Privacy Policy

Last updated: April 6, 2026

1. Information We Collect

Account information: When you create an account, we collect your email address, name, and authentication credentials. If you sign in with Google, we receive your name, email, and profile picture from Google.

Usage data: We collect anonymous analytics including pages visited, device type, country (via IP geolocation), and generation activity (keywords, styles chosen, number of names generated). We do not store the generated names themselves.

Payment data: Payment processing is handled entirely by Stripe. We do not store credit card numbers. We retain your Stripe customer ID and subscription status.

Chat data: If you use the AI Naming Assistant (Premium feature), your chat messages are stored to provide conversation history. You can delete your chat history at any time.

2. How We Use Your Information

  • To provide and improve the name generation service
  • To process payments and manage subscriptions
  • To maintain chat history for Premium subscribers
  • To analyze aggregate usage patterns and improve the product
  • To send essential account-related communications (no marketing emails)

3. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

  • Stripe: For payment processing
  • OpenAI: Chat messages are sent to OpenAI for AI name generation. OpenAI does not use API data for training.
  • Law enforcement: Only when required by law

4. Cookies

We use essential cookies only:

  • Session cookie: Keeps you logged in (httpOnly, expires in 7 days)
  • OAuth state cookie: Temporary, used during Google sign-in (expires in 5 minutes)

We do not use advertising cookies, tracking pixels, or third-party analytics services.

5. Data Retention

Account data is retained while your account is active. Anonymous analytics data is retained indefinitely in aggregate form. Chat history is retained until you delete it or close your account. You can request deletion of all your data by contacting us.

6. Security

Passwords are hashed with bcrypt. All connections use HTTPS with TLS encryption. Session tokens are cryptographically random and stored in httpOnly cookies. Payment data is handled by Stripe (PCI DSS compliant).

7. Your Rights

You have the right to access, correct, or delete your personal data. You can export your data or request account deletion by contacting us at the email below.

8. Changes

We may update this policy from time to time. Changes will be posted on this page with an updated date.

9. Contact

For privacy-related questions, contact us at [email protected].