BabbitAIGet Started Free

Legal

Privacy Policy

Effective: June 17, 2026

BabbitAI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights. By using BabbitAI, you agree to this policy.

1. Information We Collect

Account data: Your name, email address, and password hash (stored via Supabase Auth). If you sign up via OAuth (e.g. Google), we receive your name and email from that provider.

Voice profile data: Writing samples you submit to train your voice ("Voice Profiles"). These are stored in our database and processed by the Anthropic Claude API to extract stylistic patterns. We store the resulting voice profile, not the raw samples in an identifiable form beyond what you submit.

Generated content: The social media posts we generate for you ("Babbits") are stored in our database so you can review your history and regenerate.

Media uploads: Photos and video frames you upload for media-input generation are processed by Claude Vision in memory and are not permanently stored on our servers.

Payment data: We use Stripe to handle all payments. We never store your card number or CVV. Stripe provides us with a non-sensitive token and your billing email only.

LinkedIn OAuth tokens: When you connect LinkedIn, we store an encrypted OAuth access token (AES-256-GCM) so we can post on your behalf. We do not store your LinkedIn password or access any data beyond what is required to post content.

Usage data: Standard server logs including IP address, browser type, pages visited, and error events. Used to diagnose issues and improve the product.

2. How We Use Your Data

  • To provide, personalise, and improve the Service.
  • To generate social media content using your voice profile.
  • To process payments and manage your subscription.
  • To send transactional emails (receipts, account alerts) — not marketing without your consent.
  • To detect and prevent fraud, abuse, and security incidents.

We do not sell your data to third parties. We do not use your writing samples or generated content to train AI models outside of providing your personal voice profile.

3. AI Processing (Anthropic)

BabbitAI uses the Anthropic Claude API to analyse your writing samples and generate content. Your data is sent to Anthropic's servers for processing. Anthropic processes this data under their own Privacy Policy. Anthropic does not use API inputs to train their models by default. We do not enable model training on your data.

4. Data Storage and Security

Your data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure in a region appropriate for your location. OAuth tokens are encrypted at rest using AES-256-GCM. We use HTTPS for all data in transit.

No method of transmission or storage is 100% secure. We take commercially reasonable steps to protect your data, but cannot guarantee absolute security.

5. Data Retention

  • Account data: Retained while your account is active and deleted within 30 days of account deletion.
  • Voice profiles and Babbits: Retained while your account is active; deleted on account deletion.
  • Payment records: Retained for 7 years for tax and legal purposes (Stripe).
  • Server logs: Retained for 90 days.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data ("right to be forgotten").
  • Export your data in a portable format.
  • Withdraw consent for processing (where consent is the legal basis).

To exercise these rights, email us at privacy@babbitai.com. We will respond within 30 days.

7. Cookies

We use session cookies required for authentication and secure operation of the Service. We do not use third-party advertising cookies. Our analytics, if any, use privacy-first tools that do not fingerprint individual users.

8. Children's Privacy

BabbitAI is not directed to children under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

9. Third-Party Services

We rely on the following third parties to operate BabbitAI:

  • Supabase — Authentication and database
  • Anthropic — AI content generation
  • Stripe — Payment processing
  • Vercel — Hosting and deployment
  • LinkedIn — Social account OAuth (when connected)

10. Changes to This Policy

We may update this Privacy Policy. We will notify you by email at least 14 days before material changes take effect. The effective date at the top of this page always reflects the current version.

11. Contact

Questions or requests? Email privacy@babbitai.com.

12. Do Not Sell or Share My Personal Information

BabbitAI does not sell or share your personal information with third parties for monetary or other valuable consideration, and we do not engage in cross-context behavioral advertising. This applies regardless of your location, including under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

If our practices change in the future, we will update this section and provide a mechanism for you to opt out before any sale or sharing begins. Until then, there is nothing to opt out of — we simply don't sell your data.

California residents also have the right to know, delete, and correct their personal information, and the right to non-discrimination for exercising these rights. To exercise any of these rights, email privacy@babbitai.com.