Privacy Policy
PPL AI is committed to protecting your privacy. We collect only the data needed to run the service and never sell your personal information to third parties.
1. Information We Collect
Account Information
When you create a PPL AI account, we collect your name, email address, and authentication credentials via our identity provider (Clerk). You may optionally provide a profile photo, job title, company name, phone number, LinkedIn URL, and website.
V.Card Data
Your digital V.Card contains contact information you explicitly add: name, title, company, email, phone, WhatsApp, LinkedIn, and website. This data is stored so others can view and save your card when you share the link or QR code.
Contacts & Networking Data
When you scan or add contacts, we store their details along with any notes, tags, and the event context in which you met them. This data is private and visible only to you.
Usage Data
We collect standard server logs including IP addresses, browser type, pages visited, and actions taken within the app. This helps us diagnose issues and improve the product.
2. How We Use Your Information
- To provide the service — displaying your V.Card, generating AI follow-up suggestions, and managing your contacts and events.
- To communicate with you — sending transactional emails (account confirmations, security alerts) and, with your consent, product updates.
- To improve the product — analysing aggregated, anonymised usage patterns to make PPL AI better.
- To prevent abuse — detecting spam, fraud, and security threats.
3. AI Features
PPL AI uses a third-party AI provider (OpenRouter) to generate follow-up message suggestions. Contact names and event context are sent to this service to produce suggestions. We do not use your data to train external AI models. All AI requests are processed in real time and not stored by the AI provider beyond the session.
4. Data Sharing
We do not sell your personal data. We share data only with:
- Supabase — our database and storage provider, hosted on AWS.
- Clerk — our authentication provider.
- OpenRouter — for AI-generated follow-up suggestions (contact context only, no full profiles).
- Upstash — for rate limiting (IP addresses only).
- Law enforcement — only when required by a valid legal order.
5. Data Retention
We retain your data for as long as your account is active. You may delete your account at any time from the Settings screen, which permanently removes all your data within 30 days. Backups may retain data for up to 90 days after deletion.
6. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data (right to erasure)
- Object to or restrict certain processing
- Export your data in a portable format (V.Card / CSV)
To exercise any of these rights, contact us at privacy@pplai.app or use the support form.
7. Cookies
We use strictly necessary cookies to keep you signed in (session tokens managed by Clerk). We do not use advertising or tracking cookies. No third-party analytics scripts are loaded on your pages.
8. Security
All data is encrypted in transit (TLS 1.2+) and at rest. Access to production databases is restricted to authorised personnel via MFA-protected credentials. We conduct periodic security reviews of our infrastructure.
9. Children
PPL AI is not directed to children under 16. If we become aware that a child under 16 has provided personal data, we will delete it promptly. Please contact us at privacy@pplai.app if you believe this has occurred.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-app notice at least 14 days before the change takes effect. Your continued use of PPL AI after the effective date constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions, contact us at privacy@pplai.app or through our Support page.