Privacy Policy | WordMate.ai

This Privacy Policy explains how the provider identified in the corporate details block below ("we," "us," or "our") processes personal data when you access or use WordMate.ai, including its website, browser extensions, mobile applications, and related services (the "Service").

Some processing is necessary to provide the Service, secure it, manage billing, respond to support requests, and comply with legal obligations. If you do not want us to process the data needed for those purposes, do not use the Service.

1. Who We Are

The provider and data controller for WordMate.ai is the entity identified in the corporate details block on this page.

For privacy-related requests or questions, contact support [at] makiapps [dot] com.

2. Data We Collect

Account, identity, and authentication data such as name, email address, sign-in method, and credentials or verification codes.
Subscription, billing, invoicing, tax, and payment-status records handled through Stripe or other payment processors we may use.
User content and inputs such as saved words, lists, prompts, support messages, selected text, settings, and other material you submit or generate through the Service.
Technical and usage data such as IP address, device and browser details, pages viewed, actions taken, timestamps, diagnostic logs, and approximate city-level location inferred from network data.
Cookies, local storage, consent choices, and preference data used to keep the Service working and remember settings.
Communications and records related to support, billing, abuse prevention, security incidents, disputes, and legal matters.

3. How We Use Your Data

To operate, maintain, personalize, and secure the Service, including account access, synchronization, and user support.
To generate vocabulary suggestions, writing assistance, and other AI-assisted outputs you request.
To process payments, subscriptions, renewals, taxes, fraud checks, and billing disputes.
To monitor performance, debug issues, detect abuse, enforce our Terms of Service, and protect our systems, users, and business.
To send service-related, billing, compliance, and security communications.
To comply with applicable law, respond to lawful requests, establish or defend legal claims, and support corporate transactions if our business is sold, transferred, or reorganized.

4. Legal Basis for Processing (GDPR)

Performance of a contract when we provide the Service, manage your account, and deliver free or paid features.
Legitimate interests in operating, improving, supporting, defending, and securing the Service, preventing fraud or abuse, and protecting our rights.
Consent where required, including for optional analytics, marketing, or consent-based technologies.
Legal obligation for tax, accounting, consumer-protection, compliance, or regulatory duties.
Where relevant, the establishment, exercise, or defense of legal claims.

5. AI Processing and Sub-processors

To provide AI-assisted features, we may send selected text, prompts, instructions, language settings, and limited technical or account context to external model providers and other processors acting on our behalf.

Processors may include hosting, delivery, authentication, email, analytics, monitoring, payment, support, and AI providers such as OpenAI, Anthropic, Google, and similar vendors we reasonably use.
Those providers may process data under their own terms, privacy notices, and data processing arrangements in addition to our instructions.
We try to minimize personal data in these flows, but you should not submit highly sensitive or regulated information unless you are entitled to do so and it is strictly necessary for your use case.

6. Sharing and Recipients

We share data only where reasonably necessary to run the Service, support transactions, protect our business, or comply with legal obligations.

We may also disclose data to professional advisers, auditors, insurers, acquirers, or public authorities where reasonably necessary or legally required.

Category	Provider Type	Purpose
Payment processing	Stripe and similar processors	Billing, renewals, tax, fraud checks
Hosting and delivery	Infrastructure, CDN, storage, and security vendors	Hosting, storage, performance, and access protection
Authentication, email, and support	Authentication, transactional email, and support vendors	Sign-in, account notices, and support operations
AI and language processing	OpenAI, Anthropic, Google, and similar providers	Generating suggestions, transformations, and language outputs
Analytics and monitoring	Analytics, logging, and error-monitoring vendors	Diagnosing issues, measuring usage, and preventing abuse

7. International Data Transfers

Some recipients may process data outside Spain, the EEA, or the UK.
Where required, we rely on adequacy decisions, Standard Contractual Clauses, or other recognized safeguards for international transfers.
By using the Service, you understand that processors in other jurisdictions may handle data under legal regimes that differ from your own.

8. Data Retention

Account and profile data may be kept while your account is active and for a reasonable period afterward to support reactivation, disputes, security, backups, and legal compliance.
Invoices, tax records, payment records, and related audit trails may be retained for as long as required by tax, accounting, fraud-prevention, or legal obligations.
Support, operational, and security logs are generally retained for up to 12 months, but may be kept longer where needed for incidents, investigations, or claims.
AI inputs, outputs, and saved content may remain in product history until you delete them, close your account, or we remove them under our retention rules. Temporary processing logs or backups may persist for a limited additional period.
When data is no longer reasonably needed, we delete it, anonymize it, or place it beyond routine use, although archived backups may remain until overwritten in the ordinary course.

9. Data Security

We use technical and organizational measures that we consider appropriate to the nature of the data and the risks involved.
These measures may include encryption in transit, access controls, logging, backups, environment segregation, and restricted operational access.
No system is perfectly secure. You are responsible for safeguarding your credentials, devices, and any information you choose to submit through the Service.

10. Your Rights (GDPR and EU)

Subject to applicable law, you may have rights of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent where consent is the basis for processing.
To exercise these rights, contact support [at] makiapps [dot] com. We may ask you to verify your identity before acting on a request.
You may also lodge a complaint with the Spanish Data Protection Agency (AEPD): https://www.aepd.es

11. Cookies and Local Storage

We use cookies, local storage, and similar technologies for authentication, preferences, security, measurement, and consent management.
Optional analytics or attribution technologies are used only where enabled and, where required, with consent.
For more detail, see our Cookie Policy. Browser settings may let you block or delete certain technologies, but doing so can break parts of the Service.

12. Children's Privacy

The Service is not intended for children under 16 years of age. If you believe a child has provided personal data through the Service, contact us and we will review the request.

13. Changes and Contact

We may update this Privacy Policy from time to time. The latest version will always be posted on this page.

If we make a material change to how we handle personal data, we may provide notice by email, in-product messaging, or other reasonable means when appropriate.

Questions or privacy requests may be sent to support [at] makiapps [dot] com.