Privacy Notice

Last updated: May 22, 2026

Dianock AI (“we”, “us”, “our”) operates the Dianock AI service. This notice explains what personal data we collect, why, and your rights. We act as the data controller for the personal data we process about you.

1. Data we collect

• Account data: email, password hash (or OAuth provider ID), display name.
• Usage data: prompts, generated content you ask us to store, tool usage, feature events.
• Technical data: IP address, browser type, device identifiers, timestamps, error logs.
• Support data: messages you send us through support channels.
• Subscription metadata: plan, status, and renewal dates (payment details are handled by Stripe, not stored by us).

2. Why we use it

• Provide the Service (contract performance): create your account, run AI tools, store your outputs.
• Security & fraud prevention (legitimate interests / legal obligation): detect abuse, secure accounts.
• Product improvement (legitimate interests): aggregate analytics, error monitoring.
• Customer support (contract performance): respond to questions and issues.
• Compliance (legal obligation): meet tax, accounting, and legal requirements.

3. Who we share it with

• Subprocessors: cloud hosting, database, email delivery, error monitoring, and analytics providers acting on our instructions.
• Payment processor: Stripe processes payments, subscriptions, and invoicing on our behalf. Card data is sent directly to Stripe and never touches our servers.
• Professional advisers: lawyers, accountants, and auditors where necessary.
• Authorities: where required by applicable law.

We do not sell your personal data.

4. International transfers

Some of our subprocessors may process data outside your country, including in the EEA/UK and the US. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

5. Retention

We keep account data while your account is active and for a limited period afterward to handle legal, accounting, and dispute-resolution needs. We then delete or anonymise it. Backups expire on their own schedule.

6. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, port, or object to processing of your personal data, and to withdraw consent at any time. To exercise these rights, contact us through the support channel in your account. UK/EEA users may also lodge a complaint with their local supervisory authority. We aim to respond within one month.

7. Security

We use appropriate technical and organisational measures, including encryption in transit, access controls, and least-privilege administration, to protect your data. No system is perfectly secure, but we work to reduce risk.

8. Cookies

We use essential cookies to keep you signed in and the Service functional. We may use analytics cookies to understand how the Service is used; you can disable non-essential cookies in your browser settings.

9. Children

The Service is not directed at children under 16. If you believe a child has provided us personal data, contact us and we will delete it.

10. Changes

We may update this notice from time to time and will post the new effective date above.