← BACK TO HOME
Privacy Policy
LAST UPDATED: MAY 26, 2026 · VERSION 1.0.0
At PromptMatrix ("we", "our", or "us"), we respect your privacy and are committed to protecting the personal data we collect. This Privacy Policy explains how we collect, use, store, and share information when you use our website (promptmatrix.io), our managed cloud services, and our command-line tools.
1. Information We Collect
We collect information you provide directly to us when setting up an account, purchasing access, or interacting with our APIs:
- Account Credentials: Email address, password (stored securely as a salted hash), full name, and organisation details.
- Billing & Payment Data: Payment processing is handled securely by Razorpay. We do not store or have access to your full credit card number or bank credentials. We store only transactional receipt details, plan status, and payment email.
- Telemetry & Usage Data: Number of prompts served, team seats occupied, API call volumes (RPM), and environment IDs to enforce plan limits and generate usage dashboards.
- Client Configurations: If you use our cloud service, we store prompt templates, version tags, and environment mappings. We do not store your LLM API keys on our servers unless you explicitly opt to use our secure Key Vault feature.
2. How We Use Your Information
We use the collected data for the following purposes:
- To initialize, provision, and maintain your governed prompt workspaces.
- To authenticate your team members and apply role-based access control (RBAC).
- To send transaction-related emails (e.g., workspace reservation confirmation, email verification, and billing updates).
- To enforce our Founder Tier limits and subscription boundaries.
- To secure our APIs against misuse, rate-limiting violations, and security threats.
3. Data Sharing & Third Parties
We do not sell your personal data. We share information only with third-party subprocessors essential to serving the application:
- Supabase / PostgreSQL: Hosted database infrastructure for secure data storage.
- Vercel: Serverless application hosting environment.
- Razorpay: Secure payment processing and checkout services.
- Brevo (formerly Sendinblue): Transactional email delivery API.
4. Data Security
We implement industry-standard security measures, including HTTPS/TLS encryption for all data in transit, salted passwords, and atomic database locking for transaction integrity. For self-hosted (OSS) instances, your data remains fully on your own local database infrastructure.
5. Your Rights
Depending on your jurisdiction (including GDPR compliance), you have the right to request access to, correction of, or deletion of your personal data. If you wish to delete your account or organization, please contact us at hello@promptmatrix.io.
6. Contact Us
If you have any questions or concerns about this Privacy Policy, please email us at hello@promptmatrix.io.