Privacy Policy for icanwrite.app

Last Updated: June 2, 2025

Welcome to icanwrite.app (the "App"), a co-pilot for writers, operated by Maxim Kotin from Berlin, Germany. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. We operate under German and European Union (EU) data protection laws, including the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to3 have accepted the changes in any revised Privacy Policy by your continued use of the App after the date such revised Privacy Policy is posted.

1. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the App includes:

  • Personal Data:5 When you register with the App, we collect personal information, such as your email address, and any other information you voluntarily provide. This information is processed and stored using Supabase authentication services.
  • Document Data: We collect and store the documents you create and edit within the App. Please be aware and acknowledge that these documents are stored unencrypted in our Supabase database. Due to this lack of encryption, the Service is NOT INTENDED AND MUST NOT BE USED FOR STORING HIGHLY SENSITIVE, CONFIDENTIAL, PERSONAL, OR LEGALLY PROTECTED INFORMATION (e.g., financial data, health records, intimate personal details, trade secrets, or any information that could cause significant harm if exposed). You should be mindful of the information you store in this manner. Given the sensitivity of personal data and the requirements under GDPR for data security (Art. 32 GDPR), we strongly advise against storing any information you would not be comfortable sharing publicly or having potentially exposed.
  • Usage Data: We may automatically collect information about your use of the App, such as the features you use, the pages you view, and the dates and times of your access. This data is primarily for the functioning of essential services like Supabase authentication.

2. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the App to:

  • Create and manage your account.
  • Enable you to create, save, and edit documents.
  • Provide AI-powered writing assistance. When using AI features to improve parts of your texts, the selected text snippets are sent to third-party Large Language Models (LLMs). Crucially, this data is anonymized before being sent, meaning it does not contain any of your personal user data or identifiable information that directly links it back to you.
  • Monitor and analyze usage and trends to improve your experience with the App.
  • Notify you of updates to the App.
  • Respond to your comments and questions and provide customer support.
  • Comply with legal obligations, as required by German and EU law.

3. Data Storage and Security

  • Your account information and documents are stored on Supabase servers.
  • As stated above, documents you create are stored unencrypted. This means the content of your documents is potentially accessible if unauthorized access to the database occurs. This lack of encryption for document content presents a significant risk for sensitive information. THEREFORE, YOU MUST NOT USE THE APP TO STORE SENSITIVE DATA.
  • The App is currently in an experimental beta phase. While we strive to protect your information in line with legal requirements (Art. 32 GDPR) concerning your account data, we cannot guarantee complete security against all threats for your document content due to the lack of encryption, or be liable for any data loss that may occur, particularly due to the beta nature of the service and the unencrypted storage of documents. You use the App acknowledging these fundamental limitations and risks.

4. Third-Party Services

  • Supabase: We use Supabase for user authentication and database services. Supabase has its own privacy policy, and we encourage you to review it. We are responsible for the data you provide to us, which is then processed by Supabase under our direction and in accordance with a data processing agreement where required.
  • Large Language Models (LLMs): When you use the AI features, anonymized portions of your text are sent to various third-party LLM providers to generate suggestions. We do not send your personal data to these LLMs. We endeavor to work with LLM providers who have strong privacy and security practices, but we are not responsible for their individual policies or practices concerning the anonymized data they process.

5. Cookies and Tracking Technologies

We use only essential cookies necessary for the proper functioning of the App, particularly for Supabase authentication to work. These cookies do not track your activity across different websites and are not used for advertising purposes. You can typically remove or reject cookies via your browser settings. However, refusing cookies may affect the availability and functionality of the App.

6. Data Retention

We will retain your personal information and documents for as long as your account is active or as needed to provide you with the App's services. We may also retain and use your information as necessary to comply with our legal obligations (e.g., under German commercial or tax law), resolve disputes, and enforce our agreements. You can request deletion of your account and associated data by contacting us.

7. Your Rights (especially under GDPR)

As a data subject, particularly if you are in the EU/EEA, the General Data Protection Regulation (GDPR) grants you specific rights regarding your personal data. These include:

  • The right to access a copy of your personal information (Art. 15 GDPR).
  • The right to request correction (rectification) of inaccurate personal information (Art. 16 GDPR).
  • The right to request erasure of your personal information ('right to be forgotten') under certain conditions (Art. 17 GDPR).
  • The right to request restriction of processing of your personal information under certain conditions (Art. 18 GDPR).
  • The right to data portability, allowing you to receive your personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller under certain conditions (Art. 20 GDPR).
  • The right to object to processing of your personal information under certain conditions, particularly where processing is based on legitimate interests or for direct marketing purposes (Art. 21 GDPR).
  • The right to withdraw consent at any time where processing is based on your consent (Art. 7(3) GDPR). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, please contact us using the contact information provide below.

8. Children's Privacy

The App is not intended for use by children under the age of 16 unless explicit consent is given or authorized by the holder of parental responsibility over the child, in line with GDPR requirements. We do not knowingly collect personal information from children under this age without such consent. If we become aware that we have collected personal information from a child in violation of applicable law, we will take steps to delete that information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy wish to exercise your data subject rights under GDPR, or have any other inquiries regarding your personal data, please contact us at:
max@icanwrite.app