Log InStart Free

Privacy Policy

Last updated: April 5, 2026

1. What Data We Collect

We collect the minimum data necessary to provide the Service:

  • Account information: Email address used for login
  • Shop information: Business name, address, phone, license number (provided by you in settings)
  • Supplement content: Vehicle info, claim details, line items, damage descriptions, and AI-rewritten text
  • Photos: Damage photos you upload and link to line items
  • Usage data: Supplement count, feature usage (anonymized), error logs
  • Payment data: Processed by Stripe. We do not store credit card numbers.

2. How We Store Data

All data is stored on Cloudflare's global infrastructure:

  • Account and supplement data: Cloudflare KV (encrypted at rest)
  • Photos: Cloudflare R2 (S3-compatible, encrypted at rest)
  • Data location: Distributed across Cloudflare's global network for performance

3. Data Retention

  • Free plan: Supplement data retained for 90 days from creation
  • Pro/Shop plans: Data retained permanently while subscription is active
  • After cancellation: Data retained for 30 days, then permanently deleted
  • On request: We will delete all your data within 7 business days of a written request

4. How We Use Data

  • To provide the Service (create, edit, export supplements)
  • To process AI text rewrites (your input text is sent to our AI provider for processing)
  • To send transactional emails (magic link login, account notifications)
  • To improve the Service using anonymized, aggregated data

5. Data Sharing

We do not sell your data to third parties.

We share data only with:

  • Cloudflare: Infrastructure provider (data storage and delivery)
  • Anthropic (Claude AI): Processes text for AI rewrites (input text only, not stored)
  • Stripe: Payment processing
  • Brevo: Transactional email delivery

6. Your Rights

You have the right to:

  • Access: Request a copy of all data we have about you
  • Correct: Update your account information at any time
  • Delete: Request deletion of all your data
  • Export: Download your supplement data in standard formats
  • Object: Opt out of anonymized data usage for service improvement

7. Cookies

We use essential cookies only:

  • Authentication token: Stored in localStorage to keep you logged in
  • We do not use advertising cookies or third-party tracking pixels

8. CCPA/GDPR Compliance

California residents and EU citizens have additional rights under CCPA and GDPR respectively. We honor all data subject access requests (DSAR). To exercise your rights, contact us.

9. Children's Privacy

SupplementBuilder is not intended for use by anyone under 18 years of age. We do not knowingly collect data from minors.

10. Changes to This Policy

We will notify registered users via email of material changes to this policy at least 30 days before they take effect.

11. Contact

Privacy questions? Email support@supplementbuilder.app or use our contact form.