Privacy Policy for BlinkPrompt.com

Effective Date: June 15th, 2025
Last Updated: June 15th, 2025
Version: 1.0 (Beta)

This Privacy Policy describes how BlinkPrompt.com (“we,” “us,” or “our”), operated by 100kSTADIUM, collects, uses, shares, and protects your personal information when you use our website and services during our beta testing period.

1. Information We Collect

1.1 Information You Provide to Us

When you create an account or use our services, we collect:

  • Account Information: Username, email address, password (encrypted)
  • Profile Information: Age, sex, location, and other optional profile details through BuddyPress
  • Payment Information: Processed securely through Stripe (we do not store credit card details)
  • User-Generated Content: All prompts, blocks, templates, and canvas content you create
  • Communication Data: Messages you send to us or other users (when features are implemented)

1.2 Information Automatically Collected

When you visit or use BlinkPrompt, we automatically collect:

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Navigation patterns, feature usage, clicks, session duration
  • Location Data: Geolocation based on IP address
  • WordPress Data: User role, login timestamps, activity logs
  • Cookie Data: Session cookies, preference cookies, and third-party cookies

1.3 Information from Third Parties

We may receive information from:

  • Social Media Platforms: When you connect via Discord, LinkedIn, or X.com
  • Analytics Services: Through our WordPress plugins and future custom analytics
  • Advertising Partners: Through pixel tracking (when implemented)

2. How We Use Your Information

We use your personal information to:

  • Provide Services: Enable prompt creation, template management, and block functionality
  • Manage Accounts: Authentication, role-based permissions, and access control
  • Improve Services: Analyze usage patterns, develop new features, optimize performance
  • Process Payments: Handle subscriptions through our SaaS model (via Stripe)
  • Communicate: Send service updates, respond to inquiries, and (with consent) marketing communications
  • Security: Detect fraud, prevent abuse, and maintain platform integrity through Wordfence
  • Legal Compliance: Meet legal obligations and enforce our terms

2.1 Automated Processes

Our platform uses several automated processes:

  • Auto-save: Drafts are automatically saved during editing
  • Draft Cleanup: Drafts older than 30 days are automatically deleted
  • Duplicate Handling: Duplicated content is automatically renamed with incremental numbering
  • Template Copying: When non-owners modify public templates, a private copy is automatically created
  • URL Parameter Processing: Templates can be loaded via URL parameters

We do not use automated decision-making that produces legal or similarly significant effects on users.

2.2 Beta Feedback and Research

During our beta period, we may:

  • Request feedback on features and user experience
  • Analyze usage patterns to improve product development
  • Contact beta users for research interviews (with consent)
  • Use anonymized usage data for case studies and marketing

3. Role-Based Data Access

Your WordPress user role determines your access to features and data limits:

  • Subscribers: Limited blocks, templates, and prompt history
  • Contributors: Increased limits (blocks, templates, history)
  • Premium: Unlimited everything

4. How We Share Your Information

We share your information in these circumstances:

4.1 Public Sharing

  • Templates you mark as “public” are visible to all users
  • Public profile information through BuddyPress
  • Future prompt sharing features between users

4.2 Content Ownership & Licensing

  • Your Content: You retain ownership of all prompts, blocks, and templates you create
  • System Content: Default blocks and templates are licensed for use within BlinkPrompt
  • Public Templates: When you make templates public, you grant other users a license to copy and modify
  • Automatic Copying: Modifying others’ public templates creates your own private copy

4.3 Service Providers

  • Stripe: Payment processing
  • Hostinger: Web hosting and server infrastructure
  • WordPress.org: Core platform updates and functionality
  • LiteSpeed: Caching and performance optimization
  • Wordfence: Security monitoring and protection

4.4 Third-Party Services

  • Google Fonts: Typography rendering
  • YouTube: Embedded video content
  • Social Media Platforms: When you choose to connect or share
  • Future LLM APIs: When AI features are implemented

4.5 Legal Requirements

We may disclose information when required by law, court order, or to protect rights and safety.

5. Data Storage and Security

5.1 Storage Location

  • Primary servers: Hostinger North America
  • Database: WordPress MySQL with custom tables (blink_prompts, blink_blocks)
  • Backups: Automated with 10-backup rotation

5.2 Security Measures

  • SSL encryption for data transmission
  • Wordfence security monitoring
  • WordPress authentication system
  • AJAX nonce protection against CSRF attacks
  • Input sanitization and validation
  • Transaction support for database integrity
  • Regular security updates and patches
  • Limited staff access on need-to-know basis

5.3 Data Breach Notification

In the event of a data breach that poses risk to your rights and freedoms:

  • We will notify affected users within 72 hours of discovery
  • Notification will include: nature of breach, data affected, measures taken, and recommendations
  • We will notify relevant supervisory authorities as required by law
  • We maintain incident response procedures and logs

