Privacy Policy

At GetPromptLib, we value your privacy and are committed to protecting your personal information. Our goal is to be transparent about how we collect, use, and safeguard your data in accordance with applicable laws and regulations. This Privacy Policy applies to our website https://getpromptlib.com/ and any other sites or applications that we own and operate.

When we say "personal information," we mean any details that can be used to identify you. This includes your name, contact details, payment information, device details, and even how you interact with our website or services.

Sometimes, our websites or applications may include links to third-party sites or services. Keep in mind that those sites have their own privacy policies, which may be different from ours. If you click on an external link, we encourage you to review their privacy policy to understand how they handle your personal information. Our Privacy Policy only covers what happens on our sites and applications.

Information Collection

To provide you with better experiences, we may collect two types of information:

• Information Collected Automatically: Some data is gathered automatically when you use our website, applications, or services.
• Information You Provide: This includes any details or personal information you actively share with us.

Information We Collect Automatically

As you navigate through and interact with our websites, applications, or click on an email from us, we may use cookies, web beacons, and other automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• Your device's IP address
• Browser type and version
• Pages you visit and how long you spend on them
• The date and time of your visit
• Any errors you encounter and related technical details
• Identifying when you return to our website
• Your preferences and settings

The technologies we use for this automatic data collection may include cookies, local storage, session storage, log files, web beacons, and embedded scripts. For more information on how we use cookies, please refer to our Cookie Policy.

Device Data

When you use our website or services, we may also automatically collect certain additional details about the device you're using, including device type, device settings, operating system, geo location, and unique device identifiers.

Personal Information You Provide to Us

We may collect personal information that you voluntarily provide to us, such as when you create an account, subscribe to our newsletter, fill out a form, or contact our support team. This information may include:

• Name
• Email
• Phone or mobile number
• Date of birth
• Home or mailing address
• Social profiles
• Commercial information (purchase history, transaction records)
• Employment data (job applications, professional information)

We only ask for the information necessary to provide our services, and we'll always let you know why we need it.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information, for the following purposes:

• Website functionality & user experiences
• Email & contacting users
• Record keeping & administration
• Compliance & dispute resolution
• Security & fraud prevention
• Order & delivery fulfillment
• Payment processing
• Login & account management
• Analytics & market research
• Advertising & marketing
• Competitions, sweepstakes, or giveaways
• Product development
• Recruiting
• Other purposes with your consent

We may combine the personal information you provide with data we collect automatically or receive from trusted sources to personalise your experience and make our services more relevant to you.

Our Legitimate Reasons for Processing Your Personal Information

We only collect and use your personal information when we have a legitimate reason to do so. This means we only gather the data necessary to provide you with our services, improve our offerings, or meet legal and regulatory obligations. We never collect more information than we need for these purposes.

Data Storage and Security

Keeping Your Personal Information Secure

We take your privacy seriously and use industry-standard security measures to protect your personal information from loss, theft, unauthorized access, disclosure, copying, misuse, or modification.

While we do our best to keep your data secure, it's important to understand that no online system or method of data storage is completely foolproof. We cannot guarantee absolute security, but we continuously work to safeguard your information.

You also play a role in keeping your information secure. If you create a password for our services, make sure it's strong and keep it private. Additionally, be mindful of what personal details you choose to share publicly through our platform.

How Long We Keep Your Personal Information

We only keep your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy. In some cases, we may need to keep your information for longer periods of time, including for legal, accounting, or regulatory reasons, or for public interest, research, or statistical purposes. When this happens, we ensure that appropriate safeguards are in place.

International Data Transfers

The information we collect is stored and/or processed in United States, Indonesia, Singapore, and the European Union or where we or our partners, our affiliates, or our service providers operate. As a result, your personal information may be transferred to, stored, and/or processed in a country other than your own, including countries that may not have laws providing specific protection for personal data.

By providing us with your personal information, you agree to this transfer, storing, or processing. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. These measures may include using data transfer agreements, standard contractual clauses, binding corporate rules, or other approved mechanisms.

