paperAI

Privacy Policy

Effective date: 19 May 2026

This Privacy Policy explains how paperAI (“we”) collects, uses, and shares your personal information when you use our service. paperAI is operated by Vishu Gupta (Sole Proprietor), B-108, Sai Baba Apartment, Sector 9, Rohini, Delhi 110085, India.

1. Information we collect

  • Account information: email address (via Clerk authentication) and, if you provide it, phone number.
  • Profile information: role, seniority, domains, interests, goals, exclusions, mother tongue, LinkedIn URL, and GitHub URL — all collected during onboarding and editable from your profile.
  • Usage information: briefings generated, feedback ratings, send cadence, timezone, and basic delivery telemetry.
  • Payment information: billing details are collected and processed by our payment partner PayU. We store only subscription metadata (plan, status, renewal date), not card or bank details.

2. How we use your information

  • To generate personalized briefings tailored to your profile.
  • To deliver briefings via email at your chosen cadence.
  • To operate your subscription and process payments.
  • To provide support and respond to your queries.
  • To improve the Service, including prompt and model tuning.
  • To comply with applicable law.

3. Third-party service providers

We share the minimum information needed with the following sub-processors:

  • Clerk — authentication and account management.
  • Anthropic — large language model that generates your briefings. Profile and article context is sent at generation time.
  • OpenAI — embedding model used to match articles to your interests.
  • Resend — transactional email delivery.
  • PayU — payment processing for paid subscriptions.
  • Vercel and Render — hosting infrastructure.
  • Neon — managed PostgreSQL database.

Each provider operates under its own privacy policy and is bound by contractual data-protection obligations.

4. Data retention

We retain your account and briefing history for as long as your account is active. If you delete your account, we delete your personal information within 30 days, except where retention is required to comply with legal obligations (e.g. tax records).

5. Your rights

Subject to applicable law (including India’s Digital Personal Data Protection Act, 2023), you may:

  • Access the personal information we hold about you.
  • Correct inaccurate information (editable in your profile).
  • Request deletion of your account and associated data.
  • Unsubscribe from briefings via the link in every email.
  • Withdraw consent for processing where consent is the legal basis.

To exercise these rights, email vishu.gupta.dtu@gmail.com.

6. Security

We use industry-standard measures including TLS for all traffic, encrypted database storage, and access controls on internal systems. No system is perfectly secure; we will notify affected users without undue delay if a breach affects their data.

7. International data transfers

Our infrastructure and sub-processors may store and process data outside India (including the United States and the European Union). We rely on standard contractual clauses and the providers’ own safeguards for cross-border transfers.

8. Children

The Service is not directed to anyone under 18. We do not knowingly collect personal information from children.

9. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email or via a prominent notice on the Service.

10. Contact

For privacy questions or requests, email vishu.gupta.dtu@gmail.com or call +91 8920673899.