Privacy Policy

Prompt Carrot is the data controller responsible for protecting your personal information. This policy applies to visitors, customers, and workspace members who access our websites, applications, and related services.

Where we rely on third-party processors (Supabase, Vercel, Polar.sh, PostHog, and trusted analytics and infrastructure partners), we ensure contractual safeguards and data-processing agreements are in place.

We only collect the information needed to operate Prompt Carrot securely and effectively:

• Account & Profile Data: name, email, authentication details, profile fields, and team membership metadata.
• Organisation Content: prompts, collections, annotations, files, and activity your team chooses to store in the platform.
• Usage & Device Data: log files, IP address, browser details, device identifiers, API usage, and feature engagement analytics (aggregated whenever possible).
• Billing & Compliance: limited payment data (handled via Polar.sh), invoices, and tax location information for paid plans.
• Support Communications: messages, feedback forms, and incident reports when you contact us for help.

• Provide, maintain, and improve the Prompt Carrot platform and AI prompt collaboration features.
• Authenticate users, secure organisations, prevent fraud, and monitor for abuse or policy violations.
• Respond to support requests, deliver platform announcements, and provide onboarding guidance.
• Process payments, manage subscriptions, and comply with accounting, tax, and legal obligations.
• Analyze aggregated usage trends to prioritize roadmap improvements and maintain service reliability. This includes operational analytics (such as account creation, subscription changes, and error monitoring) processed under our legitimate interest, as well as behavioral analytics (such as feature usage, navigation patterns, and search activity) processed only with your consent.

We never sell personal data. By creating an account you'll receive occasional product update emails so we can let you know about new features and improvements. You can unsubscribe at any time via Settings → Account → Email preferences, or by clicking the unsubscribe link in any email we send.

For individuals in the European Economic Area, United Kingdom, and Switzerland, we process personal data using the following lawful bases:

• Contractual necessity for providing the services you request and enabling workspace collaboration.
• Legitimate interests such as improving product reliability, preventing misuse, and safeguarding our infrastructure (balanced against your rights and expectations). This includes server-side operational analytics (account events, subscription lifecycle, error monitoring, system health metrics) and first-party product update emails sent to active account holders. We process these to maintain, secure, and improve the service regardless of cookie consent preferences. You can unsubscribe from product update emails at any time.
• Legal obligations including financial record keeping, responding to lawful requests, and honoring regulatory requirements.
• Consent for optional cookie-based behavioural analytics (page views, feature interactions, search activity linked to a persistent identifier), broader marketing campaigns beyond product updates, and when you choose to share content publicly. You may withdraw consent at any time without affecting prior processing. When you withdraw, we switch to the cookieless analytics mode described under “Cookies and Tracking”.

We share data only with vetted partners who help us run Prompt Carrot:

• Supabase (EU/US): authentication, database hosting, and secure storage with row-level security enforcement.
• Vercel (Global): application hosting and edge delivery with regional failover.
• Polar.sh (Global): payment processing. Sensitive card data never touches our servers.
• PostHog (EU-hosted option): privacy-aware analytics to improve the product. Tracking is pseudonymized and respects Do Not Track signals where available.
• Cloudflare R2 (Global): object storage for user-uploaded media (avatars, prompt attachments).
• Resend (Global): transactional email delivery for invitations, receipts, and service notifications. Emails are encrypted in transit.
• Kit.com (Global): delivery of product update emails to active account holders. You can unsubscribe at any time from Settings → Account → Email preferences or via the unsubscribe link in any email.
• Support tooling: email, incident response, and ticketing services solely to assist you.

All processors are bound by data protection agreements, confidentiality obligations, and sub-processor controls.

We may transfer personal data outside of your home country. When we do, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or other legally recognized transfer mechanisms. Data hosted in Supabase or Vercel can be regionally located based on your organization's selection.

We continuously assess partner compliance with EU and UK data-export requirements and limit transfer scope to the minimum required to provide the service.

We retain personal data for as long as your account is active or as needed to deliver services. Organisation owners can delete prompts, collections, and entire organizations at any time. When you request deletion, we remove or anonymize data within 30 days unless legal obligations require longer retention (e.g. billing records held for seven years).

Backup copies are purged on a rolling schedule. Aggregated analytics may be retained without identifying information for benchmarking and service planning.

Depending on your location, you may exercise the following rights. We honor requests under GDPR, CCPA, UK Data Protection Act, and other applicable laws:

• Right of access – request a copy of personal data we hold about you.
• Right to rectification – correct incomplete or inaccurate information.
• Right to erasure – ask us to delete data when it is no longer needed or consent is withdrawn.
• Restriction of processing – pause certain data uses while we assess your request.
• Data portability – receive personal data in a structured, machine-readable format.
• Right to object – opt out of processing based on legitimate interests or direct marketing.
• Withdraw consent – change your preferences for optional features or communications.
• Lodge a complaint – contact your local supervisory authority if you believe we violated data protection laws.

We aim to respond to verified requests within 30 days. When requests are complex or numerous, we may extend by another 30 days and will inform you promptly.

Security is built into Prompt Carrot. We apply encryption in transit and at rest, access controls, audit trails, rate limiting, and continuous monitoring. Production access is restricted to trained personnel and reviewed quarterly. We follow responsible disclosure practices and notify you of any data incidents as required by law.

Prompt Carrot uses a cookie consent banner on our public browsing, shared-content, and legal pages so you can make an informed choice about cookie-based tracking. You can update your preferences at any time through the “Cookie Settings” link in the page footer or the Privacy section of your dashboard Account Settings.

Cookie Categories

• Essential Cookies: Required for authentication, session security, and core platform functionality. These cannot be disabled. They include a session authentication cookie (cleared when you sign out) and a cookie that remembers your consent preferences (retained for 365 days).
• Analytics Cookies: Help us understand how you use the product so we can improve it. Powered by PostHog, a privacy-focused, EU-hosted analytics platform with no advertising or cross-site tracking. These are opt-in only and require your explicit consent; they are cleared from your browser when you revoke that consent.

When you revoke analytics consent, we switch your session to cookieless analytics mode: PostHog stops setting cookies and local storage, deletes its existing cookies, and instead captures a small set of aggregate product-improvement events keyed off a daily privacy-preserving server-side hash. This processing has no cookies, no cross-session identifier, no advertising or cross-site tracking, and cannot be linked back to your account. We rely on it under our legitimate interest in measuring service reliability and improving the product, balanced against your decision to refuse cookies. You may object to this processing by contacting our privacy team.

Separately, we process limited server-side operational events (such as account creation, subscription changes, and error reports) under our legitimate interest in maintaining and improving the service. These events do not rely on cookies and are not affected by your cookie consent preferences.

We honor Do Not Track (DNT) and Global Privacy Control (GPC) browser signals. Our analytics SDK respects these signals, and we display their status in your privacy settings for transparency.

What PostHog never receives

By design, prompt titles, prompt content, prompt usage instructions, collection and project names, raw email addresses, raw URLs, auth/invite/checkout tokens, and raw error messages are filtered out before any event leaves your browser or our servers. Object IDs (prompts, collections, projects, organisations, subscriptions) are hashed so analytics joins work without re-identifying individual records. You can read PostHog's privacy policy at posthog.com/privacy.

Prompt Carrot is not directed to children under 16. We do not knowingly collect personal data from minors. If you believe a minor has provided personal data to us, please contact us so we can investigate and delete the information.

For questions, data subject requests, or concerns, contact our Data Protection Officer:

Email: hello@promptcarrot.com