Your data, handled honestly

Account information

When you sign up via Google OAuth or email, we collect your email address and, if provided by Google, your display name and profile photo. We use this to identify your account and communicate with you.

App context you provide

When you create a project, you paste text (README, PRD, claude.md, or a plain-text description). This text is sent to our AI provider to generate your launch assets. We store it in our database so you can return to your project later.

Uploaded files

If you upload an app icon, it is stored in Supabase Storage under a path scoped to your project. Icons are used solely to generate screenshot frames and brand colours for your launch kit.

Payment information

Payments are processed by Stripe. PostBuild AI never sees or stores your full card number, CVV, or billing address. We receive a Stripe customer ID and payment confirmation to unlock your project.

Usage and error data

We use PostHog for product analytics (page views, feature usage) and Sentry for error tracking. These tools may collect your IP address, browser type, and anonymised interaction events. No personally identifiable information is shared with third-party advertising networks.

To deliver the service

Your app context is sent to our AI pipeline (powered by Google Gemini) to generate store screenshots, ASO copy, privacy policies, terms of service, landing pages, and press kits. The output is stored against your project so you can edit and download it.

To process payments

We pass your email and purchase details to Stripe to create checkout sessions and manage subscriptions. Stripe's privacy policy governs how they handle your payment data.

To send transactional emails

We use Resend to deliver account-related emails such as magic login links, password resets, and purchase confirmations. We do not send marketing emails without your consent.

To improve the product

Aggregated, anonymised analytics from PostHog help us understand which features are used and where users encounter friction. This data is never sold.

Where your data is stored

All project data, generated assets, and account records are stored in Supabase (PostgreSQL database and object storage) hosted on AWS infrastructure. Data is encrypted at rest and in transit.

Row-level security

Our database enforces row-level security (RLS) policies so that each user can only access their own projects and assets — not those of other users.

Retention

We retain your data for as long as your account is active. If you delete your account, your projects, generated assets, and uploaded files are permanently deleted within 30 days.

Google Gemini (AI generation)

Your app context text is sent to the Google Gemini API for content generation. Google's usage policies and privacy terms apply to data processed through their API.

Supabase (database & storage)

Our backend database and file storage run on Supabase. Data is stored in the US (AWS us-east-1) by default.

Stripe (payments)

All payment processing is handled by Stripe, Inc. We do not store raw payment data. See stripe.com/privacy for Stripe's privacy policy.

PostHog (analytics)

Product analytics are collected via PostHog. Events are anonymised before being used for product decisions. You can opt out by disabling JavaScript or using a browser content blocker.

Sentry (error monitoring)

Errors and crash reports are sent to Sentry to help us identify and fix bugs. Sentry may capture URLs, stack traces, and browser information at the time of an error.

Access and export

You can view all your projects and generated assets from the dashboard at any time. Download your full launch kit as a ZIP from any paid project.

Deletion

You can delete any project from the dashboard. To delete your entire account and all associated data, email us at hello@postbuildai.com and we will process your request within 30 days.

Correction

If any account information is inaccurate, you can update it from Settings or contact us directly.

GDPR (EU/EEA users)

If you are located in the European Union or European Economic Area, you have additional rights under the GDPR including the right to restrict processing and to data portability. Contact us at hello@postbuildai.com to exercise these rights.

Authentication cookies

We use Supabase session cookies to keep you logged in. These are strictly necessary for the service to function and cannot be disabled while using the app.

Analytics cookies

PostHog may set cookies to distinguish between sessions for analytics purposes. These are not used for advertising.

Updates

We may update this Privacy Policy as the product evolves. If we make material changes, we will notify you by email or by displaying a notice in the dashboard. The "Last updated" date at the top of this page reflects the most recent revision.