Privacy Policy

1. Introduction

Cosra ("we", "us", or "our") operates CopyForge. This Privacy Policy explains how we collect, use, and protect your personal information when you use our Service.

2. Information We Collect

Account Information: Email address, name, and password hash when you register.

Usage Data: Content generation history, feature usage, and interaction analytics.

Payment Information: Processed by Paddle; we do not store your full payment card details.

Technical Data: IP address, browser type, device information, and access logs.

3. How We Use Your Information

• Provide, maintain, and improve the Service
• Process transactions and manage subscriptions
• Send transactional emails (welcome, usage alerts, password resets)
• Analyze usage patterns to improve our product
• Prevent fraud and enforce our Terms of Service

4. AI Content Processing

Content you create or input is sent to third-party AI providers for processing. We do not use your content to train AI models. Generated content is stored in your account and may be cached temporarily to improve performance.

5. Data Sharing

We do not sell your personal data. We may share information with:

• Payment Processors: Paddle, for billing and subscription management
• AI Providers: To process content generation requests
• Infrastructure Providers: Cloudflare, for hosting and CDN services
• Legal Requirements: When required by law or to protect our rights

6. Data Storage & Security

Your data is stored on Cloudflare’s infrastructure. We use encryption in transit (TLS) and implement access controls to protect your data. While we take reasonable measures to secure your information, no system is 100% secure.

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, financial records).

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to or restrict certain processing
• Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@cosra.qzz.io.

9. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. Analytics data is collected server-side without tracking cookies.

10. Children’s Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children.

11. International Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice. The "Last updated" date at the top reflects the most recent revision.

13. Contact

For privacy-related inquiries, contact us at privacy@cosra.qzz.io.