browse-ai.tools
← Back to Home

Privacy Policy

Last updated: 1/2/2026

1. Introduction

Welcome to browse-ai.tools ("we," "us," or "our"). We respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services. Please read this policy carefully to understand our practices regarding your data.

Data Controller

Browse-ai.tools is the data controller responsible for your personal data. For privacy inquiries, data subject requests, or questions about this policy, please contact us:

  • Email: [email protected]
  • Contact Form: /contact

2. Legal Basis for Processing Personal Data

Under GDPR, we must have a legal basis for processing your personal data. We process your data based on the following legal grounds:

  • Consent: When you explicitly consent to analytics tracking, marketing communications, or non-essential cookies
  • Contractual Necessity: To process payments, fulfill tool submissions, and provide services you request
  • Legitimate Interest: To improve our website, prevent fraud, ensure security, and operate our business (we balance this against your privacy rights)
  • Legal Obligation: To comply with tax, accounting, and other legal requirements (e.g., retaining payment records)

3. Types of Personal Data We Collect

3.1 Data You Provide Directly

  • Contact Form Submissions: Name, email address, subject, and message content
  • Tool Submissions: Tool name, URL, description, company information, contact details, and any metadata you provide
  • Payment Information: Transaction metadata (amount, date, status) processed through Stripe; we do not store payment card numbers or CVV codes
  • Advertising Bookings: Tool information, contact email, booking preferences, and payment details
  • User Accounts (Future): Username, email address, password (hashed), account preferences, and submission history

3.2 Automatically Collected Data

  • Device Information: Browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution
  • Usage Data: Pages visited, time spent on pages, click patterns, referral sources, search queries
  • Network Information: IP address (anonymized), approximate geographic location (country/region level)
  • Technical Data: Session identifiers, error logs, performance metrics

3.3 Data from Third-Party Services

  • PostHog Analytics: Aggregated analytics data, user behavior insights (configured with privacy-first settings)
  • Stripe: Payment transaction data, customer identifiers, billing information
  • Resend: Email delivery status, bounce rates, open rates (for transactional emails)

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • Service Delivery: To process tool submissions, manage advertising bookings, respond to contact inquiries, and provide requested services
  • Payment Processing: To securely process payments through Stripe for tool submissions and advertising services
  • Communication: To send transactional emails (order confirmations, booking confirmations), respond to inquiries, and provide customer support
  • Website Improvement: To analyze user behavior, optimize website performance, understand tool popularity, and enhance user experience
  • Security and Fraud Prevention: To detect and prevent fraud, abuse, security threats, and unauthorized access
  • Legal Compliance: To comply with legal obligations, including tax, accounting, and data protection requirements
  • Marketing (with consent): To send marketing communications about new features, tools, or services (only with your explicit consent)

5. Data Security and Protection

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption: All data in transit is encrypted using HTTPS/TLS. Sensitive data at rest is encrypted using industry-standard encryption
  • Payment Security: We never store payment card numbers or CVV codes. All payment processing is handled by Stripe, which is PCI DSS Level 1 compliant
  • Access Controls: We limit access to personal data to authorized personnel only, on a need-to-know basis
  • Data Minimization: We only collect and retain data that is necessary for the stated purposes
  • Regular Security Reviews: We conduct regular security assessments and updates to protect against vulnerabilities
  • Incident Response: We have procedures in place to detect, respond to, and report data breaches in accordance with GDPR requirements

6. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law:

  • Contact Form Data: Retained for 24 months for customer support purposes, then securely deleted
  • Email Addresses: Retained while you maintain consent for communications; deleted within 30 days of opt-out
  • Payment Transaction Data: Retained for 7 years for accounting and tax compliance (legal obligation)
  • Analytics Data (PostHog): Retained for 13 months, then automatically deleted
  • Tool Submission Data: Retained for the duration the tool is listed, plus 12 months after removal
  • User Account Data (Future): Retained for account lifecycle, plus 90 days after account deletion (for backup/recovery)

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policy.

7. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR) and other applicable privacy laws, you have the following rights:

  • Right of Access: You can request a copy of all personal data we hold about you. We will respond within 30 days (extendable to 90 days for complex requests)
  • Right to Rectification: You can request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your personal data in certain circumstances, subject to legal obligations (e.g., tax records)
  • Right to Restrict Processing: You can request that we limit how we use your data temporarily (e.g., while investigating a data accuracy dispute)
  • Right to Data Portability: You can request your data in a structured, machine-readable format and receive it directly or have it transmitted to another controller
  • Right to Object: You can object to processing based on legitimate interest or for direct marketing purposes
  • Right to Withdraw Consent: Where processing is consent-based, you can withdraw consent at any time. Withdrawal does not affect the lawfulness of prior processing
  • Right to Lodge a Complaint: You can submit a complaint to your national data protection authority if you believe we have violated your privacy rights

To exercise any of these rights, please contact us at [email protected] or use our contact form. We will respond to your request within 30 days.

8. Third-Party Data Processors

We use trusted third-party service providers who act as data processors on our behalf. We have Data Processing Agreements (DPAs) with each processor ensuring they process data only on our instructions and under appropriate confidentiality obligations:

  • Stripe, Inc. (Payment Processing) - Processes payment transactions. Data location: United States (with Standard Contractual Clauses for EU transfers). Privacy Policy
  • PostHog, Inc. (Analytics) - Provides website analytics. Data location: EU (GDPR compliant). Privacy Policy
  • Resend, Inc. (Email Services) - Sends transactional and marketing emails. Data location: United States (with Standard Contractual Clauses). Privacy Policy
  • Vercel, Inc. (Hosting) - Hosts our website and processes server logs. Data location: United States and EU. Privacy Policy
  • Supabase, Inc. (Database) - Stores and processes data in our database. Data location: EU (GDPR compliant). Privacy Policy

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

9. International Data Transfers

Some of our third-party processors are located outside the European Economic Area (EEA). When we transfer your personal data to these processors, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs): EU-approved contractual clauses that ensure your data receives adequate protection
  • Adequacy Decisions: Where applicable, transfers to countries with EU adequacy decisions
  • Data Processing Agreements: Contracts that require processors to maintain GDPR-equivalent protections

By using our services, you consent to these international transfers in accordance with this Privacy Policy.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. For detailed information about our cookie practices, please see our Cookie Policy.

Summary:

  • Essential Cookies: Required for website functionality (no consent required)
  • Analytics Cookies (PostHog): Used with your consent to analyze website usage. PostHog is configured with privacy-first settings: IP anonymization, no cookies stored, data processed in EU
  • Marketing Cookies: Not currently used, but if implemented, will require explicit consent

You can manage your cookie preferences through your browser settings or our cookie consent banner (when applicable).

11. Marketing Communications

We may send you marketing communications only with your explicit consent. You can opt-in to receive:

  • Newsletters about new AI tools and features
  • Updates about our directory and services
  • Promotional content (with your consent)

Transactional emails (order confirmations, booking confirmations, service updates) do not require consent and are sent as part of our service.

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email or by contacting us at [email protected]. We will process your opt-out request within 10 days.

12. Children's Privacy

Our website is not intended for children under 16 years of age (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

13. Sponsored Content and Advertising

Our website features sponsored content and advertising placements. We process data related to advertising bookings (tool information, contact details, payment data) to fulfill advertising contracts. We do not share your personal data with advertisers beyond what is necessary to display your advertisement. Sponsored content is clearly labeled. We do not use your browsing behavior to target advertisements without your explicit consent.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification (for significant changes) if you have provided your email address
  • Displaying a prominent notice on our website for material changes

Your continued use of our website after changes take effect constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Contact Form: /contact

For data subject requests (access, deletion, portability, etc.), please use the contact methods above. We will respond within 30 days (or 90 days for complex requests) as required by GDPR.

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your authority at edpb.europa.eu.

Privacy Policy — Browse AI Tools