Privacy Policy

Alcove AI is built with privacy as a core principle. We collect only what is necessary to provide the Service, we never sell your personal information, and we give you control over your data. This policy explains what we collect, why, and how we protect it.

Information you provide

• Account information — When you sign in with Google, we receive your name, email address, and profile photo. We do not receive or store your Google password.
• Property content — Photos, addresses, property details, and agent information you enter to generate marketing content.
• Payment information — Credit card details are processed directly by Stripe. We never see, store, or have access to your full card number.

Information collected automatically

• Usage data — Pages visited, features used, and generation counts to improve the Service.
• Device information — Browser type, operating system, and screen size for compatibility.

We use your information to:

• Provide, maintain, and improve the Service
• Process your uploaded photos through AI analysis to generate marketing content
• Process payments and manage your credit balance
• Send transactional emails (receipts, account notifications)
• Respond to support requests

We do not use your information for advertising, profiling, or selling to third parties.

When you upload property photos, they are sent to an AI model (OpenAI) for analysis — identifying rooms, features, and composition to generate marketing copy. Important details about this process:

• Photos are transmitted securely via encrypted connections (TLS)
• Photos are processed for the sole purpose of generating your content
• We do not use your photos to train AI models
• OpenAI’s API data usage policy applies to AI processing — per their policy, API inputs and outputs are not used to train their models
• You can delete your photos and generated content at any time

If you connect a Gmail or Outlook account for email sending, we store an OAuth token that grants permission to send emails on your behalf. We:

• Only request the minimum scope needed (send permission)
• Never read, scan, or access your inbox
• Store tokens encrypted in our database
• Allow you to disconnect your email account at any time, which revokes access

If you use SMTP settings, your SMTP credentials are stored securely and used solely to send emails you initiate.

We take the security of your data seriously:

• All data in transit is encrypted with TLS
• Database hosted on Supabase with encryption at rest
• Photos stored in AWS S3 with access controls
• Payment processing handled entirely by Stripe (PCI-DSS compliant)
• Authentication via Google OAuth — we never handle passwords
• Internal API communication secured with shