Privacy Policy

Last Updated: September 20, 2025

PigmaLab ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and related services (collectively, the "Service").

1. Information We Collect

We collect information that you provide directly to us, information we collect automatically, and information from third parties.

1.1. Information You Provide to Us:

• Account Information: When you register for an account, we collect your full name, email address, password, and institution.
• User Content: We collect and store all the data you create within the application, including project details, tasks, requirements, resources, documents you upload, and discussion messages.
• AI Provider Information: If you use our AI features, we store your API key for the selected third-party provider (e.g., OpenAI, Google) in our database. We treat this information as highly sensitive.
• Communications: If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message, and any other information you may choose to provide.

1.2. Information We Collect Automatically:

• Log and Usage Data: We may log information when you access and use the Service. This may include your IP address, browser type, operating system, and pages visited. This data is used for security and analytics purposes.
• Cookies: We use cookies (small text files stored on your device) to operate and provide the Service, primarily for managing your login session.

2. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide, operate, and maintain our Service;
• Process your transactions and manage your account;
• Improve, personalize, and expand our Service;
• Communicate with you, including for customer service and to send you updates and administrative messages;
• Send verification emails, password reset instructions, and notifications related to your activities within the Service (which you can manage in your settings);
• Monitor and analyze usage and trends to improve your experience;
• Find and prevent fraud and abuse.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

• With Third-Party AI Providers: This is a crucial aspect of our Service. When you use an AI-powered feature (like the AI Chat or Project Builder), the relevant User Content (e.g., your prompt, task context, conversation history) is sent to the third-party AI service whose API key you have provided. This sharing is essential for the feature to function. Your interaction with these services is governed by their respective privacy policies. We are not responsible for the data practices of these third-party providers.
• With Service Providers: We may share information with third-party vendors and service providers that perform services on our behalf, such as web hosting.
• For Legal Reasons: We may disclose your information if we believe it's required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to protect our rights, property, or the safety of our users or the public.

4. Data Security

We take the security of your data very seriously and implement reasonable security measures to protect it from unauthorized access, alteration, disclosure, or destruction. However, no internet-based service is 100% secure, and we cannot guarantee the absolute security of your information.

Your AI provider API keys are stored in our database. We recommend using keys with strict usage limits and monitoring their usage on your provider's dashboard.

5. Data Retention

We retain your User Content as long as your account is active. If you delete your account, we will take steps to delete your personal information and User Content from our active systems within a reasonable period. Please note that some information may remain in our backup archives for a period of time for legal or operational reasons.

6. Your Data Rights and Choices

You have certain rights regarding your personal information. You can access and update your account information through your profile settings. You can also manage your notification preferences. You have the right to delete your account at any time, which will remove your associated data as described in the Data Retention section.

7. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at contact@pigmalab.com.