Privacy Policy

Last updated: May 31, 2026

What We Collect

When you use PromptPCB, we collect:

• Account information: Email address, name (optional), and hashed password. If you sign in with Google, we receive your email and name from Google.
• Design files: KiCad netlists, BOMs, and schematics you upload for review. These are stored securely and associated with your account.
• Payment information: Processed by Stripe. We never see or store your card number. We store transaction amounts and status.
• Usage analytics: Page views, session duration, device type, browser, referral source, and approximate location (derived from IP address). We use this to improve the product.

How We Use Your Data

• To provide PCB design reviews using AI models (OpenRouter/Anthropic/Google/OpenAI)
• To process payments via Stripe
• To send transactional emails (review complete, password reset, verification)
• To improve the product based on usage patterns
• To display anonymized review examples in our public showcase (your design name may be visible; we never share your netlist files publicly)

Third-Party Services

• Stripe: Payment processing. Subject to Stripe's Privacy Policy.
• Google: OAuth sign-in. Subject to Google's Privacy Policy.
• OpenRouter / AI Providers: Your design data is sent to AI models for review. We use models from Anthropic, Google, and OpenAI via OpenRouter. Design data may be processed by these providers per their terms.

Cookies

We use:

• Session cookie (sid): Essential — keeps you logged in. HttpOnly, Lax SameSite, 30-day expiry.
• Analytics (localStorage): Session ID and visit count for usage analytics. Not shared with third parties. You can decline via our cookie banner.

Data Retention

• Account data: Retained until you delete your account
• Review results: Retained indefinitely (you can request deletion)
• Analytics data: Retained for 1 year, then aggregated
• Payment records: Retained for 7 years (legal requirement)

Your Rights

You can:

• Request export of your data
• Request deletion of your account and associated data
• Decline analytics tracking via our cookie banner
• Opt out of marketing emails (we don't send any currently)

Contact: support@promptpcb.ai

Security

Passwords are hashed with bcrypt. Sessions use cryptographically random tokens. All traffic is encrypted via HTTPS. Payment data is handled exclusively by Stripe (PCI-compliant).

Changes

We may update this policy. Significant changes will be communicated via email to registered users.