Privacy Policy

The short version

We collect the minimum we need to run the Service: your email if you sign up, your billing details if you pay, and the meta tag generations you make so they appear in your history. We don't sell data. We don't run ads. We use third-party services (listed below) that have their own privacy policies.

What we collect

Account information. When you sign up, we store your email address. We use magic-link authentication, so we don't store passwords.

Billing information. If you subscribe, Stripe collects your payment details. We store a Stripe customer ID and subscription ID, plus your current plan, but not your card number.

Generation data. When you generate meta tags, we store the inputs (URL, topic, keywords, tone) and the outputs in our database so they appear in your history. Anonymous generations are not stored.

Usage counters. We track how many generations you've made each day to enforce free-tier limits.

Server logs. Our hosting provider records standard request metadata (IP address, user agent, timestamp) for security and debugging. These logs are kept for a limited period.

How we use your data

We use the data above to run and improve the Service: authenticate you, process payments, enforce plan limits, show you your history, and debug issues. We may use anonymized, aggregated patterns to make the product better. We don't sell your data and we don't share it with advertisers.

Third-party services we use

MetaForge is built on top of services that handle parts of the data flow:

• Supabase — authentication and database hosting.
• Stripe — payment processing and subscription management.
• Anthropic — the AI model that generates meta tags. Your generation prompts are sent to Anthropic to produce outputs. Anthropic has its own data handling policies, which include not training on API inputs by default.
• Vercel — hosting and serving the website.

Each provider has its own privacy policy that governs the data they receive.

Cookies

We use a single authentication cookie set by Supabase to keep you logged in. We don't use tracking cookies, third-party advertising cookies, or social media trackers. We may add a privacy-friendly analytics tool (such as Plausible, which doesn't use cookies) in the future.

Local storage

We use your browser's local storage to track how many anonymous generations you've made today, so we can enforce the free-trial limit. This data stays on your device.

Your rights

You can request to view, export, or delete your data at any time by emailing us. Deleting your account permanently removes your profile, generation history, and Stripe customer record (subject to legal retention requirements for billing records).

If you're in the EU, UK, or California, you have additional rights under GDPR or CCPA — the request process is the same.

Data retention

We keep account data while your account is active. If you cancel and don't return for 12 months, we may delete your data. Billing records are kept longer to comply with tax and accounting laws.

Security

We use HTTPS everywhere, magic-link authentication (no passwords to leak), and trust Supabase and Stripe with the sensitive bits. No system is perfectly secure, but we work hard to keep your data safe.

Children

MetaForge is not for children under 13. If we learn we've collected data from a child under 13, we'll delete it.

Changes to this policy

If we make material changes, we'll update the "last updated" date at the top and notify you by email if you have an account.

Contact

Questions about your data? Email us at hello@metaforge.app.