Flexty.AI

Privacy Policy

Last updated: December 5, 2024

Introduction

At Flexty.AI, we are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your personal information. This Privacy Policy explains our data practices and your rights regarding the information we collect when you use our AI-powered UI generation platform.

By creating an account or using our services, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly when you:

  • Create an account: Name, email address, password
  • Use authentication services: Information from GitHub, Google, or other OAuth providers
  • Generate designs: Text prompts, uploaded images, and design preferences
  • Create projects: Project names, device types, screen configurations
  • Join teams: Team memberships and collaboration data
  • Subscribe to paid plans: Billing information (processed securely by Paddle)

1.2 Automatically Collected Information

When you use Flexty.AI, we automatically collect:

  • Usage data: Features accessed, generation requests, time spent on platform
  • Device information: Browser type, operating system, IP address
  • Performance data: Error logs, diagnostic information, loading times
  • Analytics data: Session duration, page views, interaction patterns

1.3 Generated Content

We store the UI designs, code, and screens you generate using our AI platform to provide our services, enable project management, and improve our models.

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Provision

  • Create and manage your account
  • Generate UI designs based on your prompts
  • Store and retrieve your projects and screens
  • Enable team collaboration features
  • Process payments and manage subscriptions

2.2 Product Improvement

  • Analyze usage patterns to enhance user experience
  • Improve AI model quality and generation speed
  • Develop new features and capabilities
  • Fix bugs and optimize performance

2.3 Communication

  • Send transactional emails (account creation, password resets)
  • Provide customer support and respond to inquiries
  • Send service announcements and updates
  • Notify you about subscription changes or renewals

2.4 Security & Fraud Prevention

  • Detect and prevent fraudulent activity
  • Monitor for security threats and abuse
  • Enforce our Terms of Service

3. Third-Party Services

We share specific data with trusted third-party services that help us operate our platform:

  • MongoDB Atlas: Database hosting for storing user accounts, projects, and generated designs
  • Paddle.com: Payment processing and subscription management (they handle credit card information directly)
  • Anthropic Claude API: AI model provider for generating UI designs from prompts
  • Vercel: Hosting and deployment infrastructure
  • Authentication Providers: GitHub, Google for OAuth authentication

These services are contractually obligated to protect your data and use it only for providing their specific services to us.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted between your browser and our servers uses HTTPS/TLS encryption
  • Authentication: Passwords are hashed using bcrypt; we support OAuth for secure third-party login
  • Access controls: Limited employee access to user data on a need-to-know basis
  • Regular security audits: We continuously monitor and update our security practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

  • Active accounts: Data is retained while your account is active
  • Deleted accounts: Personal data is deleted within 90 days of account deletion
  • Backups: Data in backups is purged within 30 days
  • Legal requirements: Some data may be retained longer to comply with legal obligations

6. Your Rights and Choices

6.1 GDPR Rights (European Users)

If you are located in the European Economic Area, you have the following rights:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Receive your data in a machine-readable format
  • Right to object: Object to certain types of processing
  • Right to withdraw consent: Withdraw consent for data processing

6.2 CCPA Rights (California Residents)

California residents have additional rights under the CCPA:

  • Right to know: Request information about data collection and use
  • Right to delete: Request deletion of your personal information
  • Right to opt-out: Opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination: Not receive discriminatory treatment for exercising your rights

6.3 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

7. International Data Transfers

Flexty.AI is operated from and our servers are located in various regions globally. If you access our services from outside these regions, your information may be transferred to, stored, and processed in countries where our service providers operate.

We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy, including using Standard Contractual Clauses approved by the European Commission.

8. Sensitive Information Warning

Important: Do not include personally identifiable information (PII), confidential business information, or sensitive personal data in your AI prompts or generated designs.

While we take measures to protect your data, prompts may be processed by third-party AI providers. We are not responsible for information you voluntarily include in prompts or generated content.

9. Children's Privacy

Flexty.AI is not intended for users under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected] and we will delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify you via email if you have an active account
  • Display a prominent notice on our platform

Your continued use of Flexty.AI after changes are posted constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We take your privacy seriously and will respond to all legitimate requests within 30 days.