Privacy Policy

Last updated: September 15, 2024

This privacy notice for SC INGENIUM SYM SYSTEMS SRL City of Oradea, Bihor, Romania ("Ratemyprompt.ai", "we," "us," or "our") explains how we collect, store, use, and share ("process") your personal information when you use our services ("Services"). This policy applies globally, including the EU, UK, US, Canada, Australia, and other international jurisdictions.

By using our Services, you acknowledge that your information will be processed in accordance with this policy, and that privacy laws may differ depending on your location. If you have any questions or concerns, please contact us at contact@ratemyprompt.ai.

1. What Information Do We Collect?

We collect various types of personal data depending on how you interact with our Services. This includes both voluntarily provided information and data automatically collected during your interactions with our platform.

Categories of Personal Information

We may collect and process the following types of personal data:

Identification Data: Name, email address, phone number.

Account Data: Username, password, account settings, preferences, and history.

Payment Data: Credit card or payment information (processed by third-party providers such as Stripe).

Device and Technical Data: Information about your device, such as IP address, browser type, operating system, unique device identifiers, and cookie data.

Usage Data: Activity logs, time spent on the platform, interactions with content, prompts submitted, optimized version of the prompts that was generated by our tool, and access times.

Location Data: Geolocation data based on device settings, including IP-based approximate location or GPS data if granted.

Sensitive Data

We do not intentionally collect or process sensitive personal data (e.g., racial or ethnic origin, political opinions, religious beliefs, or health data). However, if such data is inadvertently processed (e.g., through user-submitted content), it will be handled with the highest degree of care and in compliance with applicable laws. Users are advised not to submit sensitive data unless explicitly necessary.

Information Automatically Collected

Certain information is automatically collected when you interact with our platform:

Log and Usage Data: Including IP address, browser type, pages viewed, and access times.

Device Data: Device type, operating system, device identifiers, and system configuration.

Tracking Technologies: We use cookies and similar tracking technologies to collect information about user activity on our platform. Please refer to our Cookie Policy for more information.

2. How Do We Process Your Information?

We process your personal data for the following purposes, ensuring all processing activities are lawful and justified under applicable privacy laws (e.g., GDPR):

Account Management: To create and manage user accounts, including identity verification and authentication.

Service Delivery: To provide you with access to our Services, including processing requests and optimizing user prompts.

Customer Support: To communicate with you and address your inquiries, feedback, or complaints.

Service Improvement: To monitor, analyze, and improve the performance, functionality, and security of our platform.

Marketing: To send you marketing communications, newsletters, or promotional offers, provided you have given your consent, where required by law.

Compliance and Legal Obligations: To comply with legal obligations, prevent fraud, and address security issues.

Personalization: To tailor our Services to better suit your preferences and usage patterns through data analysis.

Legal Bases for Processing (GDPR)

We rely on the following legal bases for processing personal data under the GDPR:

Consent: You have provided explicit consent for the processing of your personal data for specific purposes (e.g., marketing).

Contractual Necessity: Processing is necessary to fulfill our contractual obligations with you (e.g., providing the service you signed up for).

Legal Obligation: We are required to process your data to comply with legal obligations (e.g., tax, anti-money laundering laws).

Legitimate Interests: We process your data to pursue our legitimate interests, such as improving our services, ensuring platform security, and preventing fraud.

3. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience and gather insights into user behavior. These technologies may include:

Cookies: Small data files stored on your device to remember your preferences and improve site performance.

Pixel Tags: Small graphics embedded in emails or web pages to track user actions.

Analytics Tools: Third-party services (e.g., Google Analytics) to analyze site traffic and user behavior.

You can manage your cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain aspects of the platform. For more information, please review our Cookie Policy.

4. Data Sharing and International Transfers

We share your personal data only in the limited circumstances outlined below:

Third-Party Service Providers

We use third-party providers for various services such as payment processing, cloud storage, analytics, and marketing tools. These providers are contractually bound to process your personal data securely and only for the purposes we specify.
Examples of third-party services include:

Payment Processors: Stripe.

Analytics Providers: Google Analytics.

Hosting and Cloud Services: Amazon Web Services (AWS).

International Transfers of Data

Your personal data may be transferred to, stored, or processed in countries outside your jurisdiction, including Romania and Sweden. These transfers will only occur where appropriate safeguards are in place, such as:

EU Standard Contractual Clauses (SCCs).

Adequacy Decisions: Where the European Commission has recognized a country as providing adequate data protection.

5. Data Security

We are committed to safeguarding the confidentiality, integrity, and availability of your personal data. To this end, we implement a variety of security measures, including:

Encryption: We encrypt sensitive data both in transit and at rest.

Access Controls: Limited access to personal data only to those employees and third parties who require it to perform their job functions.

Pseudonymization and Anonymization: When feasible, we anonymize or pseudonymize data to protect user identities.

Incident Response: In the event of a data breach, we will promptly notify affected users and regulatory authorities in accordance with applicable laws (e.g., GDPR’s 72-hour breach notification requirement).

Despite these measures, no system is completely secure. By using our platform, you acknowledge that the transmission of data is at your own risk.

6. Data Retention

We retain personal data for as long as is necessary to fulfill the purposes outlined in this policy, or as required by law. This includes:

Account Information: Retained for the duration of your use of the platform, and up to six years after account closure to comply with legal obligations.

Payment Information: Retained for accounting and tax purposes for a minimum of seven years or as required by law.

When personal data is no longer necessary for these purposes, we will securely delete or anonymize it.

7. Your Rights (GDPR and Global)

Depending on your location, you have the following rights concerning your personal data:

Right to Access: Request access to the personal data we hold about you.

Right to Rectification: Request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal exceptions.

Right to Restrict Processing: Request that we limit how we use your personal data in certain circumstances.

Right to Data Portability: Receive a copy of your personal data in a structured, commonly used format to transfer to another provider.

Right to Object: Object to the processing of your personal data for direct marketing or other purposes.

Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at contact@ratemyprompt.ai. We will respond to requests within 30 days, as required by law.

8. Automated Decision-Making and Profiling

We may use automated processes to analyze your behavior and preferences on our platform to enhance user experience, detect fraud, or tailor marketing content. However, such processing will not have any legal or similarly significant effects on you unless:

It is necessary for a contract.

You have explicitly consented to such processing.

It is otherwise authorized by applicable law.

You have the right to object to automated decision-making and request human intervention.

9. Privacy of Minors

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware of such data being collected, we will take steps to delete it immediately. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at contact@ratemyprompt.ai.

10. Changes to This Policy

We may update this Privacy Policy as necessary to stay compliant with applicable laws and to reflect changes in our data practices. We will notify you of material changes via email or a prominent notice on our website at least 30 days before the new policy takes effect. Continued use of the platform following changes indicates acceptance of the revised policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data protection practices, please contact us at:

SC INGENIUM SYM SYSTEMS SRL
City of Oradea, Bihor, Romania
Email: contact@ratemyprompt.ai