PromptCut

Privacy Policy

Last updated: 27 May 2026

This Privacy Policy explains how PromptCut (operated by Sebastian Kwasniok) collects, uses, and protects your personal data. We are the controller within the meaning of Art. 4 No. 7 GDPR.

1. Data we collect

2. How we use it (legal basis)

We do not use your data for AI model training. We do not sell your data.

3. Sub-processors

We use the following third parties to operate the Service:

Transfers to US providers are protected by Standard Contractual Clauses and (where applicable) the EU–US Data Privacy Framework.

4. Retention

5. Cookies and analytics

We use a single essential cookie (the NextAuth session JWT) which cannot be opted out of — it's required for login to work. Optional analytics (Vercel Analytics) only run if you accept cookies in the banner. Analytics data is aggregated and does not identify individual users.

6. Your rights (GDPR)

You have the right to:

To exercise any right, email privacy@promptcut.online. We respond within 30 days.

7. Security

Passwords are hashed with bcrypt (cost factor 13). Connections use TLS 1.2+. API keys and webhook signatures are validated. Access to production data is restricted. No system is fully secure — if you discover a vulnerability, please email security@promptcut.online.

8. Changes

We'll notify you of material changes via email or in-app notice. Continued use after the effective date constitutes acceptance.

9. Contact

Privacy questions: privacy@promptcut.online
Controller details: see Impressum.