Privacy Policy
Effective date: April 6, 2026
Last updated: April 9, 2026
Superidea LLC ("Superidea", "we", "us", or "our") operates the Superidea platform accessible at app.superidea.ai and the Superidea desktop application (collectively, the "Service"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.
By using the Service, you agree to the collection and use of information as described in this policy.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
Email address
Name (if provided)
Password (stored as a bcrypt hash — we never store plaintext passwords)
Sign-in method (email/password or Apple Sign In)
1.2 Onboarding Information
During onboarding we collect optional profile data to personalize your experience:
Your role (e.g. content creator, marketer)
Primary goals and platforms you use
Social media handles (e.g. @username on Twitter/Instagram)
Team size and referral source
This data is stored in your user profile and used solely to improve AI response quality within the Service.
1.3 Content You Add to Boards
When you add content to a board, we process and store:
URLs you submit (social posts, videos, webpages)
Extracted text, metadata, and transcripts from those URLs
Documents and files you upload (PDFs, audio, video)
Text notes and rich-text content you write directly
This content is stored in your account and used to provide AI chat and analysis features.
1.4 AI Usage Data
When you send messages in AI chat, we send your message and any selected board content to third-party AI providers (listed in Section 4) to generate a response. We do not train AI models on your content.
1.5 Payment Information
Credit purchases are processed by Stripe. We do not store your full card number or banking details. We store:
Transaction ID and payment provider reference
Package purchased, amount paid, and credits credited
Invoice details (name, email, address) for GST/tax compliance
1.6 Usage and Analytics Data
We collect product usage events (e.g. boards created, content added, models used) via PostHog to understand how the Service is used and improve it. This includes:
Feature interactions and click events
Session recordings (if enabled)
Browser type, operating system, and approximate location (country/city level)
We do not sell analytics data to third parties.
1.7 Technical Data
We automatically collect:
IP address
Device and browser information
Timestamps of actions
Error logs
2. How We Use Your Information
Purpose | Legal Basis (GDPR) |
|---|---|
Provide and operate the Service | Performance of contract |
Authenticate your account | Performance of contract |
Process payments and issue invoices | Performance of contract / Legal obligation |
Personalise AI responses using your persona and board content | Performance of contract |
Improve the Service via analytics | Legitimate interests |
Communicate service updates and security notices | Legitimate interests / Legal obligation |
Comply with laws and prevent abuse | Legal obligation / Legitimate interests |
We do not use your content to train AI models. We do not sell your personal data.
3. Data Storage and Security
Your data is stored on cloud infrastructure hosted in the United States and European Union.
We implement industry-standard security measures including:
Encryption at rest and in transit (TLS 1.2+)
Row-level security (RLS) policies enforced at the database level
Authentication tokens with short expiry and refresh rotation
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
4. Third-Party Service Providers
We share data with the following categories of providers solely to operate the Service:
Category | Purpose | Data Shared |
|---|---|---|
Cloud infrastructure & database | Hosting, storage, and authentication | Account and content data |
AI model providers | Generating responses to your chat messages | Chat messages and selected board content |
Payment processors | Processing credit purchases | Payment and billing details |
Content extraction services | Fetching and transcribing content from URLs you submit | URLs and resulting media |
Product analytics | Understanding how the Service is used | Usage events and session data |
All providers are contractually required to handle data in accordance with applicable law and may not use your data for their own purposes.
5. Cookies and Local Storage
We use:
Session cookies set by Supabase Auth for authentication
IndexedDB (browser local storage) to cache chat messages locally for faster loading
PostHog cookies for analytics session tracking
We do not use advertising cookies or sell cookie data.
6. Data Retention
Data Type | Retention |
|---|---|
Account data | Until account deletion + 30 days |
Board content (nodes, chats) | Until deleted by user or account deletion |
Payment records and invoices | 7 years (legal/tax obligation) |
Analytics events | 12 months |
Server logs | 30 days |
You can request deletion of your account and all associated data at any time (see Section 8).
7. International Data Transfers
Superidea LLC is incorporated in Delaware, USA. If you access the Service from the European Economic Area (EEA) or United Kingdom, your data may be transferred to and processed in the United States. Where required, we rely on Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms.
8. Your Rights
Depending on your location, you may have the following rights:
Access — request a copy of personal data we hold about you
Correction — request correction of inaccurate data
Deletion — request deletion of your account and personal data
Portability — receive your data in a machine-readable format
Restriction — request we restrict processing of your data
Objection — object to processing based on legitimate interests
Withdraw consent — where processing is based on consent
To exercise any right, email legal@superidea.ai. We will respond within 30 days.
If you are in the EEA and believe your rights have not been respected, you may lodge a complaint with your local data protection authority.
9. Children's Privacy
The Service is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it promptly.
10. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes by email or via an in-app notice. The "Last updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes acceptance.
11. Contact
Superidea LLC
Delaware, USA
Email: legal@superidea.ai
Support: support@superidea.ai
Terms of Service: superidea.ai/terms
Website: superidea.ai