Privacy Policy
Last Updated: December 6, 2025
This Privacy Policy explains how Void ("we," "us," or "our") collects, uses, and protects your personal information when you use the Safe Appeals Cloud service. We are committed to protecting your privacy and complying with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and British Columbia's Personal Information Protection Act (PIPA).
Please read this Privacy Policy carefully to understand our practices regarding your personal information.
1. About This Policy
Scope
This Privacy Policy applies to:
- The Safe Appeals Cloud web dashboard (safeappeals.com)
- The Safe Appeals Cloud credit and billing system
- Your interactions with Safe Appeals Cloud services through the Void editor
This policy does not apply to:
- The Void editor software itself (which is open-source and operates locally on your device)
- Third-party services we integrate with (Anthropic, OpenAI, Google, Stripe, Supabase)—please review their respective privacy policies
Our Privacy Commitment
- ✓We don't train on your data. Your prompts and AI responses are never used to train or improve AI models.
- ✓We don't sell your data. We never sell, rent, or trade your personal information to third parties.
- ✓We minimize data collection. We only collect information necessary to provide and improve our services.
- ✓We are transparent. This policy clearly explains what we collect, why, and how we use it.
2. Information We Collect
2.1 Information You Provide
Account Information
When you create a Safe Appeals Cloud account, we collect:
- Email address (from your Google account)
- Display name (from your Google account)
- Profile picture URL (from your Google account)
Payment Information
When you purchase credits, Stripe (our payment processor) collects:
- Payment card details (card number, expiration, CVV)
- Billing address
- Transaction details
Important: We do not store your full credit card number or CVV on our servers. This information is securely handled by Stripe.
Communications
When you contact us, we collect:
- Email address
- Content of your messages
- Any attachments you provide
2.2 Information Collected Automatically
Usage Data
When you use Safe Appeals Cloud, we automatically collect:
- Token usage counts (for billing purposes)
- Model selection preferences
- Timestamps of requests
- Credit purchase and consumption history
Technical Data
We may collect:
- IP address (for security and fraud prevention)
- Browser type and version
- Operating system
- Device information
- Referring URLs
We do NOT collect:
- ❌ The content of your prompts or queries
- ❌ The content of AI responses you receive
- ❌ Your code, files, or projects
- ❌ Keystrokes or screen content
2.3 Information from Third Parties
Google OAuth
When you sign in with Google, we receive:
- Your Google account email address
- Your display name
- Your profile picture URL
- A unique identifier for authentication
We do not receive access to your Google Drive, Gmail, contacts, or other Google services.
3. How We Use Your Information
3.1 Primary Uses
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account management | Email, name, profile | Contractual necessity |
| Processing payments | Payment details via Stripe | Contractual necessity |
| Tracking credit balance | Usage data, transaction history | Contractual necessity |
| Providing AI services | Token counts, model preferences | Contractual necessity |
| Service notifications | Email address | Contractual necessity |
| Preventing fraud | IP address, usage patterns | Legitimate interest |
3.2 What We Don't Do
We never:
- Sell your personal information to third parties
- Use your prompts or AI responses to train AI models
- Share your data with advertisers
- Profile you for targeted advertising
- Access or store the content of your code or files
4. How We Share Your Information
4.1 Service Providers
We share information with trusted service providers who help us operate Safe Appeals Cloud:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Supabase | Authentication, database | Account info, usage data | USA |
| Stripe | Payment processing | Payment info, email | USA |
| Anthropic | AI processing (Claude) | Token counts only* | USA |
| OpenAI | AI processing (GPT) | Token counts only* | USA |
| AI processing, OAuth | Token counts only*, auth | USA | |
| Railway | Hosting infrastructure | Technical logs | USA |
*LLM providers process your prompts to generate responses, but we do not share your prompts with them for training purposes.
4.2 Legal Requirements
We may disclose your information if required to:
- Comply with applicable laws, regulations, or legal processes
- Respond to lawful requests from public authorities
- Protect our rights, privacy, safety, or property
- Enforce our Terms of Service
5. Data Retention
How Long We Keep Your Data
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information | Until account deletion | Service provision |
| Transaction history | 7 years | Legal/tax requirements |
| Usage logs | 90 days | Billing and support |
| Technical logs | 30 days | Security and debugging |
| Support communications | 2 years | Service quality |
Account Deletion
When you request account deletion:
- Your account is immediately deactivated
- Personal information is deleted within 30 days
- Anonymized usage data may be retained for analytics
- Transaction records are retained as required by law
To request deletion, email support@safeappeals.com.
6. Data Security
Our Security Measures
We implement industry-standard security measures to protect your information:
Technical Safeguards
- ✅ HTTPS encryption for all data in transit
- ✅ Encryption at rest for sensitive data
- ✅ Secure authentication via OAuth 2.0
- ✅ Rate limiting to prevent abuse
- ✅ Regular security audits
Payment Security
- ✅ PCI-DSS compliant via Stripe
- ✅ No storage of full card numbers
- ✅ Secure tokenized transactions
- ✅ Fraud detection systems
7. Your Privacy Rights
Rights Under Canadian Law
Under PIPEDA and PIPA, you have the right to:
| Right | Description |
|---|---|
| Access | Request a copy of your personal information |
| Correction | Request correction of inaccurate information |
| Withdrawal of Consent | Withdraw consent for data processing |
| Complaint | File a complaint with the Privacy Commissioner |
How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: privacy@safeappeals.com
- Response Time: We will respond within 30 days
Right to Complain
If you believe we have violated your privacy rights, you may file a complaint with:
- Office of the Privacy Commissioner of Canada - www.priv.gc.ca
- Office of the Information and Privacy Commissioner for BC - www.oipc.bc.ca
8. International Data Transfers
Your information may be processed in the United States by our service providers (Supabase, Stripe, LLM providers, Railway). The United States may have different data protection laws than Canada.
When we transfer data internationally, we:
- Use service providers with strong privacy practices
- Require contractual protections for your data
- Ensure transfers comply with Canadian privacy law requirements
By using Safe Appeals Cloud, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.
9. Children's Privacy
Safe Appeals Cloud is not intended for children under the age of 19 (the age of majority in British Columbia). We do not knowingly collect personal information from children under 19.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@safeappeals.com.
10. Cookies and Tracking
What We Use
| Type | Purpose | Duration |
|---|---|---|
| Authentication cookies | Keep you logged in | Session |
| Security cookies | Prevent CSRF attacks | Session |
What We Don't Use
- ❌ Advertising cookies
- ❌ Third-party tracking pixels
- ❌ Analytics cookies that track individual users
- ❌ Cross-site tracking
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do:
- We will update the "Last Updated" date at the top
- For material changes, we will notify you via email or through the Void editor
- We will provide a summary of key changes
Your continued use of Safe Appeals Cloud after changes to this Privacy Policy constitutes your acceptance of the updated policy.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:
- Privacy Inquiries: privacy@safeappeals.com
- General Support: support@safeappeals.com
We aim to respond to all privacy inquiries within 30 days.
Summary of Key Points
This summary is provided for convenience and does not replace the full Privacy Policy above.
| Topic | Key Point |
|---|---|
| Data collection | Account info, usage data, payment info (via Stripe) |
| Prompts/responses | We do NOT store or access content |
| Training data | Your data is NEVER used to train AI models |
| Data sales | We NEVER sell your personal information |
| Third parties | Shared only with essential service providers |
| Security | HTTPS, encryption, OAuth, PCI-DSS compliant |
| Retention | Account data until deletion; transactions 7 years |
| Your rights | Access, correction, withdrawal of consent |
| International transfers | Data may be processed in the USA |
| Children | Not for users under 19 |
| Cookies | Minimal, no advertising or tracking |
| Contact | privacy@safeappeals.com |
By using Safe Appeals Cloud, you acknowledge that you have read and understood this Privacy Policy.