5.4 Staff Access & Training

  • Access to user data is restricted to authorized personnel only
  • Staff receive privacy and security training
  • All access is logged and monitored
  • We use role-based access controls

5.5 Data Retention

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: Retained for 365 days after deletion request
  • Inactive Beta Accounts: May be archived after 90 days of inactivity
  • Drafts: Auto-deleted after 30 days
  • Backups: Retained indefinitely (subject to change)
  • Server Logs: Retained indefinitely (subject to change)
  • Beta Feedback: Retained for product development purposes

6. Cookies and Tracking Technologies

6.1 Essential Cookies

  • WordPress Session: Maintains your login state (expires on browser close)
  • WordPress Authentication: Keeps you logged in (expires after 48 hours or 14 days with “Remember Me”)
  • User Preferences: Stores theme selection and UI preferences (expires after 1 year)

6.2 Plugin Cookies

  • Complianz GDPR: Tracks consent choices (expires after 365 days)
  • LiteSpeed Cache: Optimizes page loading (expires after 2 hours)
  • BuddyPress: Manages social features (various expiration times)

6.3 Third-Party Cookies

  • Google Fonts: Performance optimization (session only)
  • YouTube: Video player preferences (expires after 8 months)
  • Social Media: When using social login or sharing (varies by platform)

6.4 Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may prevent:

  • Staying logged in
  • Saving your work
  • Accessing member-only features

6.5 Do Not Track

We currently do not respond to Do Not Track (DNT) browser signals. We will update this policy if our practices change.

7. Your Privacy Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request account and data removal (subject to retention policy)
  • Portability: Export your prompts and templates
  • Restriction: Limit how we process your data
  • Objection: Opt-out of certain data uses
  • Withdraw Consent: Change permissions at any time

7.1 Exercising Your Rights

Via WordPress Tools:

  • Go to your WordPress dashboard
  • Navigate to Tools > Export Personal Data (to download your data)
  • Navigate to Tools > Erase Personal Data (to request deletion)

Via Email:

  • Contact us at info@blinkprompt.com
  • Include your username and registered email
  • We may require identity verification for security

7.2 Identity Verification

To protect your privacy, we may request:

  • Confirmation of your registered email address
  • Recent activity details from your account
  • Other reasonable verification methods

We will respond to verified requests within 30 days.

7.3 Data Minimization

We are committed to collecting only the minimum data necessary to provide our services. We regularly review our data collection practices to ensure compliance with this principle.

8. Children’s Privacy

BlinkPrompt is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

9. International Data Transfers

If you access BlinkPrompt from outside North America, your information may be transferred to and processed in Canada. By using our service, you consent to this transfer.

9.1 Export Restrictions

This service is operated from Canada and intended for global use, except where prohibited by local law. Users are responsible for compliance with their local regulations. You may not use this website in violation of export laws and regulations of Canada.

10. Specific Jurisdictional Rights

10.1 Canadian Users (PIPEDA)

You have additional rights under the Personal Information Protection and Electronic Documents Act, including enhanced access and correction rights.

10.2 European Users (GDPR)

EU residents have additional rights including data portability, right to erasure, and the right to lodge complaints with supervisory authorities.

10.3 California Users (CCPA/CPRA)

California residents have rights to know, delete, opt-out of sale, and non-discrimination.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via:

  • Email notification to your registered address
  • Prominent notice on our website for 30 days
  • In-app notifications when you next log in

11.1 Version Control

  • Current Version: 1.0 (Beta)
  • We maintain a record of all policy versions
  • Previous versions available upon request
  • Material changes will increment the version number
  • Beta to production transition will be version 2.0

11.2 Review Schedule

We review this policy at least annually and when:

  • We launch new features or services
  • Privacy laws change
  • We modify our data practices

Continued use after changes constitutes acceptance of the updated policy.

12. Additional Information

12.1 Data Processing Details

  • Browser Information: We collect browser type and version for compatibility
  • Error Logs: Technical errors are logged for debugging (retained 30 days)
  • Performance Metrics: Page load times and feature usage for optimization
  • Referral Sources: How you found BlinkPrompt

12.2 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties.

12.3 Privacy by Design

BlinkPrompt implements privacy by design principles:

  • Data protection is built into our systems
  • We use privacy-enhancing technologies
  • We limit data collection to what’s necessary
  • We provide transparency and user control

13. Contact Us

For privacy-related questions or concerns:

Email: info@blinkprompt.com
Website: BlinkPrompt.com
Data Controller: BlinkPrompt.com (operated by 100kSTADIUM)
Location: Montréal, Quebec, Canada

We aim to respond to all privacy inquiries within 30 days. For complex requests, we may need up to 90 days and will inform you of any extension.

This Privacy Policy is governed by the laws of Quebec, Canada. For any disputes that cannot be resolved directly, Quebec courts have jurisdiction.

14. Download

You can download this Privacy Policy as a PDF [link to be added].