Home>Privacy Policy
God of Prompt

Privacy Policy

God of Prompt

LAST UPDATED APRIL 21, 2026

PRIVACY POLICY

Last updated: April 21, 2026

This notice for Robert-Rami Youssef, a sole trader registered in the Czech Trade Licensing Register (Živnostenský rejstřík), IČO: 11844744, DIČ: CZ9805071386 (not a VAT payer / neplátce DPH), with registered place of business at Vysočanská 237/101, 190 00 Praha 9, Czech Republic (“we,” “us,” “our,” or the “Operator”), describes how we collect, use, and share information when you visit https://www.godofprompt.ai/ or use any related products and services (collectively, the “Service”).

“God of Prompt” is a trade name under which the Operator provides the Service. The Operator is the sole data controller for all personal information processed through this Service.

If you do not agree with our practices, please do not use the Service. For questions, contact us at [email protected].

SUMMARY OF KEY POINTS

What personal information do we process? Personal information you provide (such as name, email, billing address, and account data) and information collected automatically (such as IP address, usage data, and cookies).

Do we process sensitive personal information? No.

Do we receive information from third parties? We may receive limited information from social login providers, analytics services, and public sources.

How do we process your information? To provide, improve, and secure the Service, process payments, communicate with you, and comply with law.

Do we sell personal information? No.

What are your rights? EU/UK/Swiss and U.S. state residents have specific rights described below.

1. WHAT INFORMATION DO WE COLLECT?

Information You Provide

  • email addresses
  • names
  • billing addresses
  • usernames and passwords
  • phone numbers (if provided)
  • contact preferences
  • prompts, notes, favorites, and custom content you create in your workspace

Payment data: processed by our third-party payment providers (such as Stripe, PayPal). We do not store full payment card details.

Sensitive information: we do not collect sensitive personal information.

Social login data: if you register using a social account (Google, etc.), we receive basic profile information as permitted by your privacy settings with that provider.

Automatically Collected Information

  • Log and usage data: IP address, device info, browser type, pages viewed, features used, timestamps, error reports
  • Device data: device identifiers, operating system, browser, ISP/mobile carrier, system configuration

Approximate location: country/region derived from IP address. We do not collect precise GPS location.

Information from Third Parties

We may receive limited information from:

  • social media platforms if you interact with us through them
  • analytics and advertising service providers
  • public databases, for business verification purposes only

2. HOW DO WE PROCESS YOUR INFORMATION?

  • Provide the Service: deliver access to prompts, guides, and platform features
  • Account management: authenticate you and manage your account
  • Process payments: complete transactions via payment providers
  • Communicate: send service messages, respond to support requests, and (with consent) marketing communications
  • Improve the Service: analyze usage to improve features (aggregated / anonymized where possible)
  • Security and fraud prevention: protect the Service and users from abuse and fraud
  • Legal compliance: comply with legal obligations, court orders, or lawful requests

3. LEGAL BASES FOR PROCESSING (GDPR)

If you are in the EEA, UK, or Switzerland, we rely on:

  • Contract performance (Art. 6(1)(b)): to deliver the Service you purchased
  • Consent (Art. 6(1)(a)): for marketing and optional cookies
  • Legitimate interests (Art. 6(1)(f)): for service improvement, security, and fraud prevention
  • Legal obligations (Art. 6(1)(c)): where required by law (e.g., tax records)

4. SHARING OF PERSONAL INFORMATION

We share information with:

  • Service providers (processors): hosting, payment processing, email delivery, analytics, customer support — under written data-processing agreements meeting GDPR Article 28 requirements
  • Business transfers: in connection with a sale or transfer of the business or its assets
  • Legal requirements: when required by law, court order, or governmental authority
  • With your consent: in other circumstances with your explicit consent

We do NOT sell personal information and do not share it for cross-context targeted advertising under U.S. state privacy laws.

5. COOKIES AND TRACKING

We use cookies and similar technologies for authentication, preferences, analytics, and (with consent where required) marketing. You can manage cookies via browser settings or our cookie preference manager. We honor the Global Privacy Control (GPC) signal where required by applicable law.

