Privacy Policy
Last Updated: December 8, 2025
Quick Links
CyWire (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including Master Prompts, Knowledge Base, and AI processing features.
Key Principle: Your data belongs to you. We process it only to provide services and never sell it to third parties.
Information We Collect
Account Information
- Email address, password (encrypted), and organization name
- Billing information (processed by Stripe; we do not store credit card numbers)
- Subscription tier, industry type, and account preferences
Content You Create
- Master Prompts, sections, variables, schemas, and metadata
- Knowledge Base documents (PDFs, Word, Excel files)
- AI-generated content and test results
- Version history and edit logs
Usage Information
- API requests, feature usage, and AI credit consumption
- Device information (browser, OS, IP address)
- Session data and authentication tokens
- Performance metrics and error logs
How We Use Your Information
We use your information to:
- Provide platform services: Create Master Prompts, process AI requests, store Knowledge Base documents
- Billing and payments: Process subscriptions, track credit usage, send invoices
- Improve our services: Analyze usage patterns (anonymized), fix bugs, develop new features
- Communication: Send service updates, security alerts, billing notifications, and (with consent) marketing emails
- Security and fraud prevention: Detect unauthorized access, prevent abuse, maintain platform integrity
What We DON'T Do
- ❌ Sell your data to third parties
- ❌ Use your Master Prompts or Knowledge Base content for our own purposes
- ❌ Share your data with advertisers
- ❌ Train AI models on your proprietary content
AI Processing & Third-Party Services
When you use AI features (Master Prompt generation, Knowledge Base RAG queries), your content is processed by third-party AI providers (OpenAI, Anthropic, Google, etc.).
Our Commitments
- We use enterprise API agreements with zero data retention policies
- AI providers do not train models on your data
- Data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- We only send data you explicitly choose to process (e.g., clicking “Generate”)
⚠️ Your Responsibility
While AI providers commit to not training on your data, any content you submit for AI processing will be transmitted to third-party services. Do not submit:
- Passwords, API keys, or authentication credentials
- Highly sensitive personal information (SSN, medical records, financial account numbers)
- Trade secrets or confidential business information you're not comfortable sharing
Review your organization's data handling policies and consult legal/compliance teams before processing sensitive content through AI features.
Data Security Measures
We implement industry-standard security practices to protect your data:
- Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Authentication: Secure password hashing (bcrypt), multi-factor authentication (MFA) available
- Access controls: Role-based permissions, audit logs, session management
- Infrastructure: Cloud hosting with Supabase (SOC 2 Type II certified), regular backups
- Monitoring: Real-time threat detection, security incident response procedures
Important: No security system is impenetrable. We implement reasonable safeguards but cannot guarantee absolute security. Report any suspected security vulnerabilities to support@cywire.com.
Your Privacy Rights
Depending on your location (GDPR, CCPA, etc.), you may have the right to:
- Access: Request a copy of your personal data we hold
- Correction: Update inaccurate or incomplete information
- Deletion: Request deletion of your account and associated data
- Export: Download your Master Prompts and Knowledge Base content
- Opt-out: Unsubscribe from marketing communications (service emails still sent)
- Restrict processing: Limit how we use your data in certain circumstances
To exercise these rights, contact us at support@cywire.com. We will respond within 30 days.
Data Retention
We retain your data as follows:
- Active accounts: Data retained as long as your account is active
- Deleted accounts: 30-day grace period before permanent deletion begins
- Private content: Permanently deleted after the 30-day grace period
- Published/Marketplace content: Ownership transfers to CyWire to maintain public availability
- Global prompts: Remain available to the community (authorship transferred to CyWire)
- Billing records: Retained for 7 years (legal/tax requirement)
- Backups: Backup copies may persist for up to 90 days before permanent deletion
- Anonymized analytics: Aggregated usage data may be retained indefinitely
Account Deletion Process
- Request deletion from your profile settings or contact support@cywire.ai
- 30-day grace period begins - you can cancel anytime during this period
- Email confirmation sent with cancellation instructions
- After 30 days: Private data is permanently deleted; public content transfers to CyWire
- Final confirmation: Email sent confirming deletion completion
Children's Privacy
CyWire is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us immediately at support@cywire.com.
Changes to This Privacy Policy
We may update this Privacy Policy periodically. Material changes will be announced via email and displayed on the platform. Your continued use after changes indicates acceptance of the updated policy.
Contact Us
For questions about this Privacy Policy or to exercise your privacy rights, contact us at:
Related Policies: