Data Security & Privacy

Privacy Policy

Last updated: June 7, 2026

1. Information We Collect

• Authentication data: When you sign in via Google or X, we store your OAuth provider ID, display name, and avatar URL. We do not collect your email address, phone number, or any other personal information.
• Usage data: We track tool usage counts (stored locally in your browser) to manage free daily limits. This data is not transmitted to our servers.
• User-generated content: Comments and community posts are stored in our database. You can delete your content at any time.

2. How We Use AI APIs

Our AI tools are powered by China-based AI providers (such as Alibaba's Qwen/通义千问). Before any user input is sent to these APIs:

• All personally identifiable information (PII) is detected and replaced with redaction markers
• Email addresses, phone numbers, SSNs, credit card numbers, IP addresses, and URLs with credentials are automatically sanitized
• Neither your prompts nor the AI responses are stored in our database

3. Data Retention

4. Security Measures

• Full HTTPS encryption on all pages
• All user-generated content is HTML-sanitized server-side
• API keys are stored only in server-side environment variables
• Paid tool usage is verified via HMAC-signed tokens
• Community content is automatically moderated; 3 reports trigger auto-hide
• New accounts have a 24-hour posting cooldown to prevent spam

5. Third-Party Services

• Authentication: Google OAuth, X (Twitter) OAuth
• AI APIs: Alibaba Cloud (Qwen) — data is desensitized before transmission
• Hosting: Cloud-based infrastructure (US region)
• Database: Supabase (US region)

6. Your Rights

• Delete all your content (comments, posts) at any time
• Request account deletion by contacting us
• No personal data is sold or shared with third parties

7. Contact

For privacy inquiries, contact us at privacy@aiscopehub.com