Privacy Policy

Last updated: January 25, 2025

This Privacy Policy describes how SimAudience ("we", "us", or "our") collects, uses, and protects your information when you use our Service. By using the Service, you consent to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

Email address: Required to deliver your results link and password. We use this solely for Service delivery and do not share it with third parties for marketing purposes.
Message content: The text variants you submit for testing. This content is processed to generate results and is not stored permanently.
Payment information: Processed securely through Stripe. We do NOT store, access, or have visibility into your payment card details. See Stripe's Privacy Policy for how they handle payment data.

1.2 Information Collected Automatically

Server logs: Basic technical information including IP address, browser type, operating system, referring URL, and access times. This is standard web server logging used for security, debugging, and abuse prevention.
We do NOT use tracking cookies for advertising or analytics purposes. We may use essential session cookies for Service functionality.
We do NOT use third-party analytics services that track individual users across sites.

2. How We Use Your Information

We use collected information solely for the following purposes:

Service delivery: To process your test requests and generate results
Communication: To send you your results link, password, and completion notifications
Payment processing: To complete transactions via Stripe
Support: To respond to your inquiries and support requests
Security: To detect, prevent, and address fraud, abuse, security issues, and technical problems
Legal compliance: To comply with applicable laws and legal processes

SimAudience does NOT:

Sell your personal information to third parties
Use your email for marketing without consent
Use your submitted content to train our own AI models
Share your data with advertisers
Create user profiles for behavioral targeting

Note: While SimAudience does not engage in the above practices, your submitted content is transmitted to third-party AI providers who may have different data practices. See Section 5 for details.

3. Data Retention and Deletion

Email addresses: Retained while you have active results or pending tests. Deleted upon request or after 90 days of inactivity.
Message content (variants): Deleted immediately after results are generated. We do NOT retain your submitted text content.
Results: Automatically and permanently deleted 30 days after test completion. This is non-recoverable.
Payment records: Retained as required by law for tax and accounting purposes (typically 7 years for financial records).
Server logs: Automatically deleted after 30 days.

4. Data Security

We implement reasonable technical and organizational measures to protect your data:

All data transmitted between your browser and our servers is encrypted using TLS/HTTPS
Results passwords are stored using industry-standard one-way hashing (bcrypt)
Database access is restricted and monitored
We use reputable cloud infrastructure providers with SOC 2 compliance

Important: While we implement reasonable security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. You acknowledge this risk when using the Service.

5. Third-Party Services

We use the following third-party services, each with their own privacy policies:

Stripe: Payment processing. Your payment information is handled directly by Stripe and subject to Stripe's Privacy Policy. We receive only transaction confirmation, not card details.
OpenRouter: AI model routing service. Your submitted message content is transmitted to OpenRouter, which routes requests to various large language model (LLM) providers. See OpenRouter's Privacy Policy and Terms of Service.
Underlying LLM Providers: OpenRouter routes requests to various AI model providers (such as Anthropic, OpenAI, Google, and others). Each provider has their own data handling practices.
Cloud hosting provider: For infrastructure and data storage. Data is hosted in the United States.

5.1 Important Notice About Third-Party AI Data Handling

Please read carefully:

SimAudience does NOT: Sell your data, use your submitted content for AI training, or share your data with advertisers.
However, we cannot control or guarantee how third-party AI providers (OpenRouter and underlying LLM providers) handle your submitted content after transmission.
OpenRouter states they have "opted out of model training where possible" but individual LLM providers may have different policies regarding data retention, logging, and model training.
Third-party providers may: Log, retain, or use transmitted content according to their own terms of service, which may include using data for model improvement or training.
We encourage you to review OpenRouter's privacy policy and terms of service, as well as the policies of any underlying LLM providers, if third-party data handling is a concern for you.

By using SimAudience, you acknowledge and accept these third-party data handling practices.

6. Data Sharing and Disclosure

We do NOT sell, rent, or trade your personal information to third parties.

We may share information only in the following limited circumstances:

Service providers: With trusted third parties who assist in operating the Service (payment processing, hosting), under strict confidentiality agreements
Legal requirements: If required by law, court order, or governmental request, or to protect our rights, property, or safety
Business transfers: In connection with a merger, acquisition, bankruptcy, or sale of assets, with notice to affected users
With your consent: For any other purpose with your explicit prior consent

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of personal information we hold about you
Correction: Request correction of inaccurate information
Deletion: Request deletion of your personal information (subject to legal retention requirements)
Restriction: Request restriction of processing in certain circumstances
Portability: Request your data in a portable format
Objection: Object to processing based on legitimate interests
Withdraw consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at support@simaudience.com. We will respond within 30 days. We may request verification of your identity before processing requests.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected, used, shared, or sold
Right to delete personal information held by businesses
Right to opt-out of sale of personal information (we do NOT sell personal information)
Right to non-discrimination for exercising your CCPA rights

9. International Data Transfers

The Service is operated in the United States. If you access the Service from outside the US, your information will be transferred to, stored, and processed in the US, which may have different data protection laws than your country.

By using the Service, you consent to the transfer of your information to the United States. We take measures to ensure your data receives adequate protection as required by applicable law.

10. Children's Privacy

The Service is NOT intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete that information promptly. If you believe we have collected information from a child, please contact us.

11. Do Not Track Signals

We do not currently respond to "Do Not Track" browser signals because we do not engage in tracking across third-party websites. We do not use tracking cookies for advertising purposes.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

We encourage you to review this Privacy Policy periodically.

13. Contact Us

Questions, concerns, or requests regarding this Privacy Policy or your personal data?