Back to Home

Privacy Policy

Last updated: 12/4/2025

1. Information We Collect

Account Information

When you sign up, we collect:

  • Email address
  • Name (from OAuth provider)
  • Profile picture (from OAuth provider)
  • Authentication tokens

Usage Data

We automatically collect:

  • Generated comebacks and input text
  • User preferences and settings
  • Interaction data (likes, shares, reports)
  • Device and browser information
  • IP address and location (general)

2. How We Use Your Information

We use collected data to:

  • Provide and improve our service
  • Generate AI comebacks based on your input
  • Process payments and manage subscriptions
  • Send important updates and notifications
  • Analyze usage patterns and optimize performance
  • Prevent abuse and ensure platform safety
  • Display public comebacks on leaderboards
  • Comply with legal obligations and regulatory requirements

Legal Basis for Processing (PIPEDA Compliance)

We process your personal information based on:

  • Consent: You have given clear consent for processing
  • Contract: Processing is necessary for service provision
  • Legal Obligation: To comply with applicable laws
  • Legitimate Interest: To improve our services and prevent fraud

3. Data Sharing

We share data with:

  • OpenAI: Input text to generate comebacks (processed securely)
  • Stripe: Payment processing (PCI compliant)
  • Supabase: Database hosting and authentication
  • Google Analytics: Anonymous usage statistics (if enabled)
  • Public Leaderboard: Comebacks you mark as public

We never sell your personal information to third parties.

4. Data Storage and Security

- All data encrypted in transit (HTTPS/TLS)
- Database protected with row-level security
- Passwords hashed and never stored in plain text
- Regular security audits and updates
- Data hosted on secure cloud infrastructure

5. Your Rights

You have the right to:

  • Access: Request a copy of your data
  • Delete: Remove your account and associated data
  • Modify: Update your profile information
  • Export: Download your generated comebacks
  • Opt-out: Disable analytics tracking
  • Privacy: Mark comebacks as private (hidden from leaderboard)

6. Cookies and Tracking

We use cookies for:

  • Authentication and session management
  • User preferences and settings
  • Analytics (if enabled)

You can control cookies through your browser settings.

7. Children's Privacy

RoastAI is not intended for users under 13 years old. We do not knowingly collect information from children. If we discover a child under 13 has provided information, we will delete it immediately.

8. Data Retention

- Active accounts: Data retained indefinitely
- Deleted accounts: Data removed within 30 days
- Public comebacks: May remain on leaderboard unless specifically deleted
- Logs and analytics: Retained for up to 90 days

9. International Users

Your data may be processed in countries outside your own. By using RoastAI, you consent to this transfer. We ensure appropriate safeguards are in place.

10. Changes to Privacy Policy

We may update this policy from time to time. We'll notify you of significant changes via email or platform notification.

11. Data Breach Notification (PIPEDA Compliance)

In the event of a data breach that poses a real risk of significant harm to individuals, we will:

  • Notify affected individuals without unreasonable delay
  • Report to the Privacy Commissioner of Canada when required
  • Provide clear information about the breach and steps taken
  • Offer guidance on protective measures users can take

12. Privacy Officer

As required by PIPEDA, we have designated a Privacy Officer responsible for ensuring compliance with this Privacy Policy and Canadian privacy laws. The Privacy Officer can be contacted for all privacy-related matters.

13. Contact Us

For privacy-related questions or to exercise your rights, contact us at support@roastai.net

Contact: support@roastai.net