Legal

Privacy Policy

Last updated: April 2026

1. Introduction

OrgGen AI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our organizational chart generation service.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using OrgGen AI, you agree to the collection and use of information in accordance with this policy.

2. Data We Collect

2.1 Account Information

  • Email address (required for authentication)
  • Display name (optional)
  • Profile picture (from OAuth providers, if you choose to sign in with Google/GitHub)

2.2 Project Data

  • Organizational charts and structures you create
  • Team member names, roles, and relationships
  • Chat conversations with our AI assistant
  • Version history of your projects

2.3 Usage Data

  • Device information (browser type, operating system)
  • IP address (anonymized for analytics)
  • Pages visited and features used
  • Timestamps of activity

3. How We Use Your Data

  • Service Delivery: To provide and maintain our organizational chart generation service
  • AI Processing: To process your natural language prompts and generate org charts
  • Communication: To send you service updates and respond to support requests
  • Analytics: To understand how users interact with our service and improve it
  • Security: To detect, prevent, and address technical issues and abuse

4. Third-Party Services

We use the following third-party services to operate OrgGen AI:

  • Supabase: Database and authentication (servers in EU region)
  • Vercel: Hosting and edge functions
  • Anthropic (Claude): AI language model for natural language processing
  • Vercel Analytics: Privacy-focused usage analytics

5. Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure:Request deletion of your data ("right to be forgotten")
  • Right to Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing of your data for certain purposes

To exercise any of these rights, contact us at privacy@orggen.ai. You can also export or delete your data directly from your account settings.

6. Data Retention

We retain your account and project data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

7. Cookies

We use the following types of cookies:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand how users interact with our service (opt-in only)

You can manage your cookie preferences using the banner shown on your first visit.

8. Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS) and at rest, regular security audits, and access controls.

9. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@orggen.ai