6. SOCIAL LOGINS

If you register using a social login (Google, Apple, etc.), we receive the profile information you authorize that provider to share. We are not responsible for the social provider's practices. Your use of that account is governed by its own terms.

INTERNATIONAL DATA TRANSFERS

The Service is hosted in the European Union, with U.S. infrastructure used by certain service providers (such as analytics, email, and cloud hosting). If you access the Service from outside your country of residence, your personal information may be transferred to, stored, and processed in countries other than your own, including countries that may not have the same level of data protection as your home jurisdiction.

For transfers of personal data originating in the European Economic Area (EEA), the United Kingdom, or Switzerland to countries that have not received an adequacy decision from the European Commission (including the United States, in certain cases), we rely on appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission (Module 2 or Module 3 as applicable)
  • The EU-U.S. Data Privacy Framework, where the relevant U.S. service provider is self-certified
  • Your explicit consent for specific transfers, where appropriate

By using the Service, U.S. residents acknowledge that their data may also be transferred to and processed in the Czech Republic and other countries within the European Economic Area.

8. DATA RETENTION

We retain personal information only as long as necessary for the purposes it was collected, typically:

  • Account data: while your account is active, plus up to 3 years after closure for legal/accounting purposes
  • Transaction records: as required by Czech tax and accounting law (currently 10 years for invoices)
  • Usage analytics: anonymized data retained up to 24 months
  • Marketing lists: until you unsubscribe

9. DATA SECURITY

We implement technical and organizational measures under Article 32 GDPR, including encryption in transit, access controls, and secure hosting. No method is 100% secure; we cannot guarantee absolute protection.

10. DATA BREACH NOTIFICATION

In the event of a breach likely to result in high risk to your rights, we will notify you and the Czech Office for Personal Data Protection (Úřad pro ochranu osobních údajů, ÚOOÚ) in accordance with Articles 33–34 GDPR. For U.S. users, we will provide notice as required by applicable state laws.

11. CHILDREN'S PRIVACY

The Service is not directed to children under 13 (or 15 in the Czech Republic for Article 8 GDPR purposes). We do not knowingly collect data from children under these ages without verified parental consent. See the COPPA section under U.S. State Privacy Rights.

12. EU/UK/SWISS PRIVACY RIGHTS

Under the GDPR, UK GDPR, and Swiss FADP, you have the right to:

  • access your personal data (Art. 15)
  • rectify inaccuracies (Art. 16)
  • request erasure (Art. 17)
  • restrict processing (Art. 18)
  • receive data in a portable format (Art. 20)
  • object to processing (Art. 21)
  • not be subject to automated decisions with legal effects (Art. 22)
  • withdraw consent at any time
  • lodge a complaint with the Czech Office for Personal Data Protection (ÚOOÚ, Pplk. Sochora 27, 170 00 Praha 7, www.uoou.cz) or your EU Member State supervisory authority

To exercise these rights, email [email protected]. We respond within one month, extendable by two months for complex requests.

U.S. STATE PRIVACY RIGHTS

We offer the Service to residents of the United States. Depending on the state in which you reside, you may have additional privacy rights under applicable U.S. state privacy laws. As of the effective date of this notice, comprehensive state privacy laws have been enacted in California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Tennessee, Nebraska, Maryland, Minnesota, Rhode Island, Indiana, and Kentucky, among others.

Rights Available to U.S. State Residents (Where Applicable)

Subject to the thresholds and exemptions of each state's law, you may have the right to:

  • Know / Access: confirm whether we process your personal information and request a copy
  • Correct: request correction of inaccurate personal information
  • Delete: request deletion of personal information we have collected from you
  • Portability: receive a copy of your personal information in a portable, readable format
  • Opt-Out of Sale/Sharing: opt out of the “sale” or “sharing” of personal information (we do not sell or share personal information as those terms are defined under U.S. state privacy laws)
  • Opt-Out of Targeted Advertising: opt out of processing for targeted advertising
  • Opt-Out of Profiling: opt out of profiling in furtherance of decisions that produce legal or similarly significant effects (we do not engage in such profiling)
  • Limit Use of Sensitive Information: restrict use of sensitive personal information (we do not process sensitive personal information as defined by applicable state laws)
  • Non-Discrimination: not be discriminated against for exercising these rights
  • Appeal: in states that provide an appeal right (e.g., Virginia, Colorado, Connecticut), appeal our decision on your request

