Last updated: March 28, 2026
Effective date: March 28, 2026
This Privacy Policy describes how Simplicity Design Inc. (“we”, “us”, or “our”) collects, uses, stores, and shares your information when you use TechBuddies Studio (the “Service”), accessible at https://studio.techbuddies.io.
By creating an account or using the Service, you agree to the collection and use of information as described in this policy.
1. Information We Collect
1.1 Account Information
When you register, we collect:
- Email address — used as your login identifier and for account communications
- Name — optional display name
- Password — stored as a one-way cryptographic hash (bcrypt, 12 rounds); we never store your plain-text password
1.2 Payment Information
We use Stripe to process all payments. When you purchase credits:
- Your payment card details are entered directly on Stripe’s secure servers and are never transmitted to or stored on our systems
- We receive and store only non-sensitive metadata from Stripe: a payment reference ID, the amount paid, and the transaction timestamp
- Credit balances and top-up history are maintained in our own database
1.3 Content You Create and Upload
To use the AI tools, you may provide:
- Media files — images you upload to your Media Library (stored in a private cloud storage bucket)
- Documents, testimonials, products, services, courses, and events — text and associated images you add to your library
- Web sources and RSS feeds — URLs you submit for AI research
- Tool inputs — niche, keywords, tone, target audience, and other generation parameters you enter when running a tool
- Brand kit — your brand name, voice, colours, and positioning if you choose to configure it
1.4 AI-Generated Content
Content produced by the Service on your behalf, including:
- Blog articles, insight posts, and offer pages (HTML and metadata)
- Social media posts (text and images per platform)
- AI-generated images (feature images, body images, social images)
- Structured outlines, tags, and meta descriptions
Generated content and the prompts used to produce it are stored in your account so you can retrieve, copy, and use them.
1.5 Usage and Technical Data
We automatically collect:
- Job logs — which tool you ran, when, the estimated and actual credit cost, and success or failure status
- Raw LLM logs — the full prompt and response exchanged with the AI provider, stored for debugging and quality purposes
- IP address and user-agent — captured by our authentication layer (NextAuth) for session management
- Timestamps — account creation, last login, content creation dates
We do not use analytics cookies, third-party tracking pixels, or behavioural advertising on the Service.
2. How We Use Your Information
| Purpose | Basis |
|---|---|
| Providing the Service (running AI tools, storing creations) | Performance of contract |
| Processing credit purchases and maintaining your balance | Performance of contract |
| Sending transactional emails (email verification, password reset) | Performance of contract |
| Debugging failed jobs and improving output quality | Legitimate interest |
| Preventing fraud and abuse | Legitimate interest |
| Complying with legal obligations | Legal obligation |
We do not use your content to train AI models, and we do not sell your data to third parties.
3. Third-Party Services
The Service integrates with the following third-party providers. Each has its own privacy policy and data processing terms.
| Provider | Purpose | Data shared |
|---|---|---|
| Anthropic | AI text generation (Claude models) | Your tool inputs and media context, processed to generate content |
| FAL.ai | AI image generation | Text prompts generated from your inputs |
| Stripe | Payment processing | Email address, purchase amount |
| AWS S3 (or compatible) | Cloud storage for uploaded and generated images | Image files you upload; images generated on your behalf |
| Bright Data | Web search for research steps in tool pipelines | Search queries derived from your keywords and niche |
| WordPress (optional) | Image hosting, if you connect your WordPress site | Generated images uploaded to your WordPress Media Library |
| Shopify (optional) | Product data, if you connect your Shopify store | Read access to your product catalogue |
| Meta (Facebook/Instagram) (optional) | Publishing social content, if you connect your accounts | Post text and images you choose to publish |
Content sent to Anthropic and FAL.ai is subject to their API terms. We do not share your personal account details (email, password hash, billing history) with these providers.
4. Data Storage and Security
- All data is stored on servers located in US WEST
- Passwords are hashed with bcrypt (12 rounds) and never stored in plain text
- Sessions are managed via JSON Web Tokens stored in httpOnly, Secure cookies
- Database connections use SSL/TLS encryption in transit
- Uploaded files are stored in a private cloud storage bucket with access controls
- We implement reasonable technical and organisational measures to protect your data; however, no system is 100% secure
5. Data Retention
| Data type | Retention |
|---|---|
| Account and profile data | Retained until you delete your account |
| Creations and generated images | Retained until you delete them or your account |
| Media library uploads | Retained until you delete them or your account |
| Job logs and LLM logs | Retained for 24 months after job completion |
| Credit ledger records | Retained for 3 years for financial compliance |
| Stripe payment metadata | Retained per Stripe’s retention policy |
When you delete your account, your personal data and content are permanently removed from our systems within 30 days, except where we are required to retain records for legal or financial compliance purposes.
6. Your Rights
Depending on your location, you may have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — request that inaccurate data be corrected
- Erasure — request deletion of your account and associated data
- Portability — request your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interest
- Restriction — request that we limit processing of your data
To exercise any of these rights, contact us at simplicitydesignstore@gmail.com. We will respond within 30 days.
7. Children’s Privacy
The Service is intended for users aged 18 and over. We do not knowingly collect personal information from children under 13 (or the applicable age of digital consent in your jurisdiction). If we become aware that a child has provided us with personal data, we will delete it promptly.
8. Cookies and Session Management
We use a minimal set of cookies:
- Session cookie — a signed httpOnly cookie containing your JWT session token, required for authentication. This cookie is not accessible to JavaScript and does not track you across third-party sites.
We do not set analytics cookies, advertising cookies, or third-party tracking cookies.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. For significant changes, we will notify you by email or by a notice within the Service. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
10. Contact
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
Simplicity Design Inc
8391 Aspin Place, Richmond, BC, V6Y 3C2
Canada
Email: simplicitydesignstore@gmail.com