Privacy Policy

At tonAIlity, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

1. Information We Collect

Information You Provide

• Account Information: Name, email address, password
• Profile Information: Brand name, industry, social media accounts
• Writing Samples: Content you upload to train your voice model
• Knowledge Base: Documents and information you provide
• Payment Information: Processed securely through Stripe (we do not store card details)
• Generated Content: Posts created using tonAIlity

Automatically Collected Information

• Usage Data: Features used, pages visited, time spent
• Device Information: Browser type, operating system, IP address
• Cookies: Authentication, preferences, analytics (see Cookie Policy below)
• Log Data: Errors, performance metrics, API calls

2. How We Use Your Information

We use your information to:

• Provide Our Service: Train AI models, generate content, publish posts
• Improve Quality: Analyze usage patterns, fix bugs, add features
• Communicate: Send service updates, respond to support requests
• Process Payments: Handle billing and subscriptions
• Prevent Abuse: Detect fraud, spam, and policy violations
• Legal Compliance: Meet regulatory requirements, respond to legal requests

3. How We Share Your Information

We do NOT sell your personal information. We share data only in these circumstances:

Service Providers

• Cloud Infrastructure: Supabase (database hosting)
• AI Models: Google Gemini (content generation)
• Payments: Stripe (payment processing)
• Image Generation: BannerBear (branded image creation)
• Social Publishing: Ayrshare (multi-platform posting)
• Analytics: Usage tracking and performance monitoring

All service providers are contractually obligated to protect your data and use it only for providing their services.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

Business Transfers

If tonAIlity is acquired or merged, your information may be transferred to the new owner. We will notify you before this occurs.

4. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: Data encrypted in transit (TLS/SSL) and at rest
• Access Controls: Role-based access, authentication required
• Secure Infrastructure: SOC 2 compliant cloud providers
• Regular Audits: Security reviews and vulnerability scans
• Password Protection: Bcrypt hashing for password storage

However, no system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal data within 30 days, except where required by law or for legitimate business purposes (e.g., fraud prevention, legal compliance). Backups may be retained for up to 90 days.

6. Your Privacy Rights

All Users

• Access: Request a copy of your personal data
• Correction: Update inaccurate information
• Deletion: Request account and data deletion
• Export: Download your content and data
• Opt-Out: Unsubscribe from marketing emails

GDPR Rights (EU/EEA Users)

If you are in the EU or EEA, you have additional rights under GDPR:

• Right to Portability: Receive data in machine-readable format
• Right to Restriction: Limit how we process your data
• Right to Object: Object to processing for direct marketing
• Right to Lodge Complaint: Contact your data protection authority

CCPA Rights (California Users)

If you are a California resident, you have rights under CCPA:

• Right to Know: Request categories and specific pieces of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: We do not sell personal information
• Right to Non-Discrimination: Equal service regardless of privacy exercise

To exercise your rights, email support@tonailty.com or use your account settings. We will respond within 30 days.

7. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Authentication, security, basic functionality (required)
• Analytics Cookies: Usage patterns, feature performance (optional)
• Preference Cookies: Remember your settings (optional)

You can control cookies through your browser settings. Disabling essential cookies may affect functionality.

8. Third-Party Links

tonAIlity may contain links to third-party websites and services (e.g., social media platforms). We are not responsible for their privacy practices. Please review their privacy policies before sharing information.

9. Children's Privacy

tonAIlity is not intended for users under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your data may be transferred and processed in countries outside your residence, including the United States. We ensure appropriate safeguards are in place, including standard contractual clauses and data protection agreements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. The "Last updated" date at the top will reflect the most recent changes. Your continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions, concerns, or to exercise your rights, contact us:

• Email: privacy@tonailty.com
• Support: support@tonailty.com
• Address: [Company Address]