Privacy Policy — HumanQuill

1. Who We Are

HumanQuill ("HumanQuill", "we", "us", or "our") operates the website at humanquill.com and the related writing enhancement service. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our services.

For privacy inquiries, contact us at privacy@humanquill.com.

2. Information We Collect

Category	What we collect	How we collect it
Account data	Name, email address, profile photo (if via Google), account role	When you register or sign in
Order data	Submitted text content, content type, tone preference, word count, order notes	When you place an order
Payment data	Order amount, currency, payment status, Stripe customer/payment intent ID	When you complete payment (card details handled directly by Stripe — we never see them)
Usage data	Pages visited, browser type, device type, IP address, timestamps	Automatically via cookies and server logs
Communications	Emails and messages you send to us	When you contact support

3. How We Use Your Information

We use your information to:

Create and manage your account
Process and fulfil your orders
Process payments and prevent fraud
Communicate order status, updates, and support responses
Improve our service and diagnose technical issues
Comply with legal obligations
Send transactional emails (order confirmation, delivery notification, receipts)

We do not use your submitted content to train AI models, and we do not sell your data to third parties.

4. Legal Basis for Processing (EEA / UK Users)

Where GDPR applies, we process your data on the following bases:

Contract performance — to deliver the service you paid for
Legitimate interests — to improve our platform and prevent fraud
Legal obligation — to comply with tax, financial, and regulatory requirements
Consent — for optional marketing emails (you can withdraw at any time)

5. Data Storage & Security

Your data is stored in Google Firebase (Firestore and Firebase Auth), hosted on Google Cloud infrastructure in the United States. Google maintains SOC 2 Type II, ISO 27001, and other enterprise security certifications.

All data in transit is encrypted with TLS 1.2+. We apply Firestore security rules to ensure customers can only access their own data. Payment processing is handled entirely by Stripe, which is PCI DSS Level 1 certified.

While we take reasonable precautions, no system is completely secure. We will notify you promptly in the event of a data breach that affects your personal information.

6. Third-Party Services

We share data with the following third parties only as necessary to operate our service:

Google Firebase — authentication, database, and hosting
Stripe — payment processing (see Stripe's Privacy Policy)
Google Analytics — anonymous usage analytics (can be opted out via browser extension)

We do not sell, rent, or trade your personal data with any other third party for marketing purposes.

7. Content Confidentiality

All content you submit as part of an order is treated as strictly confidential. Writers assigned to your order are bound by confidentiality obligations. We do not publish, share, or otherwise disclose your submitted or delivered content to any party other than your assigned writer and relevant HumanQuill staff.

8. Data Retention

We retain your account and order data for as long as your account is active and for up to 3 years after account closure, to comply with tax and financial regulations. You may request earlier deletion — see Section 10 for your rights.

9. Cookies

We use essential cookies to keep you signed in. We also use analytics cookies (Google Analytics) to understand how visitors use our site. You can disable non-essential cookies in your browser settings or via a consent manager. Essential cookies cannot be disabled without impacting your ability to use the service.

10. Your Rights

Depending on your location, you may have the right to:

Access — request a copy of your personal data
Rectification — correct inaccurate data (editable from your Profile page)
Erasure — request deletion of your account and data (available from Profile → Danger Zone, or by emailing us)
Portability — receive your data in a machine-readable format
Objection — object to processing based on legitimate interests
Withdrawal of consent — opt out of marketing emails at any time via the unsubscribe link

To exercise any of these rights, email us at privacy@humanquill.com. We will respond within 30 days.

11. Children's Privacy

HumanQuill is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

12. International Transfers

Your data may be stored and processed in the United States. If you are located in the EEA or UK, this transfer is covered by Google's Standard Contractual Clauses and Stripe's Data Processing Agreement, both of which provide adequate safeguards under GDPR.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated effective date. For material changes, we will also notify you by email.

14. Contact

For any privacy questions or to exercise your rights:
Email: privacy@humanquill.com
Post: HumanQuill, 2035 Sunset Lake Road, Suite B-2, Newark, DE 19702, United States