This Privacy Policy explains how Citipen (operated by TAK Trading Co., Ltd.) collects, uses, shares, and protects your personal data. We comply with applicable privacy laws including the EU GDPR and the California CCPA where applicable to you.

1. What we collect

Account data

Identity from Clerk: email, name, avatar, Clerk user ID.
Billing reference codes, transaction history, granted credits.
Preferences: theme, language, display currency, storage provider.

Usage data

Tool invocations: which tool, timestamp, input length (not content), credits charged, success/failure.
IP address (truncated for geolocation), country, user agent.
Cookies strictly necessary for sign-in and locale persistence.

User content

Input you provide to AI tools (prompts, uploaded images/audio/video, URLs).
Output generated by the AI.
OAuth refresh tokens for storage providers, encrypted at rest.

2. How we use it

To provide and operate the Service.
To process payments and apply credits.
To detect fraud, abuse, and AUP violations.
To improve AI prompt routing and pricing (aggregated, non-identifying).
To send transactional emails (no marketing without consent).

3. Legal bases (GDPR)

Contract: account management, processing tools, payment.
Legitimate interest: fraud prevention, security logging, product analytics.
Consent: optional marketing emails (we currently send none).
Legal obligation: tax records, lawful disclosure requests.

4. Sharing with third parties

We share the minimum data necessary with the following processors:

Clerk — authentication.
Neon (Postgres) — database hosting in AWS us-east-1.
Vercel — application hosting, request logs.
fal.ai, DeepSeek, Anthropic, Groq, Replicate, Apify — AI inference. Prompts and uploads are sent to these providers as required to fulfil your request.
Google / Dropbox — only if you connect them as your storage destination.
SePay — bank-VN payment reconciliation webhook.
TronScan — public USDT TRC-20 transaction polling (read-only).

We do not sell or rent your personal data to advertisers.

5. Data retention

Account & billing records: kept for the life of the account plus 5 years for tax compliance.
Usage logs: 12 months.
Generated assets: stored only for download convenience (default 30 days) unless you saved them to your own storage.
OAuth tokens: deleted immediately on disconnect.

6. Your rights

Depending on your jurisdiction, you may have the right to:

Access a copy of your data.
Correct or update inaccurate data.
Delete your account and data (subject to legal retention requirements).
Object to processing or request restriction.
Receive your data in a portable format.
Lodge a complaint with your local data-protection authority.

Send requests to [email protected]. We respond within 30 days.

7. International transfers

Our infrastructure is in the United States (Vercel, Neon AWS us-east-1) and AI provider data centers globally. By using the Service, you consent to transfer of your data to these jurisdictions, which we protect with standard contractual clauses or equivalent safeguards.

8. Security

We use HTTPS in transit, encryption at rest where supported by the database, hashed authentication via Clerk, and strict access controls. No system is perfectly secure; report any suspected breach to [email protected].

9. Children

Citipen is not directed to children under 13. If you believe a child has provided us personal data, please contact us and we will delete it.

10. Changes

We will notify users of material changes via email and/or in-app notice at least 7 days before they take effect.

11. Contact

Data Controller: TAK Trading Co., Ltd., Đồng Nai, Vietnam.
Privacy: [email protected]