Disclosure of Your Information

We may share your information with the following parties when necessary:

• Companies within our corporate group, including parent companies, subsidiaries, or affiliates
• Trusted third-party service providers who help us operate our business, such as IT services, data storage, web hosting, email service providers, ad networks, analytics providers, error loggers, debt collection agencies, technical support, marketing partners, professional advisors, and payment processors
• Our employees, contractors, and related entities who need access to perform their work
• Business partners, agents, and affiliates who help us deliver services or collaborate on projects
• Legal and regulatory authorities, including law enforcement, courts, or government agencies, when required by law or for legal proceedings
• A potential buyer or successor in the event of a business sale, merger, or transfer of assets
• Other third parties with your consent or as directed by you

We only share your information when necessary and always in accordance with privacy laws. Aggregated or anonymized data that does not personally identify you may be shared with third parties for analysis, marketing, or other purposes.

User Rights

We respect your rights when it comes to your personal information. Here's how you can manage and control your data:

Your Choice

By providing us with personal information, you agree that we can collect, store, use, and share it as outlined in this Privacy Policy. While sharing your information is optional, some features of our website or services may not work properly without it.

Information from Third Parties

If we receive your personal information from a third party, we will protect it as described in this Privacy Policy. If you are sharing someone else's personal information with us, you confirm that you have their permission to do so.

Marketing Preferences

If you have previously agreed to receive marketing communications from us, you can change your mind anytime. Simply contact us using the details below to update your preferences.

Your Right to Equal Treatment

We will never discriminate against you for exercising your privacy rights. Unless certain information is necessary to provide a service, we won't deny you access to goods or services, charge different prices, or offer different levels of service based on your privacy choices.

Accessing, Updating, or Deleting Your Information

Depending upon your location, you may have additional rights regarding your personal information. These rights may include:

• Accessing your personal information
• Updating or correcting your information
• Deleting your information
• Restricting processing
• Objecting to processing
• Withdrawing consent

If you would like to exercise any of these rights, please contact us using the details provided in this Privacy Policy. We will respond to your request within a reasonable timeframe. In order to protect your privacy and security, we may need to verify your identity before processing your request.

Data Breach Notifications

If a data breach occurs, we will comply with all relevant laws and regulations. If the breach poses a high risk to your rights and freedoms, we will notify you promptly and take all necessary steps to minimize the impact of the breach.

Filing a Complaint

If you believe we've mishandled your personal information or violated a data protection law, please contact us with full details. We will investigate and respond in writing, outlining our findings and any steps we'll take to resolve the issue. You also have the right to escalate your complaint to a data protection authority.

Unsubscribing from Communications

If you no longer wish to receive marketing emails or other communications from us, you can unsubscribe at any time by:

• Clicking the "unsubscribe" link in any email we send
• Contacting us directly using the details in this Privacy Policy

We may need to verify your identity before processing your request.

U.S. State Privacy Rights

If you are a resident of California, Oregon, Nevada, Texas, Virginia, Colorado, Connecticut, Utah, or another state that provides data privacy protections, you may have additional rights regarding our use of your personal information. The rights outlined in this section do not apply to information exempted under applicable state privacy law. Further, the rights described in this section are not absolute, are subject to exceptions and limitations, and may not be afforded to residents of all states. In certain cases, we may decline requests to exercise these rights where permitted by law.

Your rights under applicable U.S. state privacy laws may include:

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we collect, use, disclose, and sell (if applicable).
• Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
• Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Opt Out of Sale or Sharing: We do not sell personal information. However, some advertising pixels may constitute "sharing" under certain state laws. Use the consent banner to opt out.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
• Right to Appeal: If we decline to take action on your privacy request, you may appeal this decision by contacting us at the details below.

To exercise any of these rights, please contact us at privacy@getpromptlib.com. We will respond within the timeframe required by applicable law.

Chrome Extension

Our Chrome browser extension ("GetPromptLib") provides prompt management features directly in your browser. This section describes how data is handled specifically within the extension.

