Security & Privacy
We know your prompts are valuable, they're your ideas, your work, your intellectual property. Here's exactly how we protect them, explained in plain language.
Where We Store Your Data
Your data lives in two separate, secure places. We believe in transparency, so here's the breakdown:
| What We Store | Where It Lives | How It's Protected |
|---|---|---|
| Your login credentials Email, password, username | Authentication service infrastructure | Military-grade encryption |
| Your prompts & collections Prompt titles, content, descriptions | Secure cloud database | Military-grade encryption with row-level security |
| Version history Previous versions of your prompts | Secure cloud database | Military-grade encryption with row-level security |
| Usage analytics View counts, search history | Secure cloud database | Military-grade encryption with row-level security |
What this means for you: Your login information is handled by a specialized authentication service using enterprise architecture, while everything else - your prompts, collections, and history, lives in a secure cloud database with military-grade encryption and row-level security. We keep these separate for security: even if one system had an issue, your prompt data would remain protected in the other.
Who Can See Your Data?
Short answer: Only you. Here's how we make sure of that:
Row-Level Security (What It Means)
Think of it like this: Every piece of data in our database has an invisible label that says "belongs to [your account]." When you request your prompts, the database automatically filters to show only items with your label.
This happens at the database level, before any code even runs. It means even if someone found a bug in our application code, they still couldn't access your data because the database itself wouldn't let them.
How we protect your data:
- • Comprehensive security policies protect your data across all database tables
- • 100% data isolation: You see your prompts, we see ours, everyone else sees theirs
- • Zero data leakage: These policies are enforced automatically, there's no "turn them off" switch
What About PromptMaktaba Staff?
Our own team members are subject to the same restrictions. We can't access your prompts unless you explicitly ask us to help with a support issue, and even then, we'd need your permission first in writing.
How We Encrypt Your Data
Think of encryption like a safe for your data. Even if someone accessed our servers, they couldn't read your information without the key. Here's what we use:
When your data is stored
We use military-grade encryption, the same standard used by banks and governments. Your data is encrypted before it's saved and can only be decrypted with secure keys you don't even need to think about.
When your data travels
All connections use bank-level secure connections (the "https" in our URL). This means the data moving between your browser and our servers is encrypted in transit, like sending a locked box instead of a postcard.
Your password
We never see your actual password. It's protected using one-way encryption that cannot be reversed, and checked against a database of compromised passwords to keep you safe.
Your login sessions
Your session cookies are protected from malicious scripts, which safeguards you from common web attacks.
Will You Use My Prompts to Train AI?
No. Absolutely not. Your prompts are yours, and yours alone.
Your prompts are completely private. They belong to you and you alone. Here's our guarantee:
- NOT available to other PromptMaktaba users - your prompts are isolated and only visible to you.
- NOT available to AI model providers - when you use AI features, your prompts are processed and immediately discarded. They are not stored, not shared with Microsoft, OpenAI, or any other AI company.
- NOT used to train or improve AI models - AI providers do not use your prompts to train, retrain, or improve their models or services.
- Your intellectual property remains 100% yours - we don't have rights to your prompts, and neither does anyone else.
Important: If you choose to share your prompts publicly with the community, it is your responsibility to ensure you do not include any confidential, proprietary, or private information. Once shared publicly, those prompts become visible to other users as intended by the sharing feature.
This isn't just a promise, it's contractually guaranteed by our AI providers and verified in their official documentation. Your prompts are processed in a stateless manner and immediately forgotten after processing.
The Services We Work With
We're transparent about the types of services that help us run PromptMaktaba. Here's what they do and what data they handle:
AI Processing Service
AI features (content moderation, prompt improvements)
What they see: Only prompts you explicitly send to AI features (like "improve this prompt")
What they do with it: Process your request and immediately discard it. No storage, no training.
Important: This service never sees your prompts unless you explicitly use an AI feature. Your data is processed and immediately forgotten.
Authentication & Login Management
Secure user authentication
What they see: Your email, username, and encrypted password
What they do with it: Verify your identity when you log in using industry security standards.
Important: This service never sees your prompts or collections, only your login credentials.
Payment Processing
Secure payment processing (if you upgrade to a paid plan)
What they see: Payment information (credit card, billing address)
What they do with it: Process payments securely using the highest security standards for handling credit cards.
Important: This service never sees your prompts, only payment data.
Data Retention & Deletion
Your data is yours to keep or delete. Here's exactly what happens:
When You Delete Your Account
You request deletion
Your account is immediately marked for deletion, and you get a confirmation
7-day grace period begins
Changed your mind? You can cancel anytime in the next 7 days and fully restore your account
Permanent deletion (after 7 days)
Once the 7-day grace period ends, all your data is permanently and irreversibly deleted - prompts, collections, tags, version history, analytics, everything. There are no backups. There is no recovery. This deletion is final and cannot be undone. Please ensure you have exported anything you wish to keep before the 7-day period expires.
Why 7 days? We want to give you time to be sure. Accidentally clicked delete? Had a change of heart? You have a full week to undo it.
How Deletion Works Technically
Our database uses something called "cascade deletion." Think of it like dominoes: when we delete your account record, it automatically triggers deletion of everything connected to it.
This ensures nothing gets left behind - we delete all your data in one clean sweep.
Common Questions
Still have questions about security?
We're here to help. If something isn't clear or you have specific security concerns, please reach out.
security@promptmaktaba.comLast updated: October 26, 2025