Privacy Policy
1. General Provisions
This Privacy Policy defines how iBro (the "Service") collects, processes and protects the personal data of its users. By using the Service, you unconditionally agree to this Policy.
Personal data is processed in compliance with EU Regulation 2016/679 (GDPR) and other applicable data protection laws.
2. Data We Collect
- Account data: name, email address, username
- Technical data: IP address, browser type, device, operating system
- Usage data: AI tool request history, token usage statistics
- Payment data: processed exclusively by payment providers (Stripe, YooKassa) — we do not store card details
- Web3 data: wallet address (if you connect a wallet), transaction history
3. Purposes of Processing
- Providing and improving Service features
- Processing payments and managing subscriptions
- Sending transactional notifications (email)
- Ensuring security and preventing fraud
- Analytics and quality improvement (in aggregated form)
4. Data Storage and Security
Data is stored on Supabase servers in the region appropriate to the user's jurisdiction (EU/US). We apply TLS 1.3 encryption, bcrypt password hashing, role-based access control and regular security audits.
5. Sharing Data with Third Parties
We do not sell or share your data with third parties, except in the following cases:
- Payment providers: Stripe (US/EU) — only data necessary for payment processing
- Cloud infrastructure: Supabase, Upstash Redis, Vercel, Railway — data processors under contract
- Legal requirement: in response to a lawful request from authorized authorities
6. User Rights
You have the right to: access your data, correct inaccuracies, delete data ("right to be forgotten"), restrict processing, and receive data in a portable format. To exercise these rights, contact: privacy@ibro.io
7. Cookies
We use functional cookies (required for Service operation) and analytical cookies (Plausible Analytics — no personal identification). You can disable analytical cookies in your browser settings.
8. Policy Changes
We notify users of material changes by email 14 days before they take effect. The current version is always available at /privacy/.
9. Contact
Questions regarding personal data processing: privacy@ibro.io