Privacy Policy

Cuedock is owned by BENGY CAPITAL LLC and operated by MRCARE TECHNOLOGIES LLC (“Cuedock,” “we,” “our,” or “us”). MRCARE TECHNOLOGIES LLC is the data controller that determines the purposes and means of processing your personal information in connection with the Cuedock platform at cuedock.app (the “Service”).

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

A. Information You Provide Directly

• Account Registration: Full name, email address, and password when you sign up, or profile data from your Google account if you sign in via OAuth.
• User Content: Prompt blocks (Role, Context, Task, Modifier), assembled prompts, custom text cards, and any other content you create or save within the Service. See Section 4 for important information about how this content is stored.
• Payment Information: If you subscribe to a paid plan, billing is handled by Stripe. We do not store full payment card numbers on our servers. Stripe processes and stores payment data under its own PCI-compliant systems.
• Communications: Messages, feedback, or support requests you send us.

B. Information Collected Automatically

• Usage Data: Features accessed, AI requests made, timestamps, page views, and interaction patterns.
• Log and Device Data: IP address, browser type, operating system, referring URLs, and error reports.
• Cookies and Session Tokens: Authentication session cookies and analytics identifiers. See Section 9 for details.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To create and manage your account and provide the Service.
• To process your prompt content through third-party AI provider(s) to generate AI responses and feedback (see Section 3).
• To enforce subscription plan limits and rate limits on AI requests.
• To send transactional emails such as account verification, password resets, and billing receipts.
• To analyze aggregate usage patterns and improve the Service.
• To respond to your support requests and communications.
• To detect, investigate, and prevent fraud, abuse, or violations of our Terms of Service.
• To comply with applicable legal obligations.

3. Third-Party AI Processing

When you use AI-powered features (such as prompt feedback, block generation, tag suggestions, and prompt review), the content of your prompts is transmitted through our infrastructure to one or more third-party AI providers for processing. Currently, Cuedock routes AI requests through the Anthropic API. The specific provider(s) and routing may change at any time.

What This Means for Your Data

• Your prompt content (including block text and assembled prompts) is transmitted to the AI provider when you use an AI feature.
• Cuedock does not operate or control any third-party AI model. Each provider processes your content according to its own terms and privacy policies.
• We select API configurations designed to minimize unnecessary data retention by providers where such options are available, but we cannot guarantee how any third-party provider handles data once transmitted.
• For details on how specific providers handle submitted data, including whether they may use it for model training, please refer to their published policies, including Anthropic’s Privacy Policy.

Your Responsibility

You are responsible for reviewing the privacy policies and terms of any AI providers whose models are used through the Service if you have concerns about how your content may be processed. By using AI features, you consent to this transmission and processing.

4. How We Share Your Information

We do not sell your personal information. We do not share personal information for cross-context behavioral advertising. We share information only as described below:

Service Providers and Infrastructure

We use third-party service providers to operate the Service. These providers access your data only as necessary to perform their functions and are contractually required to protect it. Categories include:

• Database and Authentication: Supabase provides our database and authentication infrastructure. Your account data and User Content are stored on Supabase’s servers.
• Hosting and Deployment: Vercel provides our hosting, deployment, and serving infrastructure. Vercel processes request-level data as part of serving the application.
• AI Processing: Third-party AI providers process your prompt content when you use AI features. See Section 3 for details.
• Payment Processing: Stripe handles payment data under its own PCI-compliant systems. We do not store full payment card numbers.
• Email and Communications: We use third-party email services to send transactional and operational emails.
• Analytics: We may use analytics services to understand how the Service is used. See Section 9 for details on cookies and tracking.

Other Disclosures

• Community Library: If you share content to the Community Library, that content becomes visible to other users of the Service as described in our Terms of Service, Section 6(D).
• Legal and Safety Disclosures: We may disclose your information to law enforcement or other authorities if required by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect the rights, safety, or property of Cuedock, our users, or the public.
• Business Transfers: If MRCARE TECHNOLOGIES LLC or BENGY CAPITAL LLC is acquired by or merged with another company, or in connection with a sale of assets, financing, or restructuring, your information may be transferred as part of that transaction. We will provide notice prior to any such transfer becoming subject to a materially different privacy policy.

5. Data Storage and Security

What You Should Not Store

Because prompt content is not encrypted at rest, you should treat Cuedock as a productivity tool, not a secure vault. Do not store passwords, API keys, credentials, financial account numbers, protected health information, Social Security numbers, trade secrets, or any other data whose unauthorized disclosure could cause legal, financial, or personal harm. For the full list, see our Terms of Service, Section 7.

