Privacy Policy

Who this applies to

This policy applies to creators (workspace members), end-user subscribers of apps published on Prialon, and anyone who creates a Prialon account. App-specific privacy obligations of individual creators are out of scope and remain with each creator.

Data controller

Prialon is the controller for account-level data (your profile, sessions, billing) and a data processor for execution-level data on behalf of the creator whose app you run. Contact: privacy@prialon.com.

Data we collect

• Account: name, email, locale preference, OAuth identifier, IP address (truncated), session timestamps.
• Workspace and apps: workspace names, app definitions, blueprints, member roles. Visible only to workspace members and bound by Row-Level Security.
• App executions: inputs you submit and outputs the AI generates while running an app. Inputs and outputs are bound to your account and the workspace running the app. We do not log them in our application logs.
• Billing: Stripe customer id, payment intent ids, invoice ids. Card numbers and CVV NEVER reach Prialon servers, they are tokenized by Stripe.
• Audit and security: who did what and when, in append-only logs. Retained for legal/financial compliance.

Why we use your data

Account data lets you sign in and reach your workspaces. Execution data is necessary to run the AI app you triggered. Billing data is required to charge you and pay the AI provider. Audit data is required by financial and security obligations. We do not use your inputs or outputs to train models, and we never sell your data.

Service providers (subprocessors)

We rely on a small set of providers: Supabase, Stripe, Vercel, Inngest, Google Gemini, Resend, Sentry. Each acts under a data processing agreement. The full list with purpose, data processed, and region is published at /subprocessors.

How long we keep data

• App execution inputs and outputs: while your subscription to the app is active, then 90 days after cancellation. After that, hard-deleted.
• Audit logs: at least 1 year, then archived to cold storage.
• Financial ledgers (payments, AI Balance): retained per fiscal/accounting obligation; never hard-deleted, anonymized when applicable.
• Deleted account data: 30-day grace period during which you can cancel deletion. After grace, your PII is anonymized and non-essential rows are dropped. Financial and audit rows survive in anonymized form.

Your rights

Under LGPD Art. 18 and GDPR Art. 15-22 you can: access your account data, request a portable copy of your data (JSON export from /account/data), request correction of inaccurate data, request deletion (from /account/delete with 30-day grace), revoke consent, and lodge a complaint with your data protection authority. Most rights are self-service in /account; contact privacy@prialon.com for anything else.

International transfers

Some subprocessors operate outside Brazil and the EU (notably US-hosted Supabase and Stripe). Transfers are covered by the appropriate safeguards (Standard Contractual Clauses, Brazilian transfer mechanisms). We host the platform in regions chosen for proximity to our users; staging and disaster-recovery copies may briefly cross regions.

Cookies and tracking

We use first-party cookies for session management (Supabase Auth) and CSRF protection. We do not use third-party advertising trackers. PostHog (analytics) and Sentry (error monitoring) may set first-party cookies on a future launch and will be disclosed at /subprocessors.

Children

Prialon is not directed to children under 13 (or 16 in EU). We do not knowingly collect their data. If you believe a child created an account, contact privacy@prialon.com.

Changes to this policy

We update this policy when our practices change. Material changes will be announced via email to active users at least 30 days before they take effect.

Contact

Questions or rights requests: privacy@prialon.com. Data Protection Officer: Prialon (contact via the same email).