and their own terms and privacy policies apply. Do not submit sensitive personal information, confidential business secrets, or regulated data through AI prompts unless you accept that risk.
4. Cookies, Consent, and Advertising
We use a consent mechanism for analytics/marketing categories where applicable. Necessary storage for core functionality may remain enabled.
- Necessary: required for core service and security.
- Preferences: stores consent and interface choices.
- Analytics: may include tools like Google Tag Manager and site analytics tools.
- Marketing/Ads: ad tooling such as Google AdSense may run when consent is granted.
5. How We Share Information
We do not sell personal information for money. We may share information with:
- Infrastructure providers (for hosting, storage, and delivery)
- Authentication and identity providers (for sign-in)
- Payment processors (e.g., Stripe)
- Email delivery providers (e.g., Resend)
- AI model providers (for chat and model responses)
- Analytics and ad technology providers (subject to applicable consent)
- Legal and compliance recipients when required by law, court order, or to protect rights, users, and platform integrity
- Business transferees in a merger, acquisition, financing, or asset sale
6. Data Retention
We retain personal information for as long as reasonably necessary for the purposes in this Policy, including to provide the Service, meet legal obligations, resolve disputes, and enforce agreements.
- Account/profile/content data is retained until deletion, subject to operational backups
- Chat conversations for signed-in users are stored until deleted or account deletion
- Anonymous chat is not stored as account conversation history, but usage limits are tracked via a short-lived cookie
- Billing and transaction records may be retained longer for tax/accounting/compliance
- Logs and security records may be retained for abuse prevention and legal defense
7. Security
We use reasonable administrative, technical, and organizational safeguards designed to protect information. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8. Your Choices and Rights
- Access, update, or delete account information via account settings where available
- Delete your account via in-app settings
- Manage cookie/consent preferences in the consent interface
- Contact us to request access, correction, deletion, or portability where legally available
- Object to or restrict certain processing where legally available
9. Regional Disclosures
Depending on your jurisdiction (including EEA/UK and certain U.S. states such as California), you may have additional privacy rights. We do not sell personal information for monetary consideration.
10. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Users must be 18+ to enable or access NSFW content.
11. International Data Transfers
We and our providers may process information in the United States and other countries that may have different data protection rules than your country. Where required, we use appropriate safeguards for cross-border transfers.
12. Policy Changes
We may update this Policy from time to time. Changes are effective when posted (or at a later date stated in the update). Continued use of the Service after updates means you accept the revised Policy.
13. Contact
- Email: mike@heggie.design
- Business: Heggie Design
- Location: Salt Lake City, Utah, United States