Privacy Policy

1. Who we are

PrintAIr is a generative-media platform that turns one prompt into a brief, a master image, and platform-native cuts for every connected social feed — gated by a human approval queue. PrintAIr is operated by the PrintAIr team. For privacy questions reach us at [email protected].

2. What we collect

We collect only what we need to run the service for you. Specifically:

• Account data. Email and display name (via Better Auth). If you sign in with GitHub, we receive your GitHub user id and verified email.
• Profile & brand kit. Locale, theme, brand color, brand logo, voice anchors, and onboarding answers (niche, cadence preferences). You can edit or delete any of this in Settings.
• Posts & drafts. The prompts you submit, briefs generated from them, per-platform variants, and any refinements applied. Stored until you delete the post or your account.
• Generated media. Images and videos produced by Wiro AI on your behalf. Stored on the operator's S3-compatible object store (MinIO by default).
• Social-platform credentials. Tokens for the channels you connect (Bluesky app passwords, OAuth access tokens, Telegram bot tokens, Discord/Slack webhook URLs). Encrypted at rest with AES-256-GCM using a key only the server holds — see Section 7.
• API keys. If you create programmatic API keys, we store a SHA-256 hash of the secret plus a short prefix for display. We never store the full key after issuance.
• Operational metadata. Wiro task statuses, costs, error messages, social-account health-check results, and worker logs. Used for debugging and the cost dashboard.
• Telegram link data (optional). If you connect Telegram for approvals, we store your Telegram chat ID and a link token.

We do not collect: third-party tracking pixels, analytics IDs across sites, advertising identifiers, or data from accounts you haven't connected.

3. How we use it

We use the data above to:

• Generate posts you ask us to generate.
• Publish approved posts to the social platforms you connected, using their native APIs.
• Show you health, status, and cost information about your account.
• Notify you when a draft is ready for approval (in-app and via the Telegram bot if you linked one).
• Investigate bugs, defend against abuse, and improve the product.

We do not use your prompts, drafts, generated media, or any data above to train PrintAIr models or third-party models.

4. Third parties (sub-processors)

To run the service we share data with the following processors, only for the purposes described:

• Wiro AI. Receives the prompts and brief data needed to generate text and media. Does not receive your account email or social-platform credentials.
• The social platforms you connect. When you approve a post, the relevant platform receives the variant text and media via its public API. Bluesky, Mastodon, Telegram, Discord, Slack, Instagram (Meta), YouTube (Google), LinkedIn, X, TikTok.
• Object storage host. MinIO/S3-compatible storage holds your generated media. By default this is the operator's self-hosted MinIO; for printair.xn--tea.app it's an Oracle Cloud volume in Frankfurt.
• Database host. Postgres on the operator's infrastructure. For printair.xn--tea.app, Oracle Cloud Frankfurt.
• Telegram (optional). If you link the bot, the Telegram service receives your draft preview text and approval decisions.

We don't sell, rent, or share your data with anyone outside this list.

5. Data retention

Account data, posts, brand kit, and generated media are retained for as long as your account is active. When you delete your account, all related rows cascade-delete in Postgres immediately and the corresponding media in S3 is purged within 30 days.

Operational logs (worker logs, request access logs) are kept for 90 days then rotated.

Backups are encrypted and retained for 30 days; deleted data disappears from backups within that window.

6. Your rights (GDPR, KVKK, and equivalents)

Regardless of where you live, you can:

• Access your data — email us and we'll send you a JSON export.
• Rectify inaccurate data — most fields are editable in-app; for the rest, email us.
• Delete your account and all associated data — use the danger zone in Settings, or email us.
• Port your data to another service — same JSON export as above.
• Object to processing — email us; we'll either stop the specific processing or close your account.
• File a complaint with your local supervisory authority (e.g., a data protection authority in the EU/UK, the Personal Data Protection Authority in Türkiye / KVKK).

We respond to all requests within 30 days. Send them to [email protected].

7. Security

Concrete measures we take:

• All social-platform credentials and OAuth refresh tokens are encrypted at rest with AES-256-GCM. The encryption key (PRINTAIR_ENCRYPTION_KEY) is stored only on the server and never logged.
• All HTTP traffic is TLS 1.2+ via the front-line nginx vhost.
• API keys are stored as SHA-256 hashes; the full key is shown to you exactly once.
• Sessions use Better Auth with hashed credentials and rotating tokens.
• Database access is restricted to the application containers on the same Docker network — Postgres is not exposed to the public internet.
• We follow the principle of least privilege internally. Engineers access production databases only when actively investigating an incident.

If we ever suffer a security incident affecting your data, we will notify you within 72 hours and post a public incident report.

8. Cookies

PrintAIr uses one cookie: the Better Auth session cookie. It's first-party, HttpOnly, Secure, SameSite=Lax, and exists only to keep you signed in. We don't use third-party cookies, advertising cookies, or analytics cookies.

9. Data location

The operator running PrintAIr chooses where data is stored. For the hosted instance at printair.xn--tea.app, all data (Postgres, MinIO, Redis, RabbitMQ) lives in Oracle Cloud's Frankfurt (Germany) region. If you self-host or run on a private deployment, data lives wherever you deploy.

10. Changes to this policy

We'll update the “Effective” date at the top of this page when the policy changes. Material changes (e.g., a new sub-processor, a new category of data collected) will be announced to active users via email at least 14 days before they take effect.

11. Contact

Questions, requests, complaints — email [email protected]. Mark subject lines with the relevant tag (privacy, GDPR, KVKK, deletion) so we can route quickly.