Last updated: February 8, 2026

Privacy Policy

BuiltByMe.ai ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered web application generation platform (the "Service"). By using the Service, you consent to the data practices described in this policy.

1. Introduction

This Privacy Policy applies to all users of BuiltByMe.ai, including visitors to our website, registered account holders, and subscribers. We take your privacy seriously and are committed to transparency about the data we collect and how we use it. This policy should be read alongside our Terms of Service, which govern your use of the Service.

If you do not agree with the practices described in this Privacy Policy, please do not use the Service. By continuing to access or use BuiltByMe.ai, you acknowledge that you have read and understood this policy.

2. Information We Collect

We collect the following types of information:

Account Information

• Email address
• Full name
• Password (stored as a bcrypt hash; we never store plaintext passwords)
• Account creation date and subscription plan details

Payment Information

• Payment details are collected and processed directly by Stripe. We do not store your full credit card number, CVV, or other sensitive payment data on our servers. We may store your Stripe customer ID and subscription status for account management purposes.

Generated Content

• Prompts and messages you submit to the Service
• Generated application code and associated metadata
• Images uploaded as part of generation prompts
• Deployed application data and URLs

Usage Data

• IP address and approximate geographic location
• Browser type, operating system, and device information
• Pages visited, features used, and interaction patterns
• Credit usage and generation history
• Timestamps of account activity

3. How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Service: To generate applications based on your prompts, manage your account, deploy your applications, and deliver the core functionality of the platform.
• Processing Payments: To manage subscriptions, process credit pack purchases, and handle billing through our payment processor, Stripe.
• Improving the Platform: To analyze usage patterns, identify bugs, optimize performance, and develop new features. We may use aggregated, anonymized data for these purposes.
• Communication: To send transactional emails (e.g., account verification, password resets, payment receipts), service announcements, and, with your consent, promotional communications.
• Security and Fraud Prevention: To detect, prevent, and respond to security incidents, abuse, and fraudulent activity.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or government requests.

4. Third-Party Services

We rely on trusted third-party service providers to operate the platform. These providers may have access to your information only to perform specific tasks on our behalf and are obligated to protect your data. Our key third-party providers include:

• Stripe: Payment processing. Stripe handles all credit card transactions and stores sensitive payment information. See Stripe's privacy policy at stripe.com/privacy.
• Supabase: Database hosting and authentication infrastructure for user account data and application metadata.
• MongoDB: Database storage for application data, generation history, and platform content.
• SendGrid: Transactional email delivery for account notifications, password resets, and service communications.
• Anthropic and Google: AI model providers used to power code generation. Prompts and contextual data may be sent to these providers to generate application code. Please review their respective privacy policies for details on how they handle data.
• Amazon Web Services (AWS) S3: Secure cloud storage for user-uploaded images and static assets.
• Netlify: Deployment and hosting of generated web applications.

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies independently.

5. Data Storage and Security

We take the security of your data seriously and implement industry-standard measures to protect it. These measures include:

• Encryption at rest: Data stored in our databases is encrypted at rest using the encryption capabilities provided by our database hosting providers.
• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).
• Password hashing: User passwords are hashed using bcrypt with a secure salt before storage. We never store or have access to your plaintext password.
• JWT authentication: User sessions are managed using JSON Web Tokens (JWT) to securely authenticate requests.

While we implement robust security measures, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security vulnerabilities or breaches that may occur.

6. Cookies and Tracking

BuiltByMe.ai uses the following tracking and storage mechanisms:

• JWT in localStorage: We store authentication tokens in your browser's localStorage to maintain your logged-in session. This token contains no sensitive personal data beyond your user identifier and expiration time.
• PostHog Analytics: We use PostHog, a product analytics platform, to collect anonymized usage data such as page views, feature interactions, and session durations. This data helps us understand how users interact with the platform and identify areas for improvement. PostHog may set cookies or use other tracking technologies in accordance with its own privacy policy.

We do not use third-party advertising cookies or sell your data to advertisers. You may manage cookie preferences through your browser settings, though disabling certain storage mechanisms may affect the functionality of the Service.

7. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information. These rights may include:

• Right to Access: You may request a copy of the personal data we hold about you.
• Right to Deletion: You may request that we delete your account and associated personal data. Upon account deletion, we will remove your personal information from our active systems, subject to any legal retention requirements.
• Right to Export: You may request an export of your data, including your generated applications and account information, in a commonly used format.
• Right to Correction: You may request correction of inaccurate or incomplete personal data.
• Right to Object: You may object to certain processing of your data, such as for marketing purposes.

To exercise any of these rights, please contact us at support@builtbyme.ai. We will respond to your request within 30 days, or as required by applicable law.

8. Children's Privacy

BuiltByMe.ai is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will take immediate steps to delete that information from our systems.

If you are a parent or guardian and believe your child under 13 has provided personal information to us, please contact us at support@builtbyme.ai so we can take appropriate action.

9. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page. We may also notify you via email or through a prominent notice on the Service for significant changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after any changes to this policy constitutes your acceptance of the updated terms.

10. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

support@builtbyme.ai