California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”), provides you with the rights described above and the following additional rights:

Shine the Light: under California Civil Code § 1798.83, request information about categories of personal information disclosed to third parties for direct marketing purposes (we do not disclose personal information for third-party direct marketing)

Minors: California residents under 18 with a registered account may request removal of content they publicly posted

Categories of personal information collected in the past 12 months: identifiers (email, name), commercial information (subscription status), Internet activity (usage data), geolocation (approximate, derived from IP), and inferences drawn from the above. We do not collect biometric, audio/visual, education, or employment data. We have not sold or shared personal information as defined by the CCPA in the preceding 12 months.

Categories of sensitive personal information: none.

Retention: we retain personal information for as long as necessary for the purposes disclosed in this notice, typically not exceeding 24 months after your last use of the Service, unless a longer period is required by law.

To submit a CCPA request, email [email protected]. You may designate an authorized agent; we may require written proof of authorization. We will respond within 45 days, with one 45-day extension if necessary.

Virginia Residents (VCDPA)

Under the Virginia Consumer Data Protection Act, Virginia residents have the rights listed above. We do not sell personal data, conduct targeted advertising based on cross-context tracking, or engage in profiling that produces legal or similarly significant effects. We will respond within 45 days (extendable once by 45 days for complex requests). You have the right to appeal a denied request; submit appeals by email to the address below. If we deny your appeal, you may contact the Virginia Attorney General at oag.state.va.us.

Other States (CPA, CTDPA, UCPA, TDPSA, and Comparable Laws)

Residents of Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Tennessee, Nebraska, Maryland, Minnesota, Rhode Island, Indiana, Kentucky, and any other state with a comprehensive privacy law in effect may exercise equivalent rights under their state's law. We will honor validly submitted requests in accordance with the applicable state law's timing, verification, and appeal procedures. For Colorado and Connecticut residents, we honor universal opt-out mechanisms (such as the Global Privacy Control signal) where technically feasible.

Children's Privacy (COPPA)

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13 in compliance with the U.S. Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq. If we learn we have collected personal information from a child under 13 without verified parental consent, we will delete it promptly. Parents who believe their child has provided personal information may contact us at [email protected] to request deletion.

How to Exercise U.S. Privacy Rights

To exercise any of the rights described in this section:

  • Email us at [email protected] with the subject line “Privacy Rights Request” and specify the state you reside in and the right you are exercising
  • Provide enough information to verify your identity (we will request additional information if needed; we will not use it for any other purpose)

We will not discriminate against you for exercising any privacy right.

MARKETING COMMUNICATIONS

You can opt out of marketing at any time by clicking unsubscribe in our emails or contacting us. We may still send service-related messages necessary for account administration.

DO-NOT-TRACK

We honor the Global Privacy Control (GPC) signal. No uniform DNT standard exists, but we treat GPC as a valid opt-out signal for sale/sharing under U.S. state privacy laws, where applicable.

CHANGES TO THIS NOTICE

We may update this notice. Material changes will be posted with an updated “Last updated” date, and where appropriate, direct notification by email.

CONTACT

Robert-Rami Youssef

Vysočanská 237/101, 190 00 Praha 9, Czech Republic

IČO: 11844744

  • DIČ: CZ9805071386 (not a VAT payer / neplátce DPH)
  • Registered in the Czech Trade Licensing Register (Živnostenský rejstřík)
  • Email: [email protected]
  • For privacy inquiries: [email protected]

HOW TO REVIEW, UPDATE, OR DELETE YOUR DATA

You can access and update account information through your account settings, export your data, or request deletion by emailing [email protected]. We respond in accordance with applicable law.

© 2026 Robert-Rami Youssef. All rights reserved.