1. Who we are
AutoBricks AI ("we", "us", "our") operates the platform at autobricksai.com. This policy explains how we handle your personal data when you use our website, platform, and services.
2. What we collect
- Account data — name, email address, and avatar (from Google Sign-In or email signup). Stored in our database to identify your account.
- Usage data — chat messages, Creator Hub workflows, API calls. Stored to provide the service and calculate credit usage.
- Payment data — processed entirely by Stripe. We never see or store your card number, CVC, or expiry. We receive a Stripe Customer ID and transaction metadata (amount, timestamp).
- Contact form submissions — name, email, company, phone, and message text submitted through our contact form.
- Technical data — IP address, browser type, and timestamps in server access logs. Retained for security and debugging.
3. How we use your data
- To provide, maintain, and improve the platform
- To authenticate you and secure your account
- To process payments and track credit usage
- To respond to support and sales enquiries
- To send transactional emails (account confirmation, receipts)
We do not sell your personal data. We do not use your data for advertising. We do not share your data with third parties for their own marketing purposes.
4. Third-party services
We use trusted third-party providers for infrastructure, payments, and AI model inference. We only share the minimum data required for each service to function. When you use the Chat feature, your messages are sent to the AI model provider you select (e.g. Anthropic, OpenAI, Google) — each has its own privacy policy governing how they handle data.
5. AI model usage
Do not send sensitive personal data (passwords, financial details, health records) in chat messages. We do not control how AI model providers handle data beyond their published policies.
6. Data retention
- Account data — retained while your account is active. Delete your account by contacting us.
- Chat messages — retained until you delete the conversation. Deleted conversations are permanently removed.
- Credit ledger — retained permanently for billing audit purposes.
- Server logs — retained for 90 days, then deleted.
7. Your rights
You can:
- Access your data via the Settings page
- Delete your chat conversations at any time
- Request a full data export or account deletion by emailing [email protected]
8. Security
We use HTTPS everywhere, encrypt data at rest, and follow security best practices. Session tokens are HttpOnly cookies. Payment data is handled by a PCI DSS Level 1 certified processor — no card data touches our servers.
9. Cookies
We use a single session cookie to keep you signed in. No tracking cookies, no analytics cookies, no third-party cookies.
10. Changes
We may update this policy. Material changes will be communicated via email or a notice on the platform. Continued use after changes constitutes acceptance.
11. Contact
Questions about this policy? Email [email protected].
