Privacy Policy
Last updated: 2026-1-10
This Privacy Policy describes how Promptly collects, uses, stores, and protects information when you access our website, demo interfaces, and related services (the “Services”). We prioritize transparency, purpose limitation, and data minimization. Our approach is privacy-by-design: we collect only what is necessary to provide core functionality, measure performance, and ensure security. Where optional analytics or personalization is involved, we request clear affirmative consent and provide granular opt-out controls.
1. Data We Collect
- Contact data: your name and email address when you contact us (support: ming.t.yang@vanderbilt.edu), and any content you submit.
- Usage & device data: page views, timestamps, approximate geolocation derived from IP, browser/OS, language and theme preferences. We do not attempt to identify you from this data.
- Timezone preference: an IANA timezone name (e.g.,
America/New_York) used to calculate when your daily limits reset. - Prompt/testing content: task instructions, examples, test cases, generated outputs, and evaluation results. Please avoid submitting confidential or personal information you would not want processed.
- Cookies & local storage: strictly necessary items (consent, language, appearance) and, where offered, optional analytics with your consent. See our Cookies Policy.
2. Purposes of Processing
- Provide and improve the Services, including debugging, QA, and performance measurement.
- Secure the Services, monitor for abuse, and investigate incidents.
- Operate prompt optimization features and visualize aggregate metrics (accuracy, F1, pass rate, estimated cost).
- Enforce daily usage limits and determine when your daily limits reset based on your timezone preference.
- Communicate with you about updates, incidents, and requested support.
- Comply with legal obligations and enforce our Terms.
3. Legal Bases
Where required (e.g., GDPR), we rely on one or more of: (a) performance of a contract (when you use the Services); (b) legitimate interests in improving and securing the Services; (c) consent for optional analytics or certain communications; and (d) legal obligation.
4. Sharing & Disclosures
We do not sell personal data. We may share data with service providers that host infrastructure, provide security, or process analytics under data protection agreements. We may disclose information when legally required or to protect rights, users, and the public. If we reorganize our project, data may transfer to a successor consistent with this Policy.
5. Retention
We keep data only as long as necessary for the purposes above, or as required by law. Demo prompts and outputs may be deleted on a rolling basis. Preference cookies/keys persist until you clear them or they expire. We document schedules and review them periodically.
6. Security
We use industry-standard safeguards: encryption in transit, access controls, audit logging, least‑privilege operations, and secure development practices. No system is 100% secure; please report suspected incidents.
7. International Transfers
If data is transferred across borders, we implement appropriate safeguards such as Standard Contractual Clauses, supplementary measures, and vendor risk assessments.
8. Your Rights
Depending on your location, you may have rights to access, correct, delete, port, and restrict processing of your data, to object to certain processing, and to withdraw consent. You may also lodge a complaint with a supervisory authority. To exercise rights, email ming.t.yang@vanderbilt.edu. We will verify your identity and may deny manifestly unfounded or excessive requests.
9. Children
The Services are not intended for children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided data, contact us to delete it.
10. Changes
We may update this Policy to reflect changes in law or our practices. We will update the “Last updated” date and, where appropriate, provide additional notice.
11. Contact
Questions or requests: ming.t.yang@vanderbilt.edu.