Privacy Policy

Effective 2026-06-02 · 1ShotGen ("we", "us"), operated by [legal entity — fill in].

This is a good-faith starting template tailored to how 1ShotGen works. Have a qualified attorney review it for your jurisdiction (GDPR, CCPA, etc.) before relying on it.

1. What we collect

Account data: your email address and a securely hashed password (we never store your password in readable form).
Content you submit: the ideas/prompts you enter and the generated prompts we return, stored as your history.
Usage data: generation counts, timestamps, model used, and approximate cost, to enforce plan limits and operate the service.
Technical data: IP address (used transiently for rate-limiting and abuse prevention) and a session cookie that keeps you logged in.
Billing data: if you subscribe, your payment is processed by Stripe; we store only your plan status and Stripe identifiers — we never see or store your card number.

2. How we use it

To provide and operate the service (authenticate you, generate prompts, save your history), enforce free/paid plan limits, process subscriptions, send transactional email (verification, password reset, account notices), prevent abuse, and improve reliability.

3. Service providers we share with

Anthropic — the ideas you submit are sent to Anthropic's Claude to generate your prompt. Do not submit secrets or personal data you don't want processed by an AI provider.
Stripe — subscription billing and payment processing.
Resend — delivery of transactional email.
Cloudflare / DigitalOcean — DNS/CDN and hosting infrastructure.

We do not sell your personal data.

4. Retention

We keep your account and history until you delete your account or request deletion. Transient logs and IP-based rate-limit data are short-lived. Backups are retained for a limited rolling window.

5. Your choices & rights

You can request access to, correction of, or deletion of your data, and deletion of your account, by emailing support@1shotgen.com. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA.

6. Security

Passwords are hashed with a per-user salt, sessions use signed HTTP-only cookies, traffic is served over HTTPS, and payment/webhook data is verified. No system is perfectly secure, but we take reasonable measures to protect your data.

7. Children

1ShotGen is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their data.

8. Changes

We may update this policy; material changes will be reflected by the effective date above and, where appropriate, by notice.

9. Contact

support@1shotgen.com