Privacy Policy

We use the information we collect to:

• Provide, operate, and maintain the Changelog AI service
• Authenticate your identity and manage your account and workspace
• Process payments and manage your subscription or Founders Edition deal
• Generate AI-powered changelog entries from your input using the Anthropic Claude API
• Send transactional emails such as subscription confirmations, magic link sign-ins, and changelog notifications to your subscribers
• Improve the service based on usage patterns and feedback
• Detect, prevent, and address security issues and abuse
• Comply with legal obligations and enforce our terms of service

We share data with the following third-party services, each of which is necessary for our product to function. We do not sell your personal information to third parties.

We retain your account data and content for as long as your account is active. If you delete your account, we will remove your personal information and content from our active databases within 30 days. Some data may persist in encrypted backups for up to 90 days before being permanently deleted.

Payment records may be retained longer as required by tax and financial regulations. Anonymized usage data that cannot be linked back to you may be retained indefinitely for analytics purposes.

Depending on your location, you may have the following rights regarding your personal data:

• Access — Request a copy of the personal data we hold about you
• Rectification — Request correction of inaccurate or incomplete data
• Erasure — Request deletion of your personal data ("right to be forgotten")
• Data Portability — Request your data in a structured, machine-readable format
• Restriction — Request that we limit how we process your data
• Objection — Object to the processing of your data for certain purposes

To exercise any of these rights, please contact us at the email address listed at the bottom of this page. We will respond to your request within 30 days.

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights regarding your personal information:

• Right to Know — You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete — You may request that we delete the personal information we have collected from you, subject to certain exceptions.
• Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights.

We do not sell personal information as defined by the CCPA. To submit a CCPA request, contact us using the information in the Contact section below.

Changelog AI uses the following types of cookies:

• Essential Cookies — Required for authentication and maintaining your session. These cannot be disabled without losing access to the service.
• Preference Cookies — Store your settings such as theme preference (light/dark mode).

We do not use third-party advertising trackers or sell data to ad networks. You can manage cookie preferences through your browser settings.

Changelog AI is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us immediately.

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS/HTTPS) for all data exchanged between your browser and our servers
• Encryption at rest for database storage
• Secure authentication using JWT-based sessions and OAuth 2.0
• Payment data handled exclusively by Stripe, a PCI DSS Level 1 certified payment processor
• Regular security reviews and dependency updates

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

Your data may be processed and stored in countries outside your own, including the United States, where our servers and third-party service providers are located. By using Changelog AI, you consent to the transfer of your information to these countries. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through a notice in the application.

We encourage you to review this page periodically to stay informed about how we handle your data.

If you have any questions about this Privacy Policy, want to exercise your data rights, or have concerns about how your information is handled, please contact us at:

Email: support@changelogai.co