Promptit Logo

Privacy Policy — Promptit (creox s. r. o.)

Last updated:

Effective date:

This Privacy Policy explains how creox s. r. o. ("Promptit," "we," "us," "our") collects, uses, discloses, and safeguards information when you use the Promptit mobile application and related services (the "App" or the "Service"). If you do not agree with this Policy, please do not use the App.

Controller (GDPR)

Name: creox s. r. o.

IČO: 51849755 • DIČ: 2120813013 • IČ DPH (VAT ID): SK2120813013

Registered seat: Plynarenská 17563/3F, 821 09 Bratislava – Ružinov, Slovakia

Email: info@promptit.sk (privacy & data rights) • creoxcompany@gmail.com (alternate)

1) What Promptit does

Promptit is a prompt library where users can browse, save, like, copy, and (optionally) enhance prompts for use with third-party LLMs. You may sign in via Apple, Google, or email/password. We use Sentry for crash diagnostics and performance monitoring. If you use the agent feature, your prompt text is processed by our selected LLM provider(s) to generate enhancements.

2) Personal data we collect

We aim to collect only what's necessary to operate and improve the Service.

2.1 Account & identity data

Email address; Apple/Google identifiers; hashed password if you register by email; optional display name/avatar.

Purpose: authentication, account management, sync.
Legal basis: Contract (Art. 6(1)(b) GDPR).

2.2 App usage & technical data

Product interaction (taps, views, searches, saves/likes), other usage data (session metadata such as app opens and timestamps), device/OS/app version, and IP at request time.

Purpose: core features, abuse prevention, UX improvement.
Legal basis: Legitimate interests (Art. 6(1)(f)).

2.3 Content you add or optimize

Prompts you save, like, or optimize via the AI agent.

Purpose: provide library & enhancement features.
Legal basis: Contract.

2.4 Diagnostics & crash reports (Sentry)

Crash data (crash logs/stack traces) and other diagnostic data (error logs, limited device data, OS/app version, and IP at error time). We configure Sentry to minimize personal data and avoid sending prompt text.

Purpose: debugging, stability, security.
Legal basis: Legitimate interests.

2.5 Support communications

Emails/messages you send us (plus metadata from your provider).

Purpose: support.
Legal basis: Legitimate interests; Contract where tied to your account.

2.6 App Store privacy categories (mapping)

To align with App Store Connect, the App may collect the following data types, as described above, for the stated purposes, legal bases, and retention:

App Store categoryExamplesPurposeLegal basisTypical retentionLinked to you?
Email AddressLogin emailAuth, account supportContractWhile account is active; deleted/anonymized after account deletion (backups roll off ~30–90 days)Yes
Product InteractionTaps, views, searches, saves/likesCore features, abuse preventionLegitimate interestsRolling window (e.g., ≤ 12 months)Yes
Other Usage DataSessions, timestamps, app opensReliability, UX improvementLegitimate interestsRolling window (e.g., ≤ 12 months)May be linked where needed
Performance DataApp launch time, API latency, hangsPerformance monitoring (via Sentry)Legitimate interestsShort (e.g., ≤ 90 days)No (configured)
Crash DataCrash logs, stack tracesBug fixing (via Sentry)Legitimate interestsShort (e.g., ≤ 90 days)No (configured)
Other Diagnostic DataError logs, device/OS/app versionStability & securityLegitimate interestsShort (e.g., ≤ 90 days)No (configured)
Advertising DataIDFA/ad impressions/attribution (if enabled & consented)Ads/attribution (if used)Consent where required (e.g., iOS ATT)As short as practicable and per platform rulesMay be linked depending on platform

We do not intentionally collect special-category data (health, biometrics, etc.), precise geolocation, contacts, or your photo library.

3) How we use your information

Operate the App, provide the agent feature, improve reliability and safety (diagnostics, fraud/abuse mitigation), communicate with you, and comply with law/Terms. We do not use your data for automated decisions producing legal or similarly significant effects.

4) Sharing and processors

We never sell your personal data. We share it only to operate the Service with:

  • Auth providers: Apple, Google
  • Diagnostics: Sentry
  • LLM provider(s): only when you use the agent
  • Hosting/infra & email/support providers: where applicable

All processors are bound by Article 28 GDPR terms. Business transfers may occur under this Policy.

5) International transfers

Where data leaves the EEA/UK, we rely on SCCs and appropriate safeguards.

6) Retention

  • Account/profile: while active; deleted/anonymized upon deletion (backups ~30–90 days).
  • Prompt content: until you delete it or delete your account.
  • Usage logs: typically ≤ 12 months (rolling).
  • Sentry diagnostics (crash/diagnostic/performance): typically ≤ 90 days.
  • Support emails: until resolved and for limited archiving (e.g., ≤ 12 months).

7) Your rights

Access, rectification, erasure, restriction, objection, portability, and consent withdrawal. To exercise rights, email info@promptit.sk from your account email. We may verify your identity.

Supervisory authority (Slovakia): Úrad na ochranu osobných údajov SR, Nám. 1. mája 18, 811 06 Bratislava.

8) Account Deletion Process

How to delete your account (in-app)

  1. Open the Promptit app on your device.
  2. Go to Settings.
  3. In Account Management, tap Delete Account.
  4. Tap Delete Account again to initiate the process.
  5. Type DELETE in the confirmation field.
  6. Tap the final Confirm button.

What happens when you delete your account

  • Complete data removal: Your personal information, preferences, and account data are permanently deleted from our production databases.
  • Content deletion: Saved prompts, favorites, and user-generated content associated with your account are removed.
  • Authentication revocation: Login sessions are terminated and auth tokens invalidated.
  • Automatic logout: You are immediately logged out of the app.
  • Irreversible: Once completed, the action cannot be undone.

Important notes

  • Deletion is permanent and irreversible.
  • Some anonymized or aggregated analytics may be retained for service improvement where they no longer identify you.
  • Certain minimal records may be retained if required by law (e.g., fraud-prevention logs) and will be deleted when no longer necessary.
  • If you have an active subscription, please cancel it separately via your platform account (App Store/Google Play) before deleting your account; store billing is outside our control.

Need help?

If you have issues with deletion or data removal, contact info@promptit.sk (or info@promptit.sk if you prefer).

9) Children's privacy

The App is not intended for users under 16 (or the local minimum age).

10) Security

We use HTTPS, hashed passwords (for email sign-in), access controls, least-privilege administration, and privacy-minded Sentry settings. No method is 100% secure; we continuously improve safeguards.

11) Cookies & tracking

The App uses limited local storage/identifiers needed for functionality and security. If Advertising Data or non-essential analytics are enabled in the future, we will request consent where required (e.g., iOS ATT) and update this Policy.

12) Third-party LLMs & external services

When you copy prompts to third-party LLMs, their terms and privacy policies apply. When you use the agent, your prompt text is sent to our chosen LLM provider(s). Avoid sensitive personal data in prompts.

13) Changes

We'll post updates here with a new "Last updated" date and notify you of material changes where appropriate.

14) Contact

creox s. r. o. • Plynarenská 17563/3F, 821 09 Bratislava – Ružinov, Slovakia
Email: info@promptit.sk creoxcompany@gmail.com