saasbrowser.ai
Daily InsightIdeas VaultValidate IdeaPricing
Login
Login
Daily InsightIdeas VaultValidate IdeaPricing
© 2026 Drok AI LLC. All rights reserved.
TermsPrivacyContact
Back to Home

Privacy Policy

Effective Date: January 22, 2026

Last Updated: January 22, 2026

Drok AI LLC ("Drok AI", "we," "our," or "us") provides software products and services that integrate third-party AI providers (collectively, the "Services"). This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our Services. By using the Services you agree to the terms of this Privacy Policy.

1. Definitions

"You", "your", or "user" means the individual or entity accessing or using the Services. "Personal Information" means information that identifies or can reasonably identify an individual.

2. Information We Collect

We collect only the minimum personal information necessary to provide our Services. This includes:

  • Account data: name, email, organization, billing and contact details.
  • Service data: prompts, chat messages, transcripts, logs, and other inputs/outputs related to your use of the Services.
  • Payment data: billing records and transactional information processed via third-party payment processors (we do not store full card numbers).
  • Technical data: IP address, device/browser type, operating system, cookies, and usage metrics.

California Residents: CCPA Categories

In the past 12 months, we have collected the following categories of personal information:

  • Identifiers: Name, email address, account username;
  • Customer records: Name, signature, physical address, telephone number, payment card information;
  • Commercial information: Records of products or services purchased;
  • Internet activity: Browsing history on our site, interaction with Services;
  • Professional/employment: Employer name, job title (if provided).

3. How We Use Your Information

We process Personal Information to:

  • Provide, operate, and maintain the Services;
  • Facilitate your use of third-party AI services;
  • Process transactions and send related information;
  • Send technical notices, updates, security alerts;
  • Respond to customer service requests;
  • Prevent fraud and improve security;
  • Comply with legal obligations;
  • Improve the Services and develop new features.

Note on AI Providers: When you use AI features, your prompts and interactions are sent to third-party AI providers (Anthropic, OpenAI, Google) for processing. These providers have their own privacy policies and data handling practices. We recommend reviewing their policies for complete information.

4. Legal Basis for Processing (EU/EEA/UK Users)

For users in the EU, EEA, or UK, we process your personal data based on the following lawful bases under GDPR:

  • Contract performance: To provide Services, process payments, and fulfill our obligations to you;
  • Legitimate interests: To improve Services, prevent fraud, ensure security, and for direct marketing (subject to your preferences);
  • Legal obligations: To comply with applicable laws and regulations;
  • Consent: Where required by law, such as for certain marketing communications or cookies.

You have the right to withdraw consent at any time by contacting privacy@saasbrowser.ai. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

5. Sharing and Third Parties

We do not sell Personal Information. We share data with:

  • Service providers who process data on our behalf (e.g., hosting, analytics, payment processors);
  • Professional advisors (lawyers, accountants) under confidentiality obligations;
  • Authorities when required by law or to protect rights and safety.

Third-Party Processors

We use the following third-party processors to provide our Services:

  • Supabase: Database and authentication services
  • Paddle: Payment processing
  • Resend: Email delivery services
  • PostHog: Analytics and product insights
  • Cloudflare: Cloud infrastructure, CDN and security services
  • GitHub: Code repository and deployment
  • Anthropic: AI language model services
  • OpenAI: AI language model services
  • Google AI: AI and machine learning services

All processors are contractually bound to protect your data and process it only according to our instructions. We maintain a current list of sub-processors and will notify you of changes as required by law.

6. International Transfers

Your data may be transferred to and processed in jurisdictions outside your country, including the United States. For transfers from the EU/EEA/UK to countries without an adequacy decision, we use appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • Ensuring recipients are certified under approved frameworks;
  • Obtaining your explicit consent where required.

For California residents: We do not transfer personal information outside the U.S. for purposes that would require consent under CCPA.

7. Data Retention

We retain Personal Information only as long as necessary to fulfill the purposes outlined in this policy. Specific retention periods:

  • Account data: Duration of account plus 90 days after deletion request;
  • User content: 30 days after account deletion (unless legal hold applies);
  • Service logs: 12 months from creation;
  • Analytics data: 24 months from collection;
  • Payment records: 7 years for tax/accounting compliance;
  • Marketing data: Until opt-out or consent withdrawal;
  • Backup data: Up to 90 days in backup systems after deletion;
  • Legal hold data: As required by law or litigation needs;
  • Cookie data: See Cookie Policy for specific durations.

We review retention practices annually and delete data that is no longer needed. You may request early deletion subject to legal and operational requirements.

8. Your Privacy Rights

Depending on your location, you may have rights including:

For All Users:

  • Access: Request a copy of your Personal Information;
  • Correction: Request correction of inaccurate data;
  • Deletion: Request deletion of your data (subject to legal obligations);
  • Opt-out: Unsubscribe from marketing communications.

Additional Rights for EU/EEA/UK Residents (GDPR):

  • Data portability: Receive your data in a structured, machine-readable format;
  • Restriction: Request restriction of processing in certain circumstances;
  • Object: Object to processing based on legitimate interests or for direct marketing;
  • Automated decision-making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal or similarly significant effects. Our AI services involve human review for critical decisions. You may request human intervention, express your point of view, and contest automated decisions;
  • Lodge complaints: File a complaint with your local data protection authority.

Automated Processing Details: We use automated processing for:

  • Routing requests to third-party AI providers;
  • Fraud detection and security monitoring;
  • Service personalization and recommendations;
  • Usage analytics and performance optimization.

You may opt-out of automated processing for non-essential features in your account settings.

Additional Rights for California Residents (CCPA/CPRA):

  • Know: Request disclosure of categories and specific pieces of personal information collected;
  • Delete: Request deletion of personal information (with exceptions);
  • Opt-out of sale/sharing: We do not sell personal information, but you can opt-out of sharing for targeted advertising;
  • Correct: Request correction of inaccurate personal information;
  • Limit use of sensitive information: Restrict use beyond what's necessary to provide Services;
  • Non-discrimination: Not receive discriminatory treatment for exercising privacy rights.

California residents may designate an authorized agent to make requests on their behalf by providing written authorization.

How to Exercise Your Rights:

Contact us at privacy@saasbrowser.ai with your request. We will verify your identity before processing requests. We respond to requests within the timeframes required by applicable law (generally 30-45 days).

9. Security

We implement industry-standard security measures including encryption, access controls, and regular security assessments. However, no system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

9.1 Data Breach Notification

In the event of a personal data breach that is likely to result in high risk to your rights and freedoms:

  • User notification: We will notify affected users without undue delay via email;
  • Regulatory notification: We will notify relevant supervisory authorities within 72 hours where legally required;
  • Information provided: Nature of breach, categories of data affected, likely consequences, and mitigation measures taken;
  • Documentation: We maintain records of all breaches and remediation efforts;
  • Support: We provide dedicated support for affected users including identity monitoring where appropriate.

For low-risk breaches, we maintain internal documentation and may provide aggregate reporting to authorities as required.

10. Children's Privacy

Age Requirements: The Services are not directed to individuals under 13 years of age (or 16 in certain jurisdictions). Users between 13-18 may use the Services only with parental consent and supervision.

COPPA Compliance: We do not knowingly collect Personal Information from children under 13 without verifiable parental consent. If we discover unauthorized collection from a child under 13, we will:

  • Immediately delete the information;
  • Terminate the associated account;
  • Notify the parent/guardian if contact information is available.

Parental Rights: Parents/guardians may contact privacy@saasbrowser.ai to:

  • Review information collected from their child;
  • Request deletion of their child's information;
  • Prohibit further collection or use of their child's information;
  • Provide or withdraw consent.

School Accounts: For educational institutions, we rely on school consent for students under 13 under applicable laws (FERPA/COPPA). Schools may contact us for student data management.

11. Cookies and Tracking

We use cookies and similar technologies to enhance user experience and analyze usage. See our Cookie Policy for details. You can manage cookie preferences through your browser settings or our cookie consent tool.

12. Changes to This Policy

We may update this Privacy Policy and will notify you of material changes via email or Service notice. Continued use after changes constitutes acceptance of the updated policy.

13. Contact Information

For privacy-related questions or to exercise your rights:

  • Email: privacy@saasbrowser.ai
  • Data Protection Officer: dpo@saasbrowser.ai
  • Mail: Drok AI LLC, Attn: Privacy Team, 30 N Gould St Ste R, Sheridan, WY 82801

EU/EEA residents may also contact their local data protection authority. UK residents may contact the Information Commissioner's Office (ICO).

14. California Privacy Notice

This section supplements our Privacy Policy for California residents under CCPA/CPRA. For categories collected, see Section 2; for purposes, see Section 3; for retention, see Section 7; for rights, see Section 8. We share identifiers, customer records, and internet activity with service providers. We do not sell personal information. For questions, email privacy@saasbrowser.ai with "California Privacy Rights" in the subject line.