Privacy Policy

1. Introduction

GrowthReactor ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services, including our Article Creation API.

2. Information We Collect

2.1 Information You Provide

When you use our services, you may provide:

• Account information (email, name, profile data)
• Article content (titles, descriptions, text, images)
• Payment information (processed securely through Stripe)
• API authentication credentials

2.2 Automatically Collected Information

We automatically collect certain information when you visit our website:

• Log data (IP address, browser type, pages visited)
• Usage data (features used, time spent, interactions)
• Device information (device type, operating system)
• Cookies and similar tracking technologies

2.3 API Usage Data

When using our Article Creation API:

• API requests and responses are logged for debugging and security
• Article content and images submitted through the API are stored on our servers
• External image URLs are accessed to download and store images locally
• API authentication tokens are validated but not logged

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Process your article submissions and display published content
• Manage your account and provide customer support
• Process payments and maintain transaction records
• Monitor and analyze usage patterns to improve our services
• Detect, prevent, and address technical issues or security threats
• Send administrative information and service updates
• Comply with legal obligations

4. Data Storage and Security

4.1 Storage

Your data is stored securely:

• Database hosted on secure cloud infrastructure (Neon/PostgreSQL)
• Images stored on our web servers in the public directory
• Regular backups to prevent data loss
• Data retention for as long as your account is active or as needed to provide services

4.2 Security Measures

We implement appropriate security measures including:

• HTTPS encryption for all data transmission
• API key authentication for programmatic access
• Firebase Authentication for user accounts
• Regular security audits and updates
• Restricted access to personal information

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Third-Party Services

We use the following third-party services:

• Firebase (Google): Authentication and user management
• Stripe: Payment processing (they have their own privacy policy)
• Neon: Database hosting
• Make.com: Webhook processing for tools
• OpenAI/ChatGPT: When using our API through ChatGPT actions

These services have their own privacy policies, and we encourage you to review them.

6. ChatGPT Actions and API Usage

When you use our Article Creation API through ChatGPT or other third-party applications:

• Your prompts and content are processed by the third-party service (e.g., OpenAI) according to their privacy policy
• We receive only the article data sent to our API endpoint
• External image URLs you provide are accessed and downloaded by our servers
• Published articles and images become publicly visible on our website
• Draft articles are stored but not publicly accessible
• API keys must be kept confidential and are your responsibility to protect

7. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With your consent: When you explicitly agree to share information
• Service providers: Third-party companies that help us operate our services
• Legal requirements: When required by law or to protect our rights
• Business transfers: In connection with a merger, sale, or acquisition
• Public content: Published articles are publicly visible on our website

8. Your Rights and Choices

You have the following rights regarding your information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal requirements)
• Opt-out: Unsubscribe from marketing communications
• Data portability: Request a copy of your data in a portable format
• Revoke API access: Revoke API keys at any time through your account settings

To exercise these rights, please contact us using the information provided below.

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your preferences and settings
• Maintain your authentication session
• Analyze site traffic and usage patterns
• Improve user experience

You can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our services, you consent to the transfer of your information to our facilities and service providers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for material changes)

Your continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

14. Additional Rights for EU and California Residents

EU Residents (GDPR)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, use, and disclose. You may also request deletion of your personal information and opt-out of the sale of your information (though we do not sell personal information).