Data Stored Locally

The extension stores the following data in your browser's local storage:

• Prompts, templates, and library items you create or save
• Tags and organizational metadata
• Your extension settings and preferences
• Version history of your prompts (for premium users)
• Authentication session tokens (when signed in)
• Device activation and recovery state used for premium sync and device management
• Analytics consent state and pseudonymous tracking identifiers

This data remains on your device unless you sign in and enable cloud synchronization or consent to analytics collection.

Cloud Synchronization (Premium Feature)

When you sign in and subscribe to a premium plan, your prompts, templates, settings, and version history are synchronized to our cloud servers. This enables:

• Access to your library across multiple devices
• Real-time sync between the extension and web dashboard
• Backup and recovery of your prompt library

Cloud sync is optional and requires an active premium subscription. Free tier users' data remains stored locally only.

Device Activation (Premium Feature)

Premium subscriptions include cloud sync on up to three (3) devices. To enforce this limit, we generate and store a unique device identifier for each browser where the extension is activated. This identifier:

• Is randomly generated and does not contain personal information
• Is used solely to count active devices and enforce the device limit
• Can be deactivated from your account settings at any time

We also keep limited activation recovery state so a signed-in browser can reconnect to the same device activation after account or authentication changes. This includes extension-side recovery metadata and a first-party recovery cookie on GetPromptLib web properties.

Host Permissions

The extension requires broad website access ("all URLs") to enable its core features:

• Right-click save: Save selected text from any webpage to your library
• Quick Menu: Insert prompts into any text field using keyboard trigger
• Floating sidebar: Access your library while working on any website

Content scripts load on matching pages so the extension can detect editable fields, support quick-trigger insertion flows, and render the floating sidebar UI. Page context is processed locally in your browser for those features, while privileged website-to-extension messaging is restricted to trusted GetPromptLib web origins.

The extension does not build or sell browsing history profiles, does not send general page content to our servers or analytics tools as a dataset, does not use third-party cookies, and does not include raw prompt content, template content, or saved page text in analytics events.

Analytics in the Extension

The extension may collect pseudonymous usage analytics to help us improve the product when analytics consent is granted. PostHog receives a random extension distinct ID and, when you are signed in, a hashed user identifier plus product metadata such as subscription tier. Consent is managed through your website or account preferences using Concord, and the extension syncs that consent state when you are signed in. Analytics events do not include the raw content of your prompts, templates, or text you save from webpages.

Third-Party Services

We use the following third-party services to operate our website and extension:

Supabase (Cloud Infrastructure)

We use Supabase for cloud database storage, user authentication, and real-time data synchronization. Your account information, prompts, templates, and settings are stored on Supabase servers. Supabase is GDPR compliant and hosts data in secure data centers. Learn more at supabase.com/privacy.

PostHog (Analytics)

We use PostHog for product analytics to understand how users interact with our services. PostHog receives pseudonymous identifiers such as a random extension distinct ID and, when applicable, a hashed user identifier rather than your raw email address or raw user ID. We do not send raw prompt content, template content, or saved page text in analytics events. Analytics only run when the relevant consent state is granted. Learn more at posthog.com/privacy.

Concord (Consent Management Platform)

We use Concord as our consent management platform (CMP) to collect and store your cookie and analytics consent choices on the website. Those consent preferences determine whether analytics tools run on the webapp and, when you are signed in, sync to the Chrome extension.

Payment Processors

We use third-party payment processors (including LemonSqueezy and Mayar) to handle subscription payments. We do not store your full credit card details on our servers. Payment processors are PCI-DSS compliant and handle payment data according to their respective privacy policies.

How Often Will We Update This Privacy Policy?

We may update this Privacy Policy from time to time to reflect changes to the information we collect, how we collect it, or for other operational, legal, or regulatory reasons. Any updates will become effective as of the effective date listed at the top.

Each time you use our website, the current version of the Privacy Policy will apply. Please check this policy periodically to review any changes.

Where Can You Obtain Further Information?

If you have questions or concerns about our Privacy Policy or our data practices, you can reach out to our Privacy Officer at: