Privacy Policy

Last Updated: March 8, 2026

1. Introduction

This Privacy Policy describes how Phrasly LLC ("Phrasly," "we," "us," or "our"), a Delaware limited liability company, collects, uses, and protects your information when you use the Phrasly Business API and related services at business.phrasly.ai (the "Service").

By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, do not use the Service.

2. Information We Collect

2.1 Account Information

When you subscribe to the Service, we collect:

  • Name
  • Email address
  • Company name (if provided)
  • Payment information (processed by our payment provider, Paddle; we do not store full card numbers)

2.2 API Usage Data

When you use the API, we collect:

  • API request metadata (timestamps, endpoints called, word counts, response status codes)
  • IP addresses used to make API requests
  • API key identifiers

2.3 Content Data

We process the text you submit through the API ("Input Content") and generate results ("Output Content") solely to provide the Service. We do not store Input or Output Content after processing is complete, except temporarily for billing verification or debugging (retained no more than 30 days).

2.4 Website Data

When you visit business.phrasly.ai or use the dashboard, we may collect:

  • Browser type and version
  • IP address
  • Pages visited and time spent
  • Referring URL
  • Device and operating system information

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process payments and manage your subscription
  • Send transactional emails (account credentials, billing receipts, usage alerts)
  • Monitor and enforce rate limits and usage quotas
  • Detect and prevent fraud, abuse, and security incidents
  • Respond to support requests and inquiries
  • Improve the Service and develop new features
  • Comply with legal obligations

We do not use your Input or Output Content to train machine learning models.

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

  • Payment processors: Paddle processes your payment information on our behalf. Their use of your data is governed by their own privacy policy.
  • Infrastructure providers: We use cloud hosting services (Google Cloud) to run the Service. These providers process data on our behalf under data processing agreements.
  • Email services: We use transactional email providers to send account-related communications.
  • Law enforcement: We may disclose information if required by law, subpoena, court order, or government request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Retention

We retain your information as follows:

  • Account information: Retained for as long as your account is active and for up to 12 months after account closure for legal and billing purposes.
  • API usage logs: Retained for up to 90 days for operational monitoring, then aggregated and anonymized.
  • Content data: Not retained after processing. Temporary copies for billing or debugging are deleted within 30 days.
  • Payment records: Retained as required by applicable tax and financial regulations.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption in transit (TLS/HTTPS) for all API and web traffic
  • Encryption at rest for stored data
  • Hashed API keys (we do not store your API key in plain text after initial generation)
  • Access controls limiting employee access to customer data
  • Regular security reviews

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Cookies

We use essential cookies to maintain your dashboard session and authentication state. We do not use third-party advertising or tracking cookies on business.phrasly.ai.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate personal information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Data portability: Request your data in a machine-readable format.
  • Objection: Object to processing of your personal information in certain circumstances.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. International Data Transfers

The Service is operated from the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. By using the Service, you consent to this transfer. We take steps to ensure your data is treated securely and in accordance with this Privacy Policy.

10. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how it is used
  • Right to request deletion of your personal information
  • Right to opt out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

11. European Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the legal bases for processing your information include:

  • Contract performance: Processing necessary to provide the Service under our agreement with you.
  • Legitimate interests: Processing for fraud prevention, security, and Service improvement.
  • Legal compliance: Processing required to comply with applicable laws.

You may lodge a complaint with your local data protection authority if you believe your rights have been violated.

12. Children

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the dashboard at least 30 days before the changes take effect. The "Last Updated" date at the top of this page reflects the most recent revision.

14. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at [email protected].

Phrasly LLC
8 The Green Suite #16002
Dover, DE 19901
United States

Privacy Policy | Phrasly