Privacy Policy

Typoli ("we", "us", "our") operates the Typoli service available at typoli.app. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding it.

If you are located in the European Economic Area (EEA), the UK, or Switzerland, we process your personal data in accordance with the General Data Protection Regulation (GDPR).

We collect the following categories of data when you use Typoli:

• Account information: your email address and authentication details (via Google OAuth or magic link).
• User Content: journal entries, post drafts, and any other content you create within the Service.
• Voice profile data: writing style preferences and tone settings you configure.
• Usage data: feature usage counts (e.g. number of analyses run), timestamps, and session information, used to enforce plan limits and improve the Service.
• Billing information: payment method details are handled directly by our payment processor (Stripe) and are never stored on our servers.

We use your data to:

• Provide, operate, and improve the Service.
• Process your User Content through AI systems to deliver features such as content analysis, draft generation, and writing coaching.
• Enforce usage limits for free and paid plans.
• Process payments and manage your subscription.
• Send important service and account-related notifications.
• Respond to your support requests and communicate with you about the Service.

We do not use your journal entries or personal content to train AI models, and we do not sell your personal data to third parties.

We share data with the following trusted service providers, solely to operate the Service:

• Supabase — database and authentication infrastructure. Your account data and User Content are stored in Supabase-hosted databases.
• Anthropic— AI language model provider. User Content is transmitted to Anthropic's API to power AI writing features. Anthropic's API usage policies apply; content sent via the API is not used to train their models.
• Stripe — payment processing. Stripe collects and stores your payment information subject to their own Privacy Policy.

We enter into data processing agreements with these providers as required by applicable law.

We retain your account and User Content for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer (e.g. billing records, which may be retained for up to 7 years for accounting purposes).

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Rectification: ask us to correct inaccurate data.
• Erasure:request deletion of your personal data ("right to be forgotten").
• Portability: receive your data in a structured, machine-readable format.
• Restriction: ask us to limit how we process your data in certain circumstances.
• Objection: object to processing based on legitimate interests.

To exercise any of these rights, contact us at hello@typoli.app. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

We use browser cookies and local storage to maintain your session and remember your preferences (such as language and theme). We do not use third-party advertising cookies or tracking pixels. No consent banner is shown because we only use strictly necessary session cookies.

We implement industry-standard technical and organisational measures to protect your data, including encrypted connections (HTTPS/TLS), access controls, and regular security reviews. No system is completely secure; in the unlikely event of a data breach affecting your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

The Service is not directed at children under 16 years of age. We do not knowingly collect personal data from anyone under 16. If you believe a minor has provided us with their data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-app notice at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us at hello@typoli.app.