Privacy Policy

Last updated: March 22, 2026

1. Information We Collect

We collect information you provide directly: your name, email address, and product requirements documents (PRDs) you create using DefineOS. We also collect usage data such as feature interactions, session length, and error logs to improve the product.

2. How We Use Your Information

We use your information to:

  • Provide and operate the DefineOS service
  • Generate, store, and retrieve your PRD documents
  • Send transactional emails (verification, password reset, review requests)
  • Improve our AI interrogation quality using anonymized, aggregated patterns
  • Respond to your support requests

We do not use your PRD content to train AI models. Your documents are used only to serve your requests within the application.

3. Data Storage and Security

Your data is stored in encrypted databases. We use industry-standard security practices including TLS in transit, AES-256 at rest, and access controls limiting who can access production data. Each workspace is logically isolated from other workspaces.

4. Third-Party Services

DefineOS uses the following third-party services:

  • Alibaba Cloud DashScope (Qwen) — AI text generation. Your content is sent to their API to generate responses. See their privacy policy for details.
  • Resend — Transactional email delivery.
  • Stripe — Payment processing. We do not store your card details.
  • Supabase — File storage for avatar uploads.
  • Pinecone — Vector database for cross-PRD learning (anonymized data only).

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your PRDs and personal data are deleted within 30 days. Anonymized aggregate data used for product improvement is retained indefinitely.

6. Your Rights

You have the right to:

  • Access a copy of the data we hold about you
  • Correct inaccurate data
  • Request deletion of your account and associated data
  • Export your PRD documents in Markdown format

To exercise these rights, contact us at support@defineos.com.

7. Cookies

We use an HttpOnly session cookie to maintain your login state. We do not use third-party advertising or tracking cookies.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email or by a notice in the application. Continued use of DefineOS after changes constitutes acceptance of the updated policy.

9. Contact

Questions about this policy? Email us at support@defineos.com.