Privacy Policy

Effective Date: March 2026

1. Identity of the Data Controller

The data controller is Alberto Quintillán Amorós, with registered address at 28030 Madrid, España, NIF 48623733P. For data protection inquiries, contact: [email protected].

2. Data We Collect

Account Data

  • Email address (for authentication)
  • Account creation date
  • Language preference (English or Spanish)

Usage Data

  • Prompts you submit for script generation (including prompts from failed generations, retained for service improvement)
  • Generated script outputs (JSON)
  • Feedback you provide (rating, category, corrected scripts, notes)
  • Credit transaction history (purchases, generations, rewards)

Technical Data

  • Token usage per generation (input and output tokens)
  • Generation performance metrics (duration, retry attempts, AI model used)
  • Validation error messages for failed generations

Behavioral Data

  • Timestamp of your last script generation
  • Whether you have made a purchase (boolean flag)

Project Data (optional, user-initiated)

  • If you import a FileMaker DDR, we store: table names, field names and types, relationships, layout names, script names, value list names and values, and custom function names and parameters.
  • The raw DDR XML file is processed locally on your device and never uploaded. Only the extracted metadata is stored.

Payment Data

  • Payments are processed by Stripe. We do not store credit card numbers, billing addresses, or other payment details.
  • We store only a Stripe event reference (for idempotency) and credit transaction records.

Authentication Data (managed by Supabase)

  • Our authentication provider Supabase automatically collects: IP addresses, sign-in timestamps, and audit log entries.
  • This data is managed by Supabase under their data processing agreement and is not directly accessible in our application.

3. Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Art. 6):

Contract Execution (Art. 6(1)(b))

Account management, script generation, credit system, and generation history — these are necessary to provide the service you signed up for.

Consent (Art. 6(1)(a))

Sending your prompts and schema metadata to third-party AI services (Anthropic, OpenAI) for processing. You consent to this at signup when you agree to these terms.

Legitimate Interest (Art. 6(1)(f))

Service improvement using aggregated usage data, fraud prevention (credit manipulation detection), security monitoring, and technical performance optimization.

4. How We Use Your Data

  • Authentication: verify your identity and manage your session.
  • Script Generation: send your prompts (and schema if applicable) to AI services to generate FileMaker scripts.
  • Service Improvement: analyze aggregated, anonymized usage patterns to improve generation quality.
  • Credit Management: track credit balances, purchases, and usage.
  • Feedback Rewards: review your feedback contributions and award credits when applicable.
  • Transactional Emails: send feedback reward notifications via Resend (your email and a truncated prompt excerpt of up to 80 characters).

5. Data Processing by Third Parties

ServiceCountryData SharedPurpose
Anthropic (Claude API)USAPrompts + schema metadata (if project selected)AI script generation
OpenAI (Embeddings)USAPrompt text only (no schema, no identity)Semantic search for relevant examples
Supabase (AWS)USAAll account and usage dataDatabase hosting, authentication, edge functions
StripeUSAUser ID + payment information provided at checkoutPayment processing
ResendUSAEmail address + truncated prompt (80 chars)Transactional email notifications
Google FontsUSAIP address (desktop app font downloads)Font delivery for the desktop application

Anthropic and OpenAI do not use API data for model training.

Schema metadata is extracted locally from your DDR file. The raw XML is never uploaded.

6. International Data Transfers

Your data is transferred to service providers in the United States. These transfers are protected by Standard Contractual Clauses (SCCs) as adopted by the European Commission, which ensure an adequate level of data protection. Each third-party provider listed above maintains their own data processing agreement with appropriate safeguards. You can request copies of the relevant SCCs by contacting us.

7. Cookies

Our web application uses only strictly necessary cookies for authentication (Supabase session token). We do not use tracking cookies, analytics cookies, or advertising cookies. No cookie consent is required for strictly necessary cookies under the ePrivacy Directive. Our desktop application does not use cookies.

8. Data Storage and Security

  • Data is hosted on Supabase (AWS infrastructure, USA).
  • All data is encrypted in transit (TLS 1.2+) and at rest.
  • Database access is protected by Row-Level Security (RLS) policies — users can only access their own data.
  • All sensitive operations (credit deduction, account deletion) use SECURITY DEFINER functions with input validation.

9. Data Retention

  • Account and usage data is retained for as long as your account is active.
  • When you delete your account, all your data (profile, generations, projects, credit transactions) is permanently deleted from our database without undue delay (typically immediately).
  • Supabase authentication logs (including IP addresses) are retained according to Supabase's data retention policy and may persist after account deletion.
  • Stripe payment event references (containing no personal data) are retained for financial record-keeping purposes.
  • Edge function logs may contain pseudonymized user identifiers, prompt length, and performance metrics. Logs are retained according to our Supabase plan and automatically expire.

10. Data Sharing

  • Your data is NOT shared with other users.
  • Your data is NOT sold to any third party.
  • Your data is NOT used to train AI models.

11. Your Rights

Under GDPR and Spain's LOPDGDD, you have the following rights:

  • Access: View your generation history in the app, or request a complete data export.
  • Rectification: Contact us to correct any inaccurate personal data.
  • Erasure: Delete your account and all associated data (see Section 12).
  • Portability: Export all your data in a machine-readable JSON format via the app.
  • Restriction: Request that we limit the processing of your data.
  • Objection: Object to processing based on legitimate interest.
  • Complaint: You have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

12. Account Deletion

  • You can delete your account directly from the app's Settings screen, or by emailing [email protected].
  • Account deletion permanently removes: your profile, all generation history, all projects and schema data, all credit transactions, and your authentication credentials.
  • Account deletion does NOT remove: Supabase authentication audit logs (managed by Supabase), Stripe payment event references (no personal data), or any data already processed by third-party AI providers during generation.
  • Deletion is processed without undue delay (typically immediately), in compliance with GDPR Art. 17.

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes at least 30 days in advance via email. The updated policy will indicate its new effective date.

14. Contact

For privacy questions, data access requests, or deletion requests, contact: [email protected]