Privacy Policy

1. What we collect

When you submit a brand brief via the form (/), the Telegram bot, or the MCP server (/api/mcp) — and you have NOT activated Private Session — we store:

• Every field of your brand brief (brand name, services, target audience, budget, etc.) — including AI-enriched values if you used Smart-Fill
• The bilingual markdown output of every node that runs for your plan
• Metadata about deliverables you build (.docx / .pptx / .html) — filename, size, format, timestamp (the binary files themselves are not retained — they're generated on demand and streamed to you)
• A SHA-256 hash of your IP address (truncated to 16 characters), your user agent, and the request origin — used for abuse detection and aggregate statistics
• A randomly-generated session token that lets us correlate one brief with the outputs and deliverables it produced

If you activate Private Session on the form, none of the above is written to our archive. Your brief and outputs still travel through OpenAI (governed by their policy) and through Vercel's compute (the request itself is logged at the platform level for the standard short period documented by Vercel), but nothing is stored in our Supabase database for us to read later. See §4 for retention details.

۱. چه چیزهایی جمع می‌کنیم

وقتی از فرم، بات تلگرام یا سرور MCP استفاده می‌کنید، این موارد ذخیره می‌شود: همه‌ی فیلدهای بریف برند، خروجی مارکداون هر نود، متادیتای deliverables (نه خود فایل)، هش SHA-256 از IP شما (کوتاه شده)، user agent، origin، و یک session token تصادفی.

2. Why we collect it

• Service improvement — review patterns in submissions to fix prompt bugs and improve outputs
• Customer support — if you report a problem, we can find your specific session and diagnose
• Abuse prevention — rate-limit and block patterns of misuse
• Aggregate analytics — understand which plan modes, postures, and brand categories are most common

۲. چرا جمع می‌کنیم

• بهبود سرویس و رفع باگ‌های پرامپت
• پشتیبانی مشتری — برای پیدا کردن session شما
• جلوگیری از سوءاستفاده
• تحلیل تجمیعی

3. Private Session — opt-out of all archiving

The form (and every API surface — REST, MCP, Telegram) accepts a private: true flag. When set:

• No aa_sessions row is inserted for your brief
• No aa_node_outputs rows are inserted for any node that streams
• No aa_deliverable_meta rows are inserted for files you download
• Your brief and outputs still pass through OpenAI (one-time, governed by their no-train-by-default API policy) and through Vercel compute, but nothing reaches our database

Trade-off: with Private Session active, we cannot help you recover a lost session, debug your specific output, or include your usage in aggregate analytics. The download links also expire when your browser tab closes (there's no server-side record to re-render from).

۳. حالت Private — خروج کامل از آرشیو

فرم و همه‌ی API ها فلگ private: true را می‌پذیرند. وقتی فعال است: هیچ ردیفی از session، خروجی نود، یا متادیتای deliverable در پایگاه داده درج نمی‌شود. هزینه‌اش این است که نمی‌توانیم در بازیابی session یا debug خروجی کمک کنیم.

4. Third-party services

To run, this service uses:

• OpenAI — every node call sends your brief + prior outputs to OpenAI's gpt-4.1 API (via Vercel AI Gateway). OpenAI's data policy applies: openai.com/policies. OpenAI does not train on API requests by default.
• Vercel — hosts the application (compute, edge) and the AI Gateway. Their policy: vercel.com/legal/privacy-policy.
• Supabase — stores the archive (sessions, node outputs, deliverable metadata). Their policy: supabase.com/privacy.
• Telegram (only if you use the bot) — message routing. Their policy: telegram.org/privacy.

5. Retention

Archived briefs and node outputs are retained 30 days by default for service improvement, customer support, and abuse prevention. A daily cron (/api/cron/purge) deletes any session row, node-output row, and deliverable-metadata row whose created_at is older than 30 days. After purge, that data is no longer recoverable from our systems.

If you activated Private Session on the form (or set private: true via the API / MCP / Telegram brief), no archive row is written at all — the brief and outputs are processed in memory, streamed to you, and forgotten. There is nothing to purge later because nothing was stored.

Outside of these defaults, you can request earlier deletion of any session you submitted by emailing the address at the bottom of this page; we will purge it within 7 days of the request.

۵. مدت نگهداری

به‌طور پیش‌فرض، بریف‌ها و خروجی‌های نود برای ۳۰ روز نگهداری می‌شوند. یک cron روزانه (/api/cron/purge) هر ردیفی که تاریخ ایجادش بیش از ۳۰ روز است را به‌طور دائم حذف می‌کند. اگر گزینه‌ی Private Session را فعال کرده باشید، هیچ ردیفی در آرشیو نوشته نمی‌شود و چیزی برای حذف بعدی نیست. می‌توانید درخواست حذف زودتر را با ایمیل پایین صفحه ارسال کنید؛ ظرف ۷ روز انجام می‌شود.

6. Security

• All connections use HTTPS
• Archive tables in Supabase have Row-Level Security enabled with a deny-all policy; only the server with its service-role key can read or write
• Admin panel access requires email + password authentication with HMAC-SHA256 signed httpOnly cookies
• API keys and secrets are stored as encrypted Vercel environment variables, never in code

7. Your rights

Depending on your jurisdiction (GDPR, CCPA, PIPEDA, etc.) you have rights to access, correct, or delete your data. To exercise any of these, contact us using the email at the bottom of this page.

8. Children

This service is not directed at children under 13. We do not knowingly collect data from children.

9. Changes

If we make material changes to this policy, we'll update the "Last updated" date at the top and notify active users via the next session start.

Contact · تماس

Email: mahan.sma@gmail.com