BA Assistant

We use the information we collect to:

• Provide the Service: Generate documentation, manage your account, process subscriptions
• Improve the Service: Analyze usage patterns, identify bugs, enhance features
• Communicate with you: Send important updates, respond to support requests, notify about changes
• Ensure security: Detect fraud, prevent abuse, enforce our Terms & Conditions
• Comply with legal obligations: Respond to legal requests, protect our rights
• Marketing (with consent): Send newsletters, product updates, promotional offers

We do not sell your personal information. We may share your data with:

• Service Providers: OpenAI (for AI generation), Stripe (for payments), Supabase (for data storage), Vercel (for hosting)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In case of merger, acquisition, or asset sale
• With Your Consent: When you explicitly authorize us to share your data

We never share your generated documentation content with third parties except as necessary to provide the Service (e.g., OpenAI for generation).

We implement industry-standard security measures to protect your data:

• Encryption: All data transmitted over HTTPS/TLS
• Database Security: Hosted on Supabase with row-level security policies
• Authentication: Google OAuth 2.0 with secure session management
• Access Control: Restricted access to personal data by authorized personnel only
• Regular Backups: Automated backups to prevent data loss

Data Location: Your data is stored on servers in the United States (Supabase/AWS).

Retention: We retain your data as long as your account is active. After account deletion, data is retained for 90 days for recovery purposes, then permanently deleted.

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information (via Settings page)
• Deletion: Request deletion of your account and data
• Export: Download your generated documentation
• Opt-out: Unsubscribe from marketing emails (link in every email)
• Object: Object to processing of your data for certain purposes
• Withdraw Consent: Withdraw consent for data processing (may affect Service access)

To exercise these rights, contact us at privacy@ba-assistant.com

We use cookies and similar technologies to:

• Essential Cookies: Required for authentication and session management
• Analytics Cookies: Track usage patterns to improve the Service (optional)
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

Our Service integrates with third-party providers. Please review their privacy policies:

• Google (OAuth): Google Privacy Policy
• OpenAI (AI Generation): OpenAI Privacy Policy
• Stripe (Payments): Stripe Privacy Policy
• Supabase (Database): Supabase Privacy Policy

If you access BA Assistant from outside the United States, your data may be transferred to and processed in the US. By using the Service, you consent to such transfers.

GDPR Compliance (EU Users): We comply with EU data protection laws. You have additional rights under GDPR, including data portability and the right to lodge a complaint with a supervisory authority.

We may update this Privacy Policy from time to time. Significant changes will be notified via email or in-app notification at least 30 days in advance.

The "Last updated" date at the top indicates when changes were last made. Continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us: