Last updated: March 2, 2026
The Prompt Engine (“we”, “us”, “our”) operates the website thepromptengine.app. This policy explains how we collect, use, and protect your personal data when you use our site and purchase our course.
We collect the minimum data necessary to provide our service:
Account data: When you create an account, we collect your email address and a hashed password. We never store your password in plain text.
Payment data: When you purchase the course, payment is processed by Stripe. We store only your Stripe session ID and payment status. We never see or store your card number, expiry date, or CVC.
Usage data: We use basic analytics to understand how the site is used (pages visited, time on site). This data is aggregated and not tied to your identity.
Cookies: We use essential cookies required for authentication and session management. We do not use tracking or advertising cookies.
We use your data to:
• Provide and maintain your account and course access
• Process payments and issue refunds
• Send transactional emails (password resets, purchase confirmations)
• Improve the course and website experience
We do not sell, rent, or share your personal data with third parties for marketing purposes.
We use the following third-party services that may process your data:
• Supabase — Authentication and database hosting (EU region)
• Stripe — Payment processing (Stripe Privacy Policy)
• Vercel — Website hosting
• Resend — Transactional email delivery
We retain your account data for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days, except where we are legally required to retain it (e.g., payment records for tax purposes).
If you are in the European Economic Area, you have the right to:
• Access — Request a copy of the personal data we hold about you
• Rectification — Ask us to correct inaccurate data
• Erasure — Ask us to delete your personal data
• Portability — Request your data in a machine-readable format
• Objection — Object to processing of your data
• Withdraw consent — Where processing is based on consent, withdraw it at any time
To exercise any of these rights, contact us at privacy@thepromptengine.app. We will respond within 30 days.
We use industry-standard security measures including encrypted connections (HTTPS), hashed passwords, encrypted database credentials, and Row Level Security (RLS) in our database to ensure users can only access their own data.
Our service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.
We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date.
For any questions about this privacy policy, contact us at privacy@thepromptengine.app.