Privacy Policy

1. Who we are and our role

Fluentprompts is operated by MB Present Simple, a private limited company registered in Lithuania (company code 307281485), with its registered office at Griunvaldo g. 8, Kaunas, Lithuania ("we", "us", "Fluentprompts"). For the personal data described in this notice, MB Present Simple is the data controller and decides how and why your data is processed. This notice explains what data we handle, why, and the choices you have.

2. Data we collect

• Account data: email address and authentication identifier when you sign in.
• Prompt content: the prompt text you submit for rewriting, plus the chosen target model and task.
• Usage data: credit balance, credit ledger entries, daily refill timestamps, and a hash of recent rewrites for abuse prevention.
• Referral data: your unique referral code and which account, if any, referred you.
• Purchase data: for paid plans and credit packs, we receive from Paddle a customer ID, the product/price purchased, subscription status, billing country, and the last 4 digits / brand of the card. We do not see or store full payment card details.
• Technical data: standard request metadata (IP, user agent) used for security and rate limiting.

3. How we use your data and legal basis

• To provide the rewriting service, maintain your credit balance, and deliver paid features - performance of a contract with you.
• To authenticate you and keep your account secure - performance of a contract and our legitimate interest in account security.
• To prevent abuse, fraud, and circumvention of credit limits - our legitimate interest in protecting the Service.
• To run the referral program and credit both parties when eligible - performance of a contract.
• To improve the quality of our prompting methodology in aggregate - our legitimate interest in improving the Service.
• To comply with tax, accounting, and other legal obligations associated with paid orders - legal obligation.

4. Who we share data with

To deliver the Service we share data with the following categories of recipients:

• Payment processor and Merchant of Record - Paddle.com Market Limited. Paddle is the Merchant of Record for all our paid orders and acts as an independent data controller for the checkout, billing, payment, anti-fraud, tax compliance, invoicing, and refund handling. When you purchase, your billing details and payment data are collected and processed by Paddle directly under their privacy notice. Paddle shares with us the limited purchase data described in section 2 so we can provision your subscription or credits.
• AI model providers (e.g. OpenAI, Google) - receive your prompt text in order to generate the rewrite. Their handling is governed by their own terms and privacy notices.
• Backend infrastructure and email providers - managed cloud services that host the Service, store your account, credits and ledger, and send transactional emails such as receipts and account notifications.
• Professional advisers and authorities - legal, accounting, or tax advisers, and competent authorities where disclosure is required by law.

5. International transfers

Some of our processors (including AI model providers and infrastructure services) operate outside the European Economic Area. Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or adequacy decisions.

6. Cookies and local storage

We use local storage and cookies to keep you signed in and to capture referral codes from URLs you arrive on. We do not use third-party advertising trackers.

7. Data retention

Account and credit data are retained while your account is active and deleted (or anonymised) on your request or after a period of inactivity. Prompt content and usage logs are retained for a limited period for service operation and abuse prevention, then deleted or anonymised. Purchase records (invoices, transactions) are retained for as long as required by tax and accounting laws (typically up to 10 years in Lithuania).

8. Security

We apply appropriate technical and organisational measures to protect your data, including encryption in transit (TLS), encryption at rest for our managed databases, access controls and least-privilege permissions for our team, secure authentication, and monitoring for unauthorised access. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you and the relevant authorities as required by law.

9. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, port, or object to our processing of your personal data, and to withdraw consent where processing is based on it. EEA/UK users also have the right to lodge a complaint with their local data protection authority - in Lithuania, the State Data Protection Inspectorate (VDAI). To exercise any of these rights, contact us and we will respond within one month.

10. Children

The Service is not directed to children under 13, and we do not knowingly collect personal data from them.

11. Changes

We may update this policy. Material changes will be reflected by updating the "last updated" date above.

12. Contact

For privacy questions or requests, open a support ticket, or write to MB Present Simple, Griunvaldo g. 8, Kaunas, Lithuania.