Skip to main content
Privacy Policy

Privacy Policy.

Last updated: May 15, 2026

BrandMint AI (“BrandMint”, “we”, “our”) provides an AI-driven brand identity generation service. This policy explains what personal information we collect, why we collect it, where it is stored, who we share it with, and the rights you hold.

We collect the minimum information necessary to provide the service. We do not sell personal information to anyone.

1. Information we collect

1.1 Account information

When you sign in we receive:

  • Your email address (via magic link or Google OAuth).
  • Your name and profile photo URL, if you sign in with Google.
  • A Supabase-issued user identifier.

1.2 Brand intake information

When you submit the intake form, we collect everything you provide: business name, industry, location, price tier, brand stage, name meaning, sensory description, customer outcome, aspirational reference brands, personality traits, unique factor, ideal customer, color preferences, typography, and logo style.

1.3 Generated brand book

We store the AI-generated brand book (philosophy, mission, palette, logo, pattern, stationery designs) so you can re-download it and so it appears in your purchased library.

1.4 Payment information

Payments are processed by our payment partner Gumroad. We do not store your card details or full billing address. We receive only the order id, amount, and your email from Gumroad after a successful purchase.

1.5 Technical information

To operate the service securely we log:

  • IP address and user-agent string on key events (intake, generation, purchase).
  • Session identifier (for funnel analytics).
  • Approximate timing of events you trigger (page views, generation completion, downloads).

2. Why we collect it

  • To provide the service. Generating your brand book requires your intake input. Showing it back to you requires us to store it.
  • To authenticate you. Your email anchors your account and lets you re-access purchased brands.
  • To process your purchase. Order data is required to deliver what you paid for and to handle refunds or disputes.
  • To improve quality. Aggregate event data tells us which steps users drop off at; we never review individual brand books for marketing.
  • To meet legal obligations. Webhook payloads and order records are retained for tax, accounting, and chargeback dispute purposes.

3. AI generation disclosure

Brand book content (copy, palette, logo specifications, pattern designs) is generated by third-party large language and image models, including OpenAI’s GPT-4.1 and gpt-image-1. The intake input you provide is sent to these models to produce your brand. OpenAI’s API does not, per their published policy, retain or train on data submitted via the API. We do not feed your intake into any other training pipeline.

4. Where your data is stored

  • Database: Supabase (PostgreSQL). Region depends on your Supabase project — typically EU or US.
  • Generated assets (logo, pattern, PDF): Supabase Storage public bucket, served via CDN.
  • Authentication: Supabase Auth.
  • Emails (sign-in links, purchase confirmation): Resend.

5. Third parties we share with

We share information with the following sub-processors strictly to operate the service. Each has its own privacy policy.

  • OpenAI — receives your intake inputs to generate the brand book.
  • Supabase — stores your account, brand data, and authentication state.
  • Gumroad — processes payments. Acts as Merchant of Record. They handle your billing information directly.
  • Resend — sends transactional emails (sign-in links, purchase confirmations).
  • Vercel — hosts the application infrastructure.
  • Google — receives your email and basic profile if you use Google sign-in.

We do not sell or rent personal information to advertisers or data brokers.

6. Cookies and similar technologies

We use the minimum cookies needed to operate:

  • Session cookies set by Supabase Auth to keep you signed in.
  • localStorage used to persist a draft of your intake form so you don’t lose progress if the page reloads.

We do not use third-party advertising cookies or trackers.

7. How long we keep your data

  • Account + brand books: indefinitely while your account exists, so you can re-access purchases.
  • Webhook and payment records: at least 7 years, for tax and accounting compliance.
  • Funnel analytics: 24 months, then aggregated and anonymized.
  • If you delete your account: we delete your personal information within 30 days, except where retention is legally required (e.g., tax records).

8. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Withdraw consent for processing.
  • Lodge a complaint with a data protection authority.

To exercise any of these rights, email us at the address below. We respond within 30 days.

9. Children

BrandMint AI is not directed to children under 16. We do not knowingly collect data from anyone under 16. If you believe we have, contact us and we will delete the information.

10. Changes to this policy

We may update this policy from time to time. When we do, we’ll update the “Last updated” date at the top. For material changes we’ll notify users by email.

11. Contact

Questions or requests: hello@brandmint.ai.

Also see our Terms of Service.