Privacy Policy

This policy explains what personal data WriteEasy collects, why, and what you can do about it. It's written plainly because privacy shouldn't need a law degree.

Who's responsible

WriteEasy is the data controller for your information.

Unit 11 Newhaven Enterprise Centre, Denton Island, Newhaven, East Sussex, BN9 9BA, United Kingdom.
Contact: support@writeeasy.co.uk.

What we collect

• Your email address — used to sign you in and contact you about the service.
• Business profile details (name, location, phone, website, description) — only what you choose to enter. We inject these into your generated content.
• Briefs and generated content — the text you type and the output we return. Needed for the service to work.
• Subscription data — handled by Stripe. We store your Stripe customer ID, subscription status, trial end date, and next renewal date. We never see or store your full card number.
• Server logs— standard web access logs (IP address, user agent, page visited) for security and debugging. We don't use these for tracking or advertising.

Why we process this data

To provide the service (legal basis: contract) — signing you in, generating content, billing, responding to support.

To keep the service running safely (legal basis: legitimate interests) — debugging errors, preventing abuse, keeping accounts secure.

We don't sell your data. We don't use it for advertising. We don't share it with anyone except the processors below.

Who processes your data on our behalf

We use trusted third parties to run the service. Each one only receives the data it needs:

• Supabase (database, authentication) — stores your account, business profile and subscription status. Hosted in the EU.
• Anthropic(the AI that generates your content) — receives your brief and business profile each time you click Generate. Anthropic states it doesn't use API customer data to train its models.
• Stripe (payments) — handles your card details. We never see them.
• Vercel (hosting) — runs our website.
• Namecheap Private Email — delivers sign-in codes and support emails.

International transfers

Some of these processors are based in the United States. Where data leaves the UK, it's protected either by the UK Extension to the EU-US Data Privacy Framework or by Standard Contractual Clauses (or both).

How long we keep your data

• Account data: while your account is active, plus 30 days after you close it, then deleted.
• Generated content: we don't permanently store what we generate for you (each generation is processed in memory and returned). Server logs containing brief snippets roll off after 30 days.
• Billing records: kept for 6 years as UK tax law requires. Handled by Stripe.

Your rights under UK GDPR

You can at any time:

• Ask for a copy of the data we hold about you.
• Ask us to correct anything that's wrong.
• Ask us to delete your account and data.
• Ask us to stop or restrict processing.
• Ask for your data in a portable format.
• Object to processing based on legitimate interests.

Email support@writeeasy.co.uk and we'll action any of these within one month. No forms, no friction.

If you're unhappy with how we handle your data, you can complain to the UK Information Commissioner's Office at ico.org.uk.

Cookies

We only use essential cookies — specifically a session cookie so you stay signed in. We don't use advertising or analytics cookies. See the Cookies notice for details.

Changes

If we make significant changes to this policy, we'll email you. Otherwise we update the “Last updated” date at the top.