Last updated: March 1, 2025 · Effective: March 1, 2025
Welcome to Prompt GPT ("we," "our," or "us"), operated by the founders of promptgpt.ca and accessible at https://promptgpt.ca. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.
By using our website and services, you agree to the collection and use of information in accordance with this policy. If you are located in Canada, this policy is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
📍 Prompt GPT is operated from Canada. If you access our service from outside Canada, please be aware that your information may be transferred to and processed in Canada.
1. Information We Collect
1.1 Information You Provide Directly
When you use Prompt GPT, you may voluntarily provide:
Chat messages and prompts — the text you type into the chat interface to request prompt generation.
Contact information — if you reach out to us via email or our contact form, we may collect your name and email address.
1.2 Information Collected Automatically
When you visit our site, certain information is collected automatically through standard web technologies:
Session data — we use server-side sessions (Flask sessions) to maintain your conversation history during a single browsing session. This data is not persistently stored after your session ends.
Usage data — including your IP address, browser type, operating system, referring URLs, pages visited, and the time and date of your visit.
Cookies — we use essential session cookies to operate the service. See Section 5 for more detail.
1.3 Information from Third Parties
We use the following third-party services that may independently collect data:
OpenAI API — your chat messages are sent to OpenAI's API to generate responses. OpenAI's data handling is governed by OpenAI's Privacy Policy.
Google AdSense — we display advertisements via Google AdSense, which may use cookies and similar tracking technologies to serve personalized ads. See Section 5.
2. How We Use Your Information
We use the information we collect for the following purposes:
To operate and improve the service — processing your messages through our AI pipeline to generate prompt engineering outputs.
To maintain session continuity — keeping conversation context during a single session so the AI can refine and build on previous exchanges.
To display advertising — serving contextually relevant ads through Google AdSense to support the free operation of the service.
To analyze usage patterns — understanding how users interact with the platform to improve features and fix bugs.
To respond to inquiries — if you contact us, we use your contact information to reply.
To comply with legal obligations — retaining and disclosing information where required by applicable law.
3. Data Sharing and Disclosure
We do not sell your personal information. We may share data with the following parties:
OpenAI — your chat inputs are transmitted to OpenAI's API solely to generate responses. We do not store your messages after your session ends.
Google AdSense / Google LLC — for serving ads and analytics. Google may collect and process data as described in Google's Privacy Policy.
Hosting and infrastructure providers — our hosting platform (e.g., Heroku or equivalent) may process server logs as part of normal operations.
Legal authorities — we may disclose information if required by law, court order, or governmental authority.
All third-party service providers are contractually obligated to handle your data securely and only for the purposes we specify.
4. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes described in this policy:
Session data — conversation history is held in server-side sessions and is cleared when you close your browser or manually clear the chat. It is not permanently stored in a database.
Server logs — standard web server access logs may be retained for up to 30 days for security and diagnostic purposes.
Contact communications — if you email us, we retain your correspondence for up to 2 years.
5. Cookies and Tracking Technologies
We use cookies and similar technologies as follows:
Session cookies (essential) — used by our Flask backend to maintain your chat session. These are deleted when you close your browser.
Google AdSense cookies — Google uses cookies, web beacons, and similar tracking technologies to serve ads based on your prior visits to our website and other sites. You can opt out of personalized advertising by visiting Google Ads Settings.
Analytics cookies — if we use Google Analytics or similar tools, these cookies help us understand aggregate usage patterns. No personally identifiable information is collected through analytics.
Most web browsers allow you to control cookies through browser settings. Disabling cookies may affect the functionality of the service.
6. Your Rights Under PIPEDA
If you are a Canadian resident, you have the following rights under PIPEDA:
Right of access — you may request a copy of the personal information we hold about you.
Right to correction — you may request that we correct inaccurate or incomplete personal information.
Right to withdrawal of consent — you may withdraw consent to the collection or use of your personal information (subject to legal or contractual restrictions).
Right to file a complaint — you may file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.
To exercise any of these rights, please contact us using the information in Section 9.
7. Data Security
We implement reasonable administrative, technical, and physical safeguards to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:
Encrypted HTTPS connections for all data transmission.
Secure server-side session handling with a secret key.
API keys stored as environment variables, never in source code.
Restricted access to production systems.
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
8. Children's Privacy
Prompt GPT is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately and we will take steps to delete such information.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by updating the "Last updated" date at the top of this page. Your continued use of the service after any changes constitutes your acceptance of the revised policy.
We encourage you to review this page periodically to stay informed about how we protect your information.
Questions about your privacy?
If you have any questions about this Privacy Policy or how we handle your data, we're here to help.