Last Updated: December 2024
At Thankful Thoughts, we take your privacy seriously. This policy explains how we collect, use, and protect your personal information.
Age Restriction
Thankful Thoughts is intended for users 18 years of age and older. We do not knowingly collect information from anyone under 18 years of age.
Data Collection
We collect the following information:
- Email address (for authentication)
- Name (optional, for personalization)
- Messages you create using our service
Data Usage
Your data is used exclusively to:
- Provide and improve our service
- Save and manage your thankful thought messages
- Authenticate your account
- Communicate important updates about our service
Third-Party Services
We use the following third-party services:
- Clerk - For user authentication and account management
- OpenRouter.ai - For processing message generation requests
- Messages you input are processed through OpenRouter's API
- We use Meta's Llama 3.1 and Mistral AI's Mistral-8B models
- Important privacy considerations:
- Do not ever enter in sensitive personal information or confidential information. Always assume that whatever you type in is being stored and may be used for training AI models - which means it may publicly become available.
- Your messages are processed by these AI models and may be temporarily stored for processing
- OpenRouter acts as an intermediary and routes requests to the original model providers
- Data handling varies by model provider:
- Meta (Llama): Messages may be used for model improvement
- Mistral AI: Follows GDPR compliance for EU users
- For complete details, see OpenRouter's Privacy Policy and the respective model providers' policies
Data Reselling
We do not sell your personal information or data to any third parties. Your information is used solely for providing our service.
Data Storage
Your data is stored securely in our database. We implement appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of your information.
Your Rights
Under GDPR and various privacy laws, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your data
- Restrict processing of your data
- Object to processing of your data
- Data portability
For users in the European Union, we comply with all GDPR requirements and will respond to any data-related requests within the required timeframe.
Contact Us
If you have any questions about our privacy policy or how we handle your data, please contact us.
US Privacy Rights
Depending on your state of residence, you may have additional rights:
- California (CCPA/CPRA):
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising these rights
- Virginia (VCDPA):
- Right to confirm whether personal data is being processed
- Right to correct inaccuracies
- Right to data portability
- Colorado (CPA): Similar rights to CCPA and VCDPA
Data Collection Practices
In compliance with US privacy laws, we:
- Only collect information necessary for the service to function
- Do not sell personal information to third parties
- Provide clear notice before collecting personal information
- Maintain reasonable security procedures
- Honor "Do Not Track" browser settings