Privacy Policy

1. Information We Collect

We collect information in three categories:

Account Information

When you create an account, we collect your name, email address, and profile photo. If you sign in with Google OAuth, we receive your name, email, and profile picture from Google. We do not receive or store your Google password.

Payment Information

When you purchase credit packs, payment is processed by Stripe. We do not store your credit card number, CVV, or full card details on our servers. Stripe provides us with a transaction ID, the last four digits of your card, and the payment amount for record-keeping.

Usage Information

We collect information about how you use the platform, including the services you run, credit consumption, deliverables generated, and the business entities and topics you research through our wizards. This information is used to deliver your requested services and improve the platform.

2. How We Use Your Information

We use your information to:

• Provide and deliver the services you request, including AI-generated business intelligence deliverables
• Process payments and maintain your credit balance
• Send transactional emails (order confirmations, account notifications, service updates)
• Improve the platform, fix bugs, and develop new features
• Respond to support requests
• Comply with legal obligations

We do not sell your personal information to third parties. We do not use your data to train AI models.

3. Third-Party Services

We use the following third-party services to operate the platform. Each has its own privacy policy governing its handling of your data:

• Stripe — Payment processing
• Google OAuth — Authentication (sign-in)
• Brevo — Transactional email delivery
• Cloudflare — Website hosting, CDN, web analytics, and bot protection (Turnstile)
• Vercel — Application hosting
• Frappe Cloud — Backend data storage and business logic
• Upstash Redis — Session management and rate limiting
• Sentry — Error monitoring and performance tracking
• Anthropic — AI model provider for generating deliverables

4. Cookies and Tracking

We use a limited number of cookies for the following purposes:

• Authentication session — Required to keep you logged in. This is a strictly necessary cookie and cannot be disabled.
• Cloudflare Web Analytics — Privacy-focused, cookieless analytics that does not track individual users across sites. No personal data is collected.
• Cloudflare Turnstile — Bot protection on forms. May set a cookie to verify you are a real user.
• Cookie consent preference — Stores your analytics consent choice.

We do not use advertising cookies or cross-site tracking pixels.

5. Data Retention

We retain your account information and deliverables for as long as your account is active. Payment records are retained as required by tax and accounting regulations. If you delete your account, we will remove your personal information and deliverables within 30 days, except where retention is required by law (e.g., financial records).

6. Your Rights and Choices

You have the right to:

• Access the personal information we hold about you
• Correct inaccurate information in your account profile
• Delete your account and associated data by contacting us
• Export your deliverables at any time through the platform
• Opt out of non-essential communications

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Data Security

We use industry-standard security measures to protect your information, including HTTPS encryption in transit, encrypted storage at rest, and role-based access controls. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security, but we take reasonable steps to protect your data.

8. Children’s Privacy

BlueWizarding is a business tool designed for professionals and is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Do Not Sell My Information

We do not sell, rent, or share your personal information with third parties for their marketing purposes. This applies to all users regardless of location. If you are a California resident, this serves as our notice under the California Consumer Privacy Act (CCPA) that we do not sell personal information.

10. Changes to This Policy

We may update this privacy policy from time to time. When we make material changes, we will notify you by email or by posting a notice on the platform. The “Effective date” at the top of this page indicates when the policy was last revised. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this privacy policy or our data practices, contact us at: