PromptForest ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. By using PromptForest, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Platform. We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

**Information You Provide:** - Account information (name, email, username, password) - Profile information (bio, avatar, location) - Payment information (processed by third-party payment processors) - Payout information for sellers (bank account, PayPal, tax information) - Content you post (prompts, reviews, comments) - Communications with us (support requests, emails) **Information Collected Automatically:** - Device information (IP address, browser type, operating system) - Usage data (pages viewed, time spent, clicks, search queries) - Cookies and similar tracking technologies - Location data (approximate location based on IP address) - Analytics data (via Google Analytics, Vercel Analytics) **Information from Third Parties:** - Social media profile information (if you sign in via OAuth) - Payment confirmation from payment processors - Fraud detection information from security services

We use your information for the following purposes: **Service Delivery:** - Create and manage your account - Process transactions and send receipts - Deliver purchased prompts - Process seller payouts - Provide customer support **Platform Improvement:** - Analyze usage patterns and trends - Develop new features and functionality - Improve user experience - Test and monitor platform performance **Communication:** - Send transactional emails (order confirmations, receipts) - Respond to your inquiries - Send marketing communications (with your consent) - Notify you of Platform updates - Send security alerts **Legal and Security:** - Prevent fraud and abuse - Enforce our Terms of Service - Comply with legal obligations - Protect our rights and property - Investigate and prevent violations **Marketing:** - Personalize your experience - Show relevant prompts and content - Send promotional emails (you can opt out) - Display targeted advertisements

We may share your information in the following circumstances: **With Other Users:** - Your public profile information is visible to all users - Sellers can see buyer information for their sales - Buyers can see seller information for purchased prompts - Reviews and comments you post are public **With Service Providers:** - Payment processors (Stripe, PayPal) - Email service providers (SendGrid) - Analytics providers (Google Analytics, Vercel) - Cloud hosting services (Vercel, AWS) - Customer support tools **For Business Transfers:** - In connection with a merger, acquisition, or sale of assets - During bankruptcy or similar proceedings - As part of a business restructuring **For Legal Reasons:** - To comply with legal obligations - To respond to lawful requests from authorities - To enforce our Terms of Service - To protect our rights and property - To prevent fraud or illegal activity **With Your Consent:** - When you explicitly agree to share information - For purposes disclosed at the time of collection

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. **Account Information:** - Retained while your account is active - Retained for 90 days after account deletion - Some information may be retained longer for legal compliance **Transaction Data:** - Retained for 7 years for tax and accounting purposes - Payment information is deleted once no longer needed **Analytics Data:** - Aggregated analytics may be retained indefinitely - Individual usage data retained for 26 months **Legal Holds:** Information subject to legal holds, investigations, or litigation is retained until the matter is resolved. You may request deletion of your personal information by contacting us. Note that some information may be retained in backups for a limited time.

We implement appropriate technical and organizational security measures to protect your information: **Technical Measures:** - Encryption in transit (HTTPS/TLS) - Encryption at rest for sensitive data - Secure password hashing (bcrypt) - Regular security audits - Intrusion detection systems - DDoS protection **Organizational Measures:** - Access controls and authentication - Employee training on data protection - Regular security assessments - Incident response procedures - Vendor security requirements **Payment Security:** - We do not store full credit card numbers - Payment data is processed by PCI-compliant providers - Tokenization for stored payment methods However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at security@promptforest.com.

Depending on your location, you may have the following rights: **Access and Portability:** - Request a copy of your personal information - Receive your data in a portable format - Access your account information at any time **Correction:** - Update or correct inaccurate information - Edit your profile and account settings **Deletion:** - Request deletion of your personal information - Delete your account (subject to legal retention requirements) **Objection and Restriction:** - Object to processing of your information - Restrict certain uses of your data - Opt out of marketing communications **Withdrawal of Consent:** - Withdraw consent for data processing - Change privacy preferences **Do Not Sell:** - We do not sell your personal information - You can opt out of certain data sharing To exercise these rights, contact us at privacy@promptforest.com. We will respond within 30 days. Note: Some rights may be limited by legal requirements or the need to maintain Platform functionality.

We use cookies and similar tracking technologies to enhance your experience: **Essential Cookies:** - Authentication and session management - Security and fraud prevention - Required for Platform functionality **Analytics Cookies:** - Google Analytics (understand usage patterns) - Vercel Analytics (performance monitoring) - Helps us improve the Platform **Functional Cookies:** - Remember your preferences - Personalize your experience - Store cart and wishlist items **Marketing Cookies:** - Track marketing campaign effectiveness - Deliver targeted advertisements - Measure ad performance **Cookie Management:** You can control cookies through your browser settings. Note that disabling cookies may affect Platform functionality. For more information, see our Cookie Policy.

PromptForest is based in the United States. Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country. By using the Platform, you consent to the transfer of your information to the United States and other countries. **EU Users:** For users in the European Economic Area (EEA), we rely on: - Standard Contractual Clauses for data transfers - Adequacy decisions where applicable - Your explicit consent when required We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

PromptForest is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@promptforest.com. If we discover that we have collected personal information from a child without verification of parental consent, we will delete that information promptly.

California residents have additional rights under the California Consumer Privacy Act (CCPA): **Right to Know:** You can request disclosure of: - Categories of personal information collected - Sources of personal information - Business purpose for collecting information - Categories of third parties we share with - Specific pieces of personal information **Right to Delete:** Request deletion of personal information (subject to exceptions) **Right to Opt-Out:** We do not sell personal information **Right to Non-Discrimination:** We will not discriminate against you for exercising your rights To exercise these rights, email privacy@promptforest.com or call 1-800-PROMPT-1. We will verify your identity before processing requests. Authorized agents may submit requests on your behalf with proper documentation.

If you have questions or concerns about this Privacy Policy or our privacy practices: **Email:** privacy@promptforest.com **Address:** Privacy Officer, PromptForest, 123 Forest Lane, Wilmington, DE 19801, United States **Phone:** 1-800-PROMPT-1 We aim to respond to all privacy inquiries within 30 days. For EU users, you have the right to lodge a complaint with your local data protection authority.

PromptForest ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. By using PromptForest, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Platform. We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

**Information You Provide:** - Account information (name, email, username, password) - Profile information (bio, avatar, location) - Payment information (processed by third-party payment processors) - Payout information for sellers (bank account, PayPal, tax information) - Content you post (prompts, reviews, comments) - Communications with us (support requests, emails) **Information Collected Automatically:** - Device information (IP address, browser type, operating system) - Usage data (pages viewed, time spent, clicks, search queries) - Cookies and similar tracking technologies - Location data (approximate location based on IP address) - Analytics data (via Google Analytics, Vercel Analytics) **Information from Third Parties:** - Social media profile information (if you sign in via OAuth) - Payment confirmation from payment processors - Fraud detection information from security services

We use your information for the following purposes: **Service Delivery:** - Create and manage your account - Process transactions and send receipts - Deliver purchased prompts - Process seller payouts - Provide customer support **Platform Improvement:** - Analyze usage patterns and trends - Develop new features and functionality - Improve user experience - Test and monitor platform performance **Communication:** - Send transactional emails (order confirmations, receipts) - Respond to your inquiries - Send marketing communications (with your consent) - Notify you of Platform updates - Send security alerts **Legal and Security:** - Prevent fraud and abuse - Enforce our Terms of Service - Comply with legal obligations - Protect our rights and property - Investigate and prevent violations **Marketing:** - Personalize your experience - Show relevant prompts and content - Send promotional emails (you can opt out) - Display targeted advertisements

We may share your information in the following circumstances: **With Other Users:** - Your public profile information is visible to all users - Sellers can see buyer information for their sales - Buyers can see seller information for purchased prompts - Reviews and comments you post are public **With Service Providers:** - Payment processors (Stripe, PayPal) - Email service providers (SendGrid) - Analytics providers (Google Analytics, Vercel) - Cloud hosting services (Vercel, AWS) - Customer support tools **For Business Transfers:** - In connection with a merger, acquisition, or sale of assets - During bankruptcy or similar proceedings - As part of a business restructuring **For Legal Reasons:** - To comply with legal obligations - To respond to lawful requests from authorities - To enforce our Terms of Service - To protect our rights and property - To prevent fraud or illegal activity **With Your Consent:** - When you explicitly agree to share information - For purposes disclosed at the time of collection

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. **Account Information:** - Retained while your account is active - Retained for 90 days after account deletion - Some information may be retained longer for legal compliance **Transaction Data:** - Retained for 7 years for tax and accounting purposes - Payment information is deleted once no longer needed **Analytics Data:** - Aggregated analytics may be retained indefinitely - Individual usage data retained for 26 months **Legal Holds:** Information subject to legal holds, investigations, or litigation is retained until the matter is resolved. You may request deletion of your personal information by contacting us. Note that some information may be retained in backups for a limited time.

We implement appropriate technical and organizational security measures to protect your information: **Technical Measures:** - Encryption in transit (HTTPS/TLS) - Encryption at rest for sensitive data - Secure password hashing (bcrypt) - Regular security audits - Intrusion detection systems - DDoS protection **Organizational Measures:** - Access controls and authentication - Employee training on data protection - Regular security assessments - Incident response procedures - Vendor security requirements **Payment Security:** - We do not store full credit card numbers - Payment data is processed by PCI-compliant providers - Tokenization for stored payment methods However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at security@promptforest.com.

Depending on your location, you may have the following rights: **Access and Portability:** - Request a copy of your personal information - Receive your data in a portable format - Access your account information at any time **Correction:** - Update or correct inaccurate information - Edit your profile and account settings **Deletion:** - Request deletion of your personal information - Delete your account (subject to legal retention requirements) **Objection and Restriction:** - Object to processing of your information - Restrict certain uses of your data - Opt out of marketing communications **Withdrawal of Consent:** - Withdraw consent for data processing - Change privacy preferences **Do Not Sell:** - We do not sell your personal information - You can opt out of certain data sharing To exercise these rights, contact us at privacy@promptforest.com. We will respond within 30 days. Note: Some rights may be limited by legal requirements or the need to maintain Platform functionality.

We use cookies and similar tracking technologies to enhance your experience: **Essential Cookies:** - Authentication and session management - Security and fraud prevention - Required for Platform functionality **Analytics Cookies:** - Google Analytics (understand usage patterns) - Vercel Analytics (performance monitoring) - Helps us improve the Platform **Functional Cookies:** - Remember your preferences - Personalize your experience - Store cart and wishlist items **Marketing Cookies:** - Track marketing campaign effectiveness - Deliver targeted advertisements - Measure ad performance **Cookie Management:** You can control cookies through your browser settings. Note that disabling cookies may affect Platform functionality. For more information, see our Cookie Policy.

PromptForest is based in the United States. Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country. By using the Platform, you consent to the transfer of your information to the United States and other countries. **EU Users:** For users in the European Economic Area (EEA), we rely on: - Standard Contractual Clauses for data transfers - Adequacy decisions where applicable - Your explicit consent when required We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

PromptForest is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@promptforest.com. If we discover that we have collected personal information from a child without verification of parental consent, we will delete that information promptly.

California residents have additional rights under the California Consumer Privacy Act (CCPA): **Right to Know:** You can request disclosure of: - Categories of personal information collected - Sources of personal information - Business purpose for collecting information - Categories of third parties we share with - Specific pieces of personal information **Right to Delete:** Request deletion of personal information (subject to exceptions) **Right to Opt-Out:** We do not sell personal information **Right to Non-Discrimination:** We will not discriminate against you for exercising your rights To exercise these rights, email privacy@promptforest.com or call 1-800-PROMPT-1. We will verify your identity before processing requests. Authorized agents may submit requests on your behalf with proper documentation.

If you have questions or concerns about this Privacy Policy or our privacy practices: **Email:** privacy@promptforest.com **Address:** Privacy Officer, PromptForest, 123 Forest Lane, Wilmington, DE 19801, United States **Phone:** 1-800-PROMPT-1 We aim to respond to all privacy inquiries within 30 days. For EU users, you have the right to lodge a complaint with your local data protection authority.