Security Measures

We use commercially reasonable safeguards to protect your information, including:

• HTTPS/TLS encryption for all data in transit
• Secure authentication via Supabase Auth
• Row Level Security (RLS) policies on database tables
• Infrastructure-level access controls and monitoring
• Principle of least privilege for administrative access

Despite these measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information and User Content for as long as your account is active or as needed to provide the Service.

When You Delete Your Account

• We will delete or anonymize your personal data and private User Content within approximately 30 days of account deletion.
• Backup copies may persist in our systems for a limited period before being overwritten through normal backup rotation.
• We may retain certain data beyond 30 days where required by law, or as reasonably necessary for fraud prevention, dispute resolution, tax or accounting obligations, enforcement of our Terms of Service, or security purposes.

Community-Shared Content

Deleting your account does not automatically remove content you have previously shared to the Community Library. Community-shared blocks and prompts may remain visible to other users after account deletion. Copies that other users have saved, forked, or adapted within the Service will not be automatically removed. To request removal of your community-shared content, you must explicitly delete it from the Community Library before deleting your account, or contact us at legal@cuedock.app.

If the Service Is Discontinued

In the event of a broad service discontinuation, Cuedock will endeavor to provide reasonable notice and an opportunity to export your data before deletion, except where immediate action is required for security, legal compliance, or operational reasons. After discontinuation, data may be permanently deleted. See our Terms of Service, Section 5 for details.

Anonymized Data

Anonymized, aggregate data that cannot reasonably be used to identify you may be retained indefinitely for analytics and service improvement purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (subject to legal retention obligations and the community content provisions in Section 6).
• Data Portability: Request your data in a commonly used, machine-readable format.
• Objection or Restriction: Object to, or request restriction of, certain processing activities.
• Withdraw Consent: Where processing is based on your consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at legal@cuedock.app. We will respond within 30 days or as required by applicable law. We may require verification of your identity before processing requests. We will not discriminate against you for exercising your rights.

California Residents (CCPA/CPRA)

You have the right to know what personal information we collect, share, or disclose; the right to delete your personal information; the right to correct inaccurate personal information; and the right to opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information for cross-context behavioral advertising. To submit a request, email us at legal@cuedock.app.

EU/EEA/UK Residents (GDPR/UK GDPR)

Where we process personal data of EU/EEA/UK residents, we rely on the following legal bases:

• Contract Performance: Processing necessary to provide the Service you requested (account management, content storage, AI processing).
• Legitimate Interests: Processing for service improvement, security, fraud prevention, and analytics, balanced against your rights.
• Legal Compliance: Processing required to comply with applicable laws.
• Consent: Where you have given explicit consent (e.g., for optional communications), which you may withdraw at any time.

You have the right to lodge a complaint with your local data protection supervisory authority.

8. Children’s Privacy

The Service is not directed to individuals under 18 years of age (or the age of majority in their jurisdiction). We do not knowingly collect personal information from children under 13 (or 16 in the EU/EEA). If we learn that we have collected such information, we will promptly delete it. If you believe a child has provided us with personal information, contact us at legal@cuedock.app.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

When you first visit Cuedock, a cookie consent banner allows you to accept or reject optional analytics cookies. Essential cookies are always active because the Service cannot function without them. Analytics cookies (Google Analytics, Vercel Analytics) are only loaded after you give consent. Your choice is stored locally and persists across sessions. You can change your preference at any time by clearing your browser’s local storage for cuedock.app or by using your browser’s cookie settings.

Disabling essential cookies through your browser may prevent you from using core features of the Service.

We do not currently respond to “Do Not Track” (DNT) browser signals, as there is no universally accepted standard for how to interpret them. If a standard is established, we will reassess this practice.

10. International Data Transfers

Cuedock is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. Data protection laws in those countries may differ from those in your country of residence.

Where required by applicable law (including for transfers of EU/EEA/UK personal data), we rely on appropriate transfer mechanisms, such as standard contractual clauses approved by the European Commission, to provide adequate safeguards for your data. By using the Service, you acknowledge that your data may be transferred internationally as described in this section.

11. Third-Party Links and Services

The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make material changes, we will update the “Effective Date” at the top of this page and notify you by email or via a prominent notice on the Service at least 15 days before the changes take effect (except where a shorter notice period is required by law or necessary for security or compliance reasons). Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: