PromptTK

Introduction

Welcome to PromptTK! This Privacy Policy explains how PromptTK ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our website, application, and services (collectively, the "Services"). Our Services are designed to help with prompt engineering and training dataset generation for fine-tuning AI models.

We are committed to protecting your privacy and handling your data in an open and transparent manner, in compliance with applicable UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy outlines what data we collect, why we collect it, how we use and share it, and your rights regarding your data. By using our Services, you agree to the collection and use of information in accordance with this policy.

Who We Are and Contact Details

Data Controller: PromptTK

Contact Email for Privacy Queries: privacy@prompttk.com

Website: https://www.prompttk.com

Date of Last Update: May 7th 2025

Information We Collect

We collect information to provide and improve our Services. The types of personal information we collect depend on how you interact with us and our Services.

Information You Provide Directly

  • Account Creation:
    • Email/Password Registration: When you create an account directly with us using an email address and password, we collect your email address, your chosen password (which we store in a hashed format), and any other information you voluntarily provide, such as your name.
    • Google Authentication: If you choose to register or log in using your Google account, we will receive certain profile information from Google. This typically includes your name, email address, language preference, and profile picture. The specific information we receive depends on your Google account privacy settings and the permissions requested during the authentication process. We do not receive or store your Google account password.
    • GitHub Authentication: If you choose to register or log in using your GitHub account, we will receive certain profile information from GitHub. This typically includes your GitHub username, public profile information, and email address(es) associated with your GitHub account. The specific information we receive depends on your GitHub account settings and the permissions requested during the authentication process. We do not receive or store your GitHub account password.
  • Content You Create and Store:

    We collect and store any information, prompts, text, data, training datasets, and other content that you create, input, submit, upload, or store while using our Services ("User Content"). This includes prompts you engineer and datasets you generate for fine-tuning AI models.

  • Communications:

    If you contact us directly (e.g., for customer support, feedback, or inquiries), we will collect information you provide in your communications, such as your name, email address, and the content of your message.

Information We Collect Automatically (Usage Data)

When you use our Services, we may automatically collect certain information about your device and your interaction with our Services. This includes:

  • Device and Connection Information:
    • IP address
    • Browser type and version
    • Operating system
    • Device type and settings
    • Referring URLs
    • Date and time of access
  • Usage Metrics:
    • Features you use
    • Pages you visit
    • Time spent on pages
    • Interactions with the user interface
    • Error logs and crash reports
  • Cookies and Similar Technologies:

    We use cookies and similar tracking technologies (like web beacons and pixels) to collect and track information about your usage of our Services, to remember your preferences, and to enhance your user experience. You can control the use of cookies through your browser settings. For more detailed information, please see our Cookie Policy.

How We Use Your Information

We use the information we collect for various purposes:

  • To Provide and Maintain Our Services:
    • To operate and maintain your account.
    • To allow you to create, store, and manage your User Content.
    • To provide you with customer support.
  • To Manage Your Account and Authenticate You:
    • To verify your identity when you log in and to ensure the security of your account.
  • To Communicate With You:
    • To send you service-related announcements, updates, security alerts, and administrative messages.
    • To respond to your comments and inquiries.
    • To provide information about new features, promotions, or other news about our Services (you can opt-out of marketing communications).
  • To Improve Our Products and Services:
    • To understand how users interact with our Services, to identify areas for improvement, and to develop new features and functionalities.
    • For users on non-enterprise plans: We may retain and use your Usage Data and User Content (such as prompts and generated datasets) to analyze, improve, and enhance our AI models, algorithms, and overall Services. This helps us make our tools smarter, more accurate, and more useful for all users. We will always handle this data with care, and where feasible, we may anonymize or aggregate it before use. However, the nature of improving AI may require the use of specific data points. Enterprise plan users' data will be handled according to their specific agreements and will not be used for these general product improvement purposes unless explicitly agreed.
  • For Security and to Prevent Fraud:
    • To monitor for and prevent fraudulent, abusive, or illegal activity.
    • To protect the rights, property, and safety of PromptTK, our users, and the public.
  • To Comply with Legal Obligations:
    • To comply with applicable UK laws, regulations, legal processes, or governmental requests.

Legal Basis for Processing Your Information (Under UK GDPR)

We will only collect and process your personal data where we have a lawful basis to do so. Our lawful bases include:

  • Consent: Where you have given us explicit consent to process your personal data for a specific purpose (e.g., for marketing communications, or for specific uses of your User Content if asked separately). You can withdraw your consent at any time.
  • Contractual Necessity: Where processing your personal data is necessary for the performance of a contract with you (e.g., to provide you with the Services you have subscribed to, including account management and access to features).
  • Legitimate Interests: Where processing your personal data is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. This includes:
    • Providing, maintaining, and improving our Services.
    • Using Usage Data and User Content from non-enterprise plans to enhance our AI models and product offerings.
    • Ensuring the security of our Services and preventing fraud.
    • Conducting business analytics and understanding user behavior.
  • Legal Obligation: Where processing your personal data is necessary for compliance with a legal obligation to which we are subject.

How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf (e.g., hosting providers, payment processors, analytics providers, customer support tools). These service providers are contractually obligated to protect your data and are restricted from using it for any other purpose.
  • For Legal Reasons: We may disclose your information if we believe it's reasonably necessary to:
    • Comply with a law, regulation, legal process, or governmental request.
    • Protect the safety, rights, or property of the public, any person, or PromptTK.
    • Detect, prevent, or otherwise address fraud, security, or technical issues.
  • Business Transfers: If we are involved in a merger, acquisition, bankruptcy, reorganization, sale of assets, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such deal and outline your choices in that event.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you with third parties for research, marketing, analytics, or other purposes.
  • With Your Consent: We may share your information with third parties when we have your explicit consent to do so.

We do not share personal data collected from enterprise plan users for the general improvement of our AI models with other customers or third parties, except as specifically agreed in their enterprise agreement or as required by law.

Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by law. The criteria used to determine our retention periods include:

  • The length of time you have an active account with us.
  • Our legal and regulatory obligations (e.g., for tax and accounting purposes).
  • Whether there is a legal claim or an ongoing investigation related to your data.
  • The need to maintain data for the provision and improvement of our Services (for non-enterprise plans, User Content and Usage Data may be retained for longer periods for AI model training and improvement, subject to your rights).

You can request to download your data at any time (see "Your Data Rights" section). If you close your account, we will delete or anonymize your personal information in accordance with our retention policies, unless we are legally required or have a legitimate interest to retain it (e.g., for dispute resolution or to prevent fraud).

Your Data Rights (Under UK GDPR)

Under UK data protection law, you have several rights regarding your personal information. These include:

  • The Right to be Informed: You have the right to be provided with clear, transparent, and easily understandable information about how we use your information and your rights. This is why we are providing you with this Privacy Policy.
  • The Right of Access: You have the right to obtain access to your personal information (if we are processing it) and certain other supplementary information (similar to that provided in this Privacy Policy). You can request a copy of the personal data we hold about you and can download your data in full from our site at any time through your account settings or by contacting us.
  • The Right to Rectification: You are entitled to have your personal information corrected if it is inaccurate or incomplete.
  • The Right to Erasure (The 'Right to be Forgotten'): This enables you to request the deletion or removal of your personal information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
  • The Right to Restrict Processing: You have rights to 'block' or suppress further use of your personal information in certain circumstances. When processing is restricted, we can still store your information, but may not use it further.
  • The Right to Data Portability: You have the right to obtain and reuse your personal information for your own purposes across different services. This allows you to move, copy or transfer your personal information easily between our IT systems and theirs safely and securely, without affecting its usability. This includes the right to download your data in full from our site.
  • The Right to Object: You have the right to object to certain types of processing, including processing for direct marketing and processing based on our legitimate interests (e.g., for product improvement, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms).
  • Rights in Relation to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. We will inform you if we engage in such activities and provide you with an opportunity to request human intervention or challenge a decision.

To exercise any of these rights, please contact us at privacy@prompttk.com. We will respond to your request within one month, or an extended period if the request is complex.

Data Security

We are committed to protecting your personal information and have implemented appropriate technical and organizational measures to safeguard it from unauthorized access, use, disclosure, alteration, and destruction. These measures include [Briefly mention types of security measures, e.g., encryption, access controls, secure servers, regular security assessments].

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of the UK or the European Economic Area (EEA) where the data protection laws may differ.

If we transfer your personal data outside the UK/EEA, we will ensure that appropriate safeguards are in place to protect your data, such as:

  • Ensuring the country has been deemed to provide an adequate level of protection by the UK authorities.
  • Implementing Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO).
  • Other legal mechanisms permitted under UK data protection law.

We will provide more specific details on request if your data is transferred internationally.

Use of Data for AI Product Improvement (Non-Enterprise Plans)

As highlighted elsewhere in this policy, for users on our non-enterprise plans, we may use your Usage Data and User Content (including prompts and generated datasets) to train, develop, and improve our AI models and the overall functionality of our Services.

  • Purpose: This helps us to refine our algorithms, enhance the accuracy and relevance of generated content, develop new features, and ultimately provide a better service to all users.
  • Data Handling: While we strive to use anonymized or aggregated data where possible, the nature of improving AI often requires the use of specific examples. We will handle this data with strict confidentiality and security measures.
  • Your Choice: For non-enterprise plans, this use of data is a condition for using the Services at the offered price point. If you are an enterprise customer, your data will be handled according to your specific enterprise agreement. You have the right to object to this processing as detailed in the "Your Data Rights" section if you believe our legitimate interest is overridden by your rights.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to provide and improve our Services. For detailed information on the cookies we use, why we use them, and how you can manage them, please refer to our Cookie Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Date of Last Update" at the top. We may also inform you via email or through a prominent notice on our Services.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Contact Us and Complaints

If you have any questions, concerns, or comments about this Privacy Policy, our data practices, or if you wish to exercise any of your rights, please contact us at:

PromptTK
Email: privacy@prompttk.com