Privacy Policy
Effective Date: January 1, 2025
Last Updated: January 1, 2025
We will notify users of any material changes to this policy via email or through a prominent notice on our website.
This Privacy Policy describes how Shamprompt ("we," "us," or "our") collects, uses, and shares your personal information when you use our platform for creating, buying, and selling AI prompts.
1. Information We Collect
Personal Identifiers:
Name, email address, username, profile information, and contact details you provide when creating an account or profile.
Automatically Collected Data:
IP address, device information (browser type, operating system), usage patterns, pages visited, time spent on site, and interaction data.
Cookies and Tracking Technologies:
Essential cookies for authentication, analytics cookies for site improvement, and marketing cookies for personalized content.
Uploaded Content and Metadata:
Prompts you create, images, videos, descriptions, tags, and associated metadata that you upload to our platform.
Payment Information:
Payment method details processed securely through third-party providers (Stripe, PayPal). We do not store full payment card information.
2. How We Use Your Information
Lawful Bases for Processing (GDPR):
We process your personal data based on the following lawful bases: consent (for marketing communications), performance of a contract (for service delivery), legal obligation (for compliance), and legitimate interests (for security and fraud prevention).
Automated Processing:
We use automated systems for content moderation, fraud detection, and service optimization. You have the right to object to automated processing that significantly affects you, and to request human review of automated decisions.
Service Delivery and Account Management:
To provide, maintain, and improve our platform services, manage your account, and process transactions.
Product Functionality and Improvement:
To analyze usage patterns, develop new features, and enhance user experience based on platform interactions.
Marketing and Communications:
To send you updates about new features, promotions, and relevant content (with your explicit consent where required).
Legal Obligations and Fraud Prevention:
To comply with legal requirements, prevent fraud, investigate violations, and protect our rights and safety.
3. How We Share Your Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
Service Providers:
Trusted third-party providers who assist us in operating our platform, including hosting (Vercel), analytics (Google Analytics), payment processing (Stripe), and customer support services. These providers act as data processors and are bound by data processing agreements and confidentiality obligations.
Legal Requirements:
When required by law, court order, or government request, or to protect our rights, property, or safety.
Business Transfers:
In connection with a merger, acquisition, or sale of assets, where user information may be transferred as part of the business transaction.
4. Cookies and Tracking Technologies
Essential Cookies:
Required for basic site functionality, authentication, and security. These cannot be disabled.
Analytics Cookies:
Help us understand how visitors interact with our site to improve performance and user experience.
Marketing Cookies:
Used to deliver relevant advertisements and track marketing campaign effectiveness. These cookies and promotional emails are only enabled with your explicit consent, given via our cookie banner or account preferences.
Cookie Management:
You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling certain cookies may affect site functionality.
5. Your Rights
Access and Correction:
You can access, review, and update your personal information through your account settings or by contacting us.
Data Deletion:
You can request deletion of your personal information, subject to legal and business requirements.
Data Portability:
You can request a copy of your personal data in a structured, machine-readable format.
Objection to Processing:
You can object to certain types of processing, such as direct marketing or automated decision-making.
6. Data Retention and Transfers
Retention Period:
We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce agreements. Account data is typically retained for 3 years after account deletion.
International Transfers:
Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs), adequacy decisions, and use of secure cloud infrastructure with data processing agreements.
7. Data Security
Security Measures:
We implement industry-standard security measures including SSL encryption, firewalls, access controls, regular security audits, and employee training to protect your personal information.
8. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities within 72 hours of becoming aware of the breach, in accordance with applicable law.
9. Children's Privacy
Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.
10. Legal Compliance
GDPR Compliance:
For EU users, we comply with the General Data Protection Regulation (GDPR). You have additional rights including the right to lodge a complaint with your local data protection authority.
CCPA Compliance:
For California residents, we comply with the California Consumer Privacy Act (CCPA) and provide specific rights regarding the collection and use of personal information.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.