Privacy Policy

Account data: email, name (optional), password hash, plan and billing status. If you sign in with Google, we receive your email and a Google account identifier.

Scan data: the text, images, audio or video you upload for detection, plus the resulting verdict, confidence and metadata. Scans are linked to your account and kept forever unless you delete them.

Billing data: card brand and last four digits, billing address and tax ID where applicable. Card numbers are tokenised by Stripe and never reach our servers.

Telemetry: page-view events, feature usage and error logs (no PII in error logs by policy). We use first-party analytics only.

Support data: any messages, screenshots or files you send to support@ai-detectors.io.

To provide the detection service, including running scans, returning verdicts and storing your scan history.

To bill you and prevent fraud, including verifying card details and detecting unusual usage.

To send transactional email - receipts, password resets, security alerts. We do not send marketing email without explicit opt-in.

To improve detection quality. We do not train detectors on your uploads - detection improvements come from public benchmarks like RAID, not from your data.

To comply with law, including responding to lawful requests from regulators or courts.

We use a small number of first-party cookies for authentication, theme preference and basic analytics. We do not use ad-tracking cookies.

See /cookies for the full list and your control options.

Stripe - payment processing. Stripe receives your billing information directly.

Resend - transactional email delivery. Receives your email address and the message body.

Cloudflare - CDN, DDoS protection. Sees IP addresses for rate-limiting purposes.

Vercel - hosting. Sees IP addresses for routing and performance.

We do not sell personal information to third parties. We do not share with advertisers.

Account data: retained while your account is active. Deleted within 30 days of account deletion.

Scan data: retained forever on every plan, unless you delete an individual scan or your account. Lifetime history is a feature, not a retention liability.

Billing data: retained as required by tax law (typically 7 years).

Logs: 30 days for security and abuse-prevention purposes, then deleted.

You can access, correct, export or delete your data at any time from /dashboard/settings or by emailing privacy@ai-detectors.io.

We respond to verified data-subject requests within 30 days. We will not retaliate for exercising your rights.

EU/UK residents have the right to lodge a complaint with their data protection authority.

We process data on infrastructure in the EU and the US. Transfers between regions rely on Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms.

We've signed a DPA - see /dpa.

ai-detectors.io is not intended for children under 13 (under 16 in the EU). We do not knowingly collect personal information from children.

We use TLS 1.3 in transit and AES-256 at rest. Passwords are hashed with bcrypt. We're SOC 2 Type II in progress with target completion Q4 2026.

Report a vulnerability to security@ai-detectors.io. We respond within 24 hours.

We will email all account holders before any material change to this policy. The 'last updated' date at the top of this page is authoritative.

Privacy enquiries: privacy@ai-detectors.io

Postal: AI Detectors, Inc., 254 Chapman Rd, Ste 209-7488, Newark, DE 19702, USA