Privacy Policy

Last Updated: February 2026

1. Introduction

BugBrain ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered testing automation platform ("Service").

2. Information We Collect

2.1 Account Information

  • Name and email address
  • Organization/company name
  • Password (encrypted)
  • Profile picture (optional)
  • Account preferences and settings

2.2 Payment Information

Secure Payment Processing: When you provide payment information (credit/debit card) for a trial or subscription, this information is processed and stored securely by our payment processor, Polar.sh. We store only:

  • Last 4 digits of your card number
  • Card brand (Visa, Mastercard, etc.)
  • Card expiration date
  • Billing history and transaction records

We never store full credit card numbers on our servers. All payment data is encrypted and PCI-DSS compliant.

2.3 Usage Data

  • Test cases you create and execute
  • Test results and screenshots
  • Projects and configurations
  • AI-generated content
  • API usage statistics
  • Feature usage patterns

2.4 Technical Information

  • IP address and device information
  • Browser type and version
  • Operating system
  • Log data and error reports
  • Cookies and similar tracking technologies

3. How We Use Your Information

3.1 Service Provision

  • Create and manage your account
  • Process your subscription and payments
  • Provide customer support
  • Execute test automation services
  • Store and manage your test data

3.2 Billing and Trial Management

  • Process trial sign-ups with payment method authorization
  • Send trial reminder emails (7 days, 3 days, 1 day before trial ends)
  • Automatically charge your payment method when trials convert to paid subscriptions
  • Process recurring subscription payments
  • Send billing notifications and invoices
  • Detect and prevent payment fraud

3.3 Service Improvement

  • Analyze usage patterns to improve features
  • Train and improve AI models (anonymized data only)
  • Monitor service performance and reliability
  • Identify and fix bugs

3.4 Communications

  • Send service-related notifications
  • Send trial and billing reminders
  • Respond to support requests
  • Send product updates and announcements (you can opt-out)

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with trusted third-party service providers who assist in operating our Service:

  • Polar.sh: Payment processing and subscription management
  • AWS: Cloud infrastructure and data storage
  • Anthropic/Google: AI model APIs for test generation
  • Email Service: Transactional and notification emails

These providers are contractually obligated to protect your data and use it only for the specified purposes.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or abuse
  • Protect user safety

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/SSL) and at rest
  • Secure authentication (bcrypt password hashing, NextAuth)
  • Regular security audits and updates
  • Access controls and role-based permissions
  • PCI-DSS compliant payment processing
  • Automated backup and disaster recovery

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

  • Active Accounts: We retain your data while your account is active
  • Cancelled Subscriptions: Test data preserved for 90 days after cancellation
  • Deleted Accounts: Personal data deleted within 30 days of account deletion
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Usage Logs: Aggregated analytics retained indefinitely (anonymized)

7. Your Rights

7.1 Access and Portability

  • Request a copy of your personal data
  • Export your test data in JSON format
  • Access your billing history and invoices

7.2 Correction and Deletion

  • Update your account information at any time
  • Request deletion of your account and data
  • Correct inaccurate information

7.3 Opt-Out

  • Unsubscribe from marketing emails (trial/billing emails cannot be opted out)
  • Disable certain cookies via browser settings
  • Cancel your subscription at any time

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze usage patterns
  • Improve service performance

You can control cookies through your browser settings, but some features may not work properly if cookies are disabled.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your own. We ensure appropriate safeguards are in place, including:

  • Standard contractual clauses
  • Privacy Shield compliance (where applicable)
  • Encryption and security measures

10. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

  • Email: privacy@bugbrain.tech
  • Website: https://www.bugbrain.tech