Legal
We care about your privacy. This policy explains what data we collect, how we use it, and the choices you have.
Beomz · Effective date: March 2026
When you sign up for Beomz using Google OAuth, we receive your name and email address from Google. We do not collect or store your Google password.
We collect information about how you use Beomz, including the apps you build, prompts you submit, AI generations consumed, and feature interactions. This data helps us improve the platform and enforce plan limits.
We automatically collect standard log data such as your IP address, browser type, operating system, referring URLs, and timestamps when you access our services.
Payments are processed by Stripe. We never store your full card number or payment credentials — Stripe handles all payment data in compliance with PCI-DSS standards.
Your name and email are used to create and manage your Beomz account, send transactional emails (e.g. billing receipts, password resets), and authenticate you across sessions.
We use your data to power the AI app builder, track your plan usage (generations, projects), save your project history, and enable publishing features.
Aggregated and anonymised usage data helps us understand how the platform is used so we can prioritise features, fix bugs, and optimise performance.
We may send you product updates, tips, and announcements. You can opt out of marketing emails at any time via the unsubscribe link in any email.
Our database and authentication infrastructure is hosted on Supabase (supabase.com). Your account data, project data, and chat history are stored in Supabase's PostgreSQL database. Supabase processes data in accordance with GDPR and SOC 2 Type II standards.
Sign-in is powered by Google OAuth 2.0. When you authenticate with Google, we receive only your name and email address. We do not access your Google Drive, Gmail, or any other Google services.
App generation is powered by Anthropic's Claude API. Your prompts and the resulting generated code are sent to Anthropic's API to produce responses. Please refer to Anthropic's privacy policy for details on how they handle API data.
Subscription billing is managed by Stripe (stripe.com). Stripe is a PCI Service Provider Level 1 certified payment processor. Your payment details are handled entirely by Stripe and never touch our servers.
Published apps and our platform are hosted on Cloudflare Pages. Cloudflare may process request data (such as IP addresses) as part of providing CDN and security services.
The Beomz platform (beomz.com) is deployed on Vercel. Vercel may process request logs and technical metadata as part of hosting our Next.js application.
We retain your account data, projects, and chat history for as long as your account is active or as needed to provide the service.
You may delete your account at any time from your account settings. Upon deletion, we will permanently remove your personal data, projects, and chat history within 30 days, except where we are required to retain data for legal or financial compliance purposes (e.g. billing records may be retained for up to 7 years as required by law).
Deleted data may persist in encrypted backups for up to 90 days before being permanently purged from all backup systems.
You have the right to request a copy of the personal data we hold about you. Contact us at hello@beomz.com and we will provide an export within 30 days.
You can update your name and email directly within your account settings at any time.
You have the right to request deletion of your personal data. You can do this via account settings or by emailing hello@beomz.com.
If you are located in the EU or EEA, you have additional rights under the General Data Protection Regulation, including the right to object to processing and the right to lodge a complaint with your local supervisory authority.
All data is transmitted over HTTPS/TLS. Database access is protected by row-level security (RLS) policies, ensuring each user can only access their own data. We never expose service-role database credentials to the client.
If you discover a security vulnerability, please report it to hello@beomz.com. We take all reports seriously and will respond within 72 hours.
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at hello@beomz.com. We aim to respond to all enquiries within 5 business days.
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page and, where appropriate, notify you by email. Your continued use of Beomz after changes are posted constitutes your acceptance of the updated policy.