Privacy Policy
Last updated: March 4, 2025
Who we are and data controller
This Privacy Policy describes how Motivd (or the entity operating Motivd, “we,” “us,” “our”) collects, uses, and protects your personal data when you use our platform. We act as the data controller for the personal data we process in connection with the Motivd service. Our contact details are available on our website. By using Motivd, you acknowledge that you have read and understood this policy.
Information we collect
We collect: (a) Account and profile data — email, name, password (hashed), and profile information you provide; (b) Usage and product data — how you use the builder, projects, prompts, and preferences; (c) Technical and device data — IP address, browser type, device identifiers, and log data; (d) Payment and billing data — processed by our payment provider (e.g. Stripe) in accordance with their privacy policy; we do not store full payment card numbers; (e) Communications — when you contact us or we contact you; (f) Data you provide in integrations — e.g. GitHub tokens or repository access you authorize. We do not knowingly collect sensitive special categories of data (e.g. health, biometrics) unless you voluntarily provide them in your content; in that case we process them only as necessary to provide the service.
Legal basis and how we use your information
We use your information to: provide, operate, and improve Motivd; authenticate you and manage your account; connect and operate integrations you authorize; process payments; communicate with you (service messages, updates, support); comply with legal obligations and enforce our Terms; and protect our rights and the security of the service. Our legal bases for processing (where applicable under GDPR) include: performance of our contract with you; our legitimate interests (e.g. security, product improvement, fraud prevention); your consent (where we ask for it, e.g. optional cookies or marketing); and compliance with legal obligations. We do not sell your personal data. We do not use your personal data for automated decision-making that produces legal or similarly significant effects.
Sharing and sub-processors
We may share your data with: (a) Service providers and sub-processors who process data on our behalf (e.g. hosting, databases, analytics, email, payment processing), under strict contractual obligations to protect your data and use it only as we instruct; (b) Professional advisers (e.g. lawyers, auditors) where necessary; (c) Law enforcement or regulators when required by law or to protect our rights; (d) A successor entity in the event of a merger, acquisition, or sale of assets, subject to this policy. We do not share your personal data with third parties for their own marketing. A list of key sub-processors (e.g. Supabase, Vercel, Stripe, GitHub where used) and their locations is available on request or in our documentation.
International transfers and safeguards
Your data may be processed in countries outside your residence, including the United States and other jurisdictions where our service providers operate. Where we transfer personal data from the EEA, UK, or Switzerland to countries not deemed to provide adequate protection, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the relevant authorities and/or supplementary measures. You may request details of the safeguards we use.
Data retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, including to provide the service, comply with legal obligations (e.g. tax, litigation), resolve disputes, and enforce our agreements. Account and usage data are generally retained while your account is active and for a reasonable period after deletion to allow recovery and to meet legal requirements. After that, we delete or anonymize data where possible. Aggregated or anonymized data may be retained longer for analytics and improvement.
Data security
We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including encryption in transit and at rest where appropriate, access controls, and regular review of our practices. No method of transmission or storage is 100% secure; we cannot guarantee absolute security. You are responsible for safeguarding your account credentials and for any activity under your account.
Your rights
Depending on your location, you may have the right to: access your personal data; rectify inaccurate data; request erasure (“right to be forgotten”); restrict or object to certain processing; data portability; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory authority (e.g. in the EEA, your local data protection authority). You can exercise many of these rights via your account settings or by contacting us. We will respond within the timeframes required by applicable law. We may need to verify your identity before processing a request.
Children’s privacy
Motivd is not directed at children under 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.
Cookies and similar technologies
We use cookies and similar technologies as described in our Cookie Policy. By using our site you consent to our use of cookies in accordance with that policy and your choices (e.g. optional cookies). You can change your preferences at any time.
Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the “Last updated” date. For material changes that affect how we use your personal data, we may provide additional notice (e.g. by email or in-product) and, where required by law, obtain your consent. Your continued use of Motivd after the effective date constitutes acceptance of the updated policy. We encourage you to review this page periodically.
Contact
For privacy-related questions, to exercise your rights, or to request a copy of the safeguards we use for international transfers, contact us at the email address or contact details provided on our website. We will respond in accordance with applicable law. To report a security vulnerability, use security@motivd.com (also linked from our Security page).