Privacy Policy - DataMorph AI

Complete Privacy Policy

1. Data We Do NOT Collect

JSON Content: We never store, log, or access the JSON data you convert.

Conversion Results: Output data is generated locally and not transmitted to our servers.

Personal Files: We have no access to files you upload or download.

Business Data: Sensitive business information remains completely private.

2. How Our Tool Works (Privacy-First)

Client-Side Processing

All JSON conversion, validation, and formatting happens directly in your browser using JavaScript. Your data never leaves your device during these operations.

Memory-Only Operations

Data is processed in your browser's memory only. Nothing is written to disk, cached, or stored permanently.

Automatic Cleanup

When you refresh the page or navigate away, all data is automatically cleared from memory.

3. Data We Do Collect (Minimal)

Analytics: Basic website usage statistics (page views, browser type, country) via privacy-friendly analytics.

Purpose: Improve website performance and user experience.

Account Information: Email and profile data for registered users (optional).

Purpose: Authentication and premium feature access.

Usage Metrics: Feature usage counts for premium users (not content).

Purpose: Billing and usage tracking for premium features.

4. AI Features & Privacy

Premium AI Processing

For AI-powered features (data cleaning, schema generation), minimal data may be sent to our AI providers:

Data is sent over encrypted connections (HTTPS)
AI providers do not store or train on your data
Data is deleted immediately after processing
You explicitly opt-in to AI features

Your Control

AI features are optional. You can use all core conversion tools without ever enabling AI processing.

5. Third-Party Services

Authentication (Supabase)

Secure user authentication and account management. Only email and profile data.

Analytics (Vercel Analytics)

Privacy-friendly analytics without personal data collection.

AI Processing (Optional)

Groq and xAI for premium features only, with explicit user consent.

6. Your Rights & Controls

Access

Request all data we have about you (usually just account info).

Delete

Request deletion of your account and all associated data.

Correct

Update or correct any personal information we store.

Export

Download all your data in a portable format.

7. Security Measures

Encryption

All data transmission uses HTTPS/TLS encryption.

Access Control

Strict access controls and authentication systems.

Regular Audits

Security practices reviewed and updated regularly.

Incident Response

Immediate response plan for any security issues.

8. Regional Compliance & International Users

GDPR Compliance (EU Users)

• Lawful Basis: Legitimate interest for analytics, consent for premium features
• Data Minimization: We collect only essential data, never JSON content
• Right to Erasure: Delete your account and data anytime
• Data Portability: Export your data in standard formats
• Privacy by Design: Client-side processing ensures data protection

CCPA Compliance (California Users)

• No Sale of Data: We never sell personal information
• Right to Know: Request details about data collection
• Right to Delete: Request deletion of personal information
• Non-Discrimination: Equal service regardless of privacy choices
• Transparent Processing: Clear disclosure of data practices

Other Regional Laws

We respect privacy laws worldwide including UK GDPR, Canada's PIPEDA, Brazil's LGPD, and other regional data protection regulations. Our privacy-first architecture with client-side processing provides strong protection regardless of jurisdiction.

9. Contact & Updates

Privacy Questions

For any privacy-related questions or concerns, contact us at:

[email protected]

Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer: