Privacy Policy

• Account data: your email address and display name when you register.
• Conversation data: prompts you send and AI responses you receive, stored so you can access history.
• Saved notes: any notes, summaries, or prompts you explicitly save.
• Uploaded files: documents and images you upload for AI analysis. File content is processed and then discarded — we do not store raw file bytes long-term.
• Payment data: transaction references and amounts from bKash / Nagad payments. We do not store card numbers or mobile banking PINs.
• Usage data: feature usage counts (AI queries, uploads, image generations) used to enforce plan limits.
• News feed preferences: topics and categories you select for your personalized feed.

• Providing the Prismia service — routing your prompts to AI providers, storing history, and displaying your notes and feed.
• Enforcing plan limits and processing payments.
• Sending transactional emails (OTP codes, payment confirmations). We do not send marketing emails without your consent.
• Diagnosing errors and improving reliability using anonymized error logs (Sentry).

When you send a prompt, it is forwarded to one or more of the following AI providers via OpenRouter:

• Anthropic (Claude)
• OpenAI (ChatGPT)
• Google DeepMind (Gemini)

Your prompts are processed under each provider's own data handling terms. We use API tiers that disable training on your inputs where available, but you should review each provider's privacy policy for full details.

Payment processing is handled by bKash and Nagad. We share only the minimum reference data required to verify a transaction.

We retain your data for as long as your account is active. Conversation history is subject to the history-days limit of your plan. When you delete your account, all personal data — including conversations, notes, and usage records — is permanently and immediately erased from our systems.

• Access: you can view your stored data through the app at any time.
• Deletion: you can permanently delete your account and all associated data from Account Settings → Delete account. Deletion is instant and irreversible.
• Correction: you can update your display name from Account Settings at any time.
• Portability: to request an export of your data, email us at support@prismia.ltd.

We use an authentication session cookie to keep you logged in. We do not use advertising cookies or third-party tracking pixels. No cookie consent banner is shown because we only use strictly necessary cookies.

Data is stored in Supabase (hosted on AWS) with row-level security policies that ensure each user can only access their own data. All traffic is encrypted in transit via HTTPS. We conduct periodic security reviews of our codebase.

Prismia is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has created an account, contact us and we will delete it promptly.

We may update this policy as the product evolves. Significant changes will be communicated via email or an in-app notice. Continued use of Prismia after changes means you accept the updated policy.

For privacy questions or data requests, contact us at support@prismia.ltd. We aim to respond within 5 business days.