Your data, your control
Last updated: 2026-05-09
What we collect
When you sign up, we collect your email address and the URLs of websites you connect for Brand DNA scanning. When you generate ads, we store the briefs, the generated copy and images, and the published-platform metadata you authorize.
We do not collect, store, or analyze your browsing history outside ManiAI, your social inbox, or any data from other sites unless you explicitly connect them.
How we use it
- › To scan your website and extract Brand DNA (colors, tone, audience, product catalog). Only the public pages of URLs you submit.
- › To generate ads using Claude (Anthropic) for copy and FairStack for images. We send your brief and Brand DNA snippet to these providers. We do not send your full account history.
- › To deliver the product, respond to support requests, and (if you opt in) send marketing emails about Mani features.
- › To improve the product through aggregated, anonymized usage analytics (PostHog). Individual browsing behavior is never sold or shared.
We do not train on your data
Your Brand DNA, product photos, ad copy, and generation history are never used to train AI models. Your data serves one purpose: generating content for your brand. Not for ours. Not for other customers. Not for model improvement. This applies to all AI providers we use (Anthropic Claude, FairStack image generation).
Third-party processors
We use a small set of trusted vendors:
Anthropic (Claude)
Ad copy generation. Subject to Anthropic's privacy policy.
FairStack
Image generation and CDN hosting for generated images.
Stripe
Payment processing. We never store credit card numbers. PCI DSS Level 1.
Resend
Transactional email (magic links, receipts, notifications).
Railway
Application hosting and PostgreSQL database. US-based.
Cloudflare
CDN, DNS, DDoS protection, and R2 storage for generated media.
Cookies and tracking
We use a minimal set of cookies: an authentication session cookie (httpOnly), and optional analytics cookies if you accept them. We do not use third-party advertising trackers on our marketing site. For a detailed breakdown of every cookie and vendor, including retention periods and opt-out instructions, see our Cookie Policy.
Your rights (GDPR + CCPA)
You can:
- ✓ Request a copy of all data we hold about you
- ✓ Correct inaccurate data
- ✓ Delete your account and all associated data permanently
- ✓ Export your generated ads in standard formats
- ✓ Opt out of any analytics or marketing emails
- ✓ Object to processing of your personal data
- ✓ Request restriction of processing
Email privacy@maniai.com and we will respond within 30 days.
Data retention
Active accounts: Data retained as long as your account exists.
Cancelled accounts: Data deleted within 90 days unless legal hold applies. You can request immediate deletion.
Generated content: Yours forever in your library. We do not reclaim it.
Free tool usage: Brand DNA scan results cached for 7 days, then deleted. No account required.
International data transfers
ManiAI's infrastructure is US-based (Railway, Cloudflare). If you are located in the EU/EEA, your data is transferred to the US under Standard Contractual Clauses (SCCs) where applicable. A Data Processing Agreement (DPA) is available on request. Email privacy@maniai.com.
Data security
All data encrypted at rest (AES-256-GCM) and in transit (TLS 1.3). Passwords hashed with bcrypt. API keys hashed with SHA-256. SOC 2 Type II audit in flight (targeting Q3 2026). For full security details, see our Security page.
Children
ManiAI is not for children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us data, contact privacy@maniai.com and we will delete it.
Changes
We will email you about material changes to this policy. Minor updates show up here with a new "last updated" date.