गोपनीयता नीति
अंतिम अपडेट: 25/05/2026
Last updated: May 2026
1. Data Controller
GiaNet Media di Francesco Giannetta, based in Otranto (LE), Italy. For data-related requests: support system.
2. Data Collected
WriteForge collects and processes the following data categories:
- Registration data: first name, last name, email, password (hashed)
- Project data: texts, manuscripts, notes, narrative structures, created entities
- AI interaction data: prompts sent, generated responses, style preferences
- Technical data: IP address, browser type, operating system, access logs
- Payment data: handled entirely by Stripe (we do not store card data)
3. Purposes and Legal Basis
| Purpose | Legal basis | Retention |
|---|---|---|
| AI writing service delivery | Contract performance (Art. 6.1.b GDPR) | Account duration + 12 months |
| Service improvement and aggregate analytics | Legitimate interest (Art. 6.1.f) | Anonymized data |
| Service communications | Contract performance (Art. 6.1.b) | Account duration |
| Tax and accounting obligations | Legal obligation (Art. 6.1.c) | 10 years |
4. Creative Content Processing
Texts, manuscripts and projects created by users are the exclusive property of the user. WriteForge does not use user content to train AI models, nor share it with third parties. Content is processed by AI providers (Anthropic, OpenAI) solely to deliver the requested service, under their respective API data non-training policies.
5. Data Transfers
Data may be transferred to:
- AI Providers (USA): Anthropic, OpenAI — with adequate safeguards (DPA + SCCs)
- Stripe (USA): for payment processing — PCI DSS Level 1 certified
- Hetzner (Germany): server hosting — data within EU
6. Data Subject Rights
Under GDPR Articles 15-22, users have the right to: access, rectification, erasure, portability, objection, and restriction of processing. To exercise these rights: support system.
7. Account Deletion
Account deletion results in the removal of all projects, manuscripts, and personal data within 30 days. Tax-related data is retained as required by law.
8. Security
We implement appropriate technical and organizational measures: TLS encryption in transit, strong authentication, encrypted backups, continuous monitoring.
9. Supervisory Authority
Users may lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali — www.garanteprivacy.it).