PromptRails
Sign inGet started →
Legal · Privacy

Privacy Policy.

Last updated: March 2026

This Privacy Policy describes how PromptRails Inc ("PromptRails", "we", "us", or "our") collects, uses, stores, and shares information when you use our platform, website, APIs, and related services (collectively, the "Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and password. If you sign up using a third-party authentication provider (such as Google), we receive your name, email address, and profile picture from that provider.

1.2 Workspace and Platform Data

We collect data you provide through your use of the platform, including:

  • Agent configurations, prompts, and data source definitions
  • Execution inputs, outputs, and trace logs
  • API keys and credentials you store in the platform (encrypted)
  • Chat session messages and memory entries
  • Team member information and workspace settings

1.3 Usage and Analytics Data

We automatically collect:

  • API request logs (endpoints accessed, timestamps, response codes)
  • Execution metrics (token usage, latency, cost)
  • Browser type, IP address, and device information
  • Pages visited and features used

1.4 Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number. We receive and store your billing name, email, subscription status, and payment history from Stripe.

1.5 Google User Data

If you authenticate using Google or connect Google services (such as Google BigQuery), we access only the data necessary to provide the requested functionality:

  • Google Sign-In: We receive your name, email address, and profile picture to create and authenticate your account.
  • Google BigQuery: If you add a BigQuery credential, we use your service account credentials solely to execute queries you configure in your data sources. We do not access or store your BigQuery data beyond the query results returned during agent execution.

We do not sell, share, or use Google user data for advertising purposes. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the PromptRails platform
  • Authenticate your identity and manage your account
  • Execute AI agents and process LLM requests on your behalf
  • Display execution traces, analytics, and cost reports
  • Process billing and manage your subscription
  • Send transactional emails (account verification, password resets, billing)
  • Monitor platform health, performance, and security
  • Enforce usage limits and rate limiting
  • Respond to support requests
  • Comply with legal obligations

We do not use your prompts, agent outputs, or execution data to train AI models or for any purpose other than providing the Service to you.

3. How We Store Information

3.1 Data Storage

Your data is stored on secure cloud infrastructure. We use encrypted databases for all platform data. Credentials and secrets you store in PromptRails are encrypted at rest and are never exposed in API responses.

3.2 Data Retention

  • Account data: Retained as long as your account is active. You may request deletion at any time.
  • Execution traces and logs: Retained according to your plan's retention period.
  • Deleted resources: Soft-deleted and retained for a limited period for recovery, then permanently removed.
  • Payment records: Retained as required by applicable tax and accounting regulations.

4. How We Share Information

We do not sell your personal information. We may share data with:

  • LLM providers: When you execute an agent, your prompt inputs are sent to the LLM provider you configured (e.g., OpenAI, Anthropic, Google). This is necessary to process your request. Each provider's own privacy policy applies to data they receive.
  • Payment processor: Stripe processes your payments and receives necessary billing information.
  • Infrastructure providers: We use cloud hosting providers to run the platform. They may process data as part of providing infrastructure services.
  • Legal requirements: We may disclose data if required by law, legal process, or governmental request.

We do not share your data with third parties for their marketing or advertising purposes.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption at rest and in transit, secure password hashing, API key hashing, role-based access control, and rate limiting. For more details, see our Security page.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Export your data (agents, prompts, configurations)
  • Withdraw consent for optional data processing
  • Revoke third-party access (e.g., Google) at any time

To exercise any of these rights, contact us at privacy@promptrails.ai.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

8. Children's Privacy

PromptRails is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact

For privacy-related questions or requests, contact us at privacy@promptrails.ai.