Privacy Policy

Last updated: November 5, 2025

Introduction

Welcome to Jotlin ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Information We Collect

Account Information

When you create an account using OAuth authentication, we collect:

  • Email address
  • Profile picture and display name
  • OAuth provider ID (Google or GitHub)

Usage Data

We collect information about how you use our service:

  • Chat history and conversations
  • Generated requirements documents and specifications
  • User interactions with the platform
  • Feature usage and preferences

Automatically Collected Information

When you access our service, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Usage analytics and performance metrics

How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve our service
  • Personalize your experience
  • Generate AI-powered requirements analysis and suggestions
  • Process your requests and respond to inquiries
  • Send service-related notifications and updates
  • Analyze usage patterns and optimize performance
  • Ensure security and prevent fraud or abuse
  • Comply with legal obligations

Data Storage and Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS/SSL
  • Data at rest is encrypted using industry-standard encryption
  • We use secure cloud infrastructure with regular security audits
  • Access to personal data is restricted to authorized personnel only
  • We retain data only as long as necessary for the purposes outlined

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Third-Party Services

We use the following third-party services that may collect information:

  • Google OAuth - For authentication and account creation
  • GitHub OAuth - For authentication (if applicable)
  • OpenAI API - For AI-powered analysis (data is not used for model training)
  • Cloud Infrastructure Providers - For hosting and data storage

Google API Services User Data Policy

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We only use Google user data to:

  • Authenticate users and create accounts
  • Display user profile information within our service

We do NOT:

  • Transfer Google user data to third parties for advertising purposes
  • Use or transfer Google user data to determine creditworthiness or lending
  • Sell Google user data to any third parties
  • Use Google user data for purposes unrelated to our core functionality

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • With your consent - When you explicitly authorize us to share information
  • Service providers - With trusted third-party service providers who assist in operating our service
  • Legal requirements - When required by law or to protect our rights
  • Business transfers - In connection with a merger, acquisition, or sale of assets

Your Rights and Choices

You have the following rights regarding your personal data:

  • Access - Request a copy of your personal data
  • Correction - Request correction of inaccurate data
  • Deletion - Request deletion of your account and data
  • Export - Request an export of your data in a portable format
  • Opt-out - Opt-out of certain data collection practices

To exercise any of these rights, please contact us at mlhiter955@gmail.com.

Data Retention and Deletion

We retain your personal data only as long as necessary to provide our services and fulfill the purposes outlined in this policy. You can request account deletion at any time by contacting us. Upon receiving a deletion request, we will:

  • Delete your account and associated personal data within 30 days
  • Retain certain data if required by law or for legitimate business purposes
  • Anonymize data used for analytics so it can no longer identify you

Children's Privacy

Our service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately, and we will take steps to delete it.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our service, you consent to such transfers. We ensure appropriate safeguards are in place to protect your data.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. You can control cookie preferences through your browser settings. Note that disabling cookies may affect the functionality of our service.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify users of significant changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending email notifications for material changes (if applicable)

Your continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy: