Privacy Policy

Seedthink (“Seedthink”, “we”, “us”) operates the Seedthink.ai platform, including the public website, the Seed chat experience, the Seed API and Planted Seed API, and the user dashboard. Seedthink is the data controller for personal data processed through these services.

Contact: privacy@seedthink.ai

We only collect data we need to run the service.

• Account data: email address, display name, and authentication identifiers (including Google OAuth subject IDs where you sign in with Google).
• Content you create: chat messages, prompts, uploaded images, memory facts, notes, and other content you submit to your Seed instance.
• Seed corpus and embeddings: vector representations and structured memory derived from your content so your Seed can recall and reason over it.
• API usage: requests to the Seed API and Planted Seed API, including the API key used, timestamps, token counts, and response metadata.
• Billing data: subscription tier, invoices, and the customer ID returned by our payment processor. Full card numbers are processed by Stripe and are never stored on Seedthink servers.
• Technical data: IP address, user agent, device type, and diagnostic / error telemetry needed to keep the platform secure and reliable.
• Cookies & local storage: session tokens and UI preferences. See our Cookie Policy.

• Provide the core service — chat, memory, search, image learning, and the Seed APIs.
• Train your own private Seed instance (your content is not used to train third-party foundation models).
• Operate authentication, sessions, and access control.
• Bill subscriptions and meter API usage.
• Detect, prevent, and investigate abuse, fraud, and security incidents.
• Improve the platform through aggregate, de-identified analytics.
• Respond to support requests and legal obligations.

Seedthink routes model inference (chat completions, embeddings, image understanding, transcription) through the Lovable AI Gateway and underlying model providers. Your prompts and content are processed solely to generate the response you requested and to maintain your Seed’s memory. We do not sell your content and we do not authorise third-party providers to use it to train their foundation models.

• Contract: to provide the account, Seed, and API features you signed up for.
• Legitimate interests: securing the platform, preventing abuse, improving the product.
• Consent: optional cookies and any marketing email — you can withdraw consent at any time.
• Legal obligation: tax records, lawful requests from authorities.

We rely on a small set of vetted infrastructure providers:

• Lovable Cloud (database, authentication, storage, row-level security).
• Lovable AI Gateway and its model providers (chat, embeddings, image, transcription).
• Stripe (subscription billing and payment processing).
• Cloudflare (edge runtime, DNS, DDoS protection).
• Email delivery providers used for authentication and transactional messages.

Each sub-processor only receives the minimum data needed for its function and is bound by a data processing agreement.

We keep your account data and Seed content for as long as your account is active. When you delete your account or specific Seed content, the records are removed from production systems immediately and from encrypted backups within 30 days. Aggregate, de-identified analytics may be retained beyond that.

Depending on your jurisdiction (including GDPR and CCPA), you have the right to access, correct, export, restrict, or delete your personal data, and to object to certain processing. Most of these actions are available directly in the dashboard; for anything else, email privacy@seedthink.ai and we will respond within 30 days.

Seedthink uses row-level security on every user-facing table, TLS in transit, encryption at rest at the storage layer, and scoped API keys you can rotate or revoke at any time. No system is perfectly secure, so we also publish a responsible disclosure address — email security@seedthink.ai for vulnerability reports.

Our infrastructure runs on global edge networks, which means your data may be processed outside your country of residence. Where required, transfers are protected by Standard Contractual Clauses or an equivalent safeguard.

Seedthink is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided data to us, contact us and we will delete it.

We may update this policy as the platform evolves. Material changes will be announced in the app or by email before they take effect. The “Last updated” date at the top of this page always reflects the most recent revision.