This Privacy Policy describes how supre.online ("Supre", "we", "us") collects, uses, and protects information when you use our website and service.
Session identifiers. When you use the tool, a unique session ID (UUID) is generated and stored in your browser's localStorage. This ID is used to track your credit balance if you purchase a paid plan. It is not linked to any personal information unless you choose to provide your email address.
Email address (optional). If you choose to save your session ID by email, we store a cryptographic hash (SHA-256) of your email address. We do not store your email address in plaintext. This hash is retained for up to one year and allows you to recover your session ID if you lose it.
IP address. We use your IP address to enforce the daily free-tier usage limit (2 generations per day). IP addresses are not stored permanently — they are used transiently as rate-limiting keys with a maximum TTL of 24 hours.
Usage data. We collect aggregate, anonymized usage statistics: total number of prompts generated, daily active sessions. This data is not linked to individuals.
We use Google Analytics 4 (GA4) to understand how visitors use the site, and Google AdSense to display advertisements. Both services are loaded only after you provide explicit consent via the cookie banner on your first visit. You can change your consent choice at any time by clearing your browser's localStorage for supre.online.
When consent is granted, Google may set cookies and collect data in accordance with Google's Privacy Policy.
When consent is denied, no analytics or advertising scripts are loaded. No tracking cookies are set.
Payments are processed by Stripe. When you purchase credits, you are redirected to a Stripe-hosted checkout page. We do not collect or store payment card information. Stripe's privacy policy applies to payment data: stripe.com/privacy.
After a successful payment, we receive a Stripe webhook event containing your email address and the purchased plan. Your email is hashed and stored as described above to link your purchase to your session ID.
Session and credit data is stored in Upstash Redis, a managed cloud database hosted in the EU. Email hashes are retained for up to one year. Rate-limiting keys expire automatically within 24 hours. No personal data is stored beyond what is described in this policy.
Under GDPR and applicable privacy law, you have the right to access, correct, or request deletion of any personal data we hold about you. Since we store only hashed email addresses, deletion requests require you to provide your email address or session ID so we can identify and remove the relevant records. Contact us at hello@supre.online to exercise these rights.
Supre is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
We may update this policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. Continued use of the service after changes constitutes acceptance of the updated policy.
Questions about this policy: hello@supre.online