← Back to home

Privacy Policy

Last updated: March 28, 2026

1. Information We Collect

When you create an account, we collect your email address. If you sign in with Google, we also receive your name and profile picture from Google. We do not collect passwords.

When you subscribe to Pannely Pro, Stripe processes your payment information. We only store a Stripe Customer ID — we never see your full card number.

If you apply for an education discount, we collect your email address, school name, and any supporting document you choose to upload.

2. How We Use Your Information

  • To authenticate you and manage your account
  • To deliver and verify your Pro purchase status to the desktop app
  • To send transactional emails (magic login links, receipts, discount codes)
  • To respond to support requests
  • To process education discount applications

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Third-Party Services

Pannely uses the following third-party services, each governed by their own privacy policies:

  • Google OAuth — for sign-in. Google may collect data per their Privacy Policy.
  • Stripe — for payment processing. Card data is handled entirely by Stripe. See Stripe's Privacy Policy.
  • Neon — for database hosting. Your account and purchase data is stored on Neon-managed PostgreSQL servers.
  • Zoho Mail (SMTP) — for sending transactional emails.

We do not share your data with these providers beyond what is necessary to deliver the Service.

4. Data Storage & Security

Your data is stored in a PostgreSQL database hosted on Neon (US region). Authentication sessions are managed by NextAuth.js and stored in the same database. All connections use TLS encryption in transit.

We retain your account data for as long as your account is active. If you request deletion, we will remove your data within 30 days.

5. Desktop App

The Pannely desktop app communicates with our servers only to verify your purchase status. Your AI conversations, chat history, and API keys are stored locally on your device using SQLite and are never transmitted to our servers.

6. Cookies

We use session cookies solely for authentication. We do not use tracking, analytics, or advertising cookies.

7. Your Rights

You have the right to access, correct, or delete your personal data at any time. To request deletion of your account and all associated data, email support@pannely.com. We will process your request within 30 days.

If you are in the European Economic Area, you also have rights under GDPR including the right to data portability and the right to lodge a complaint with a supervisory authority.

8. Children's Privacy

Pannely is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

9. Changes

We may update this policy occasionally. Significant changes will be communicated by email. Continued use of Pannely after changes constitutes acceptance of the updated policy.

10. Contact

Questions about this policy? Email us at support@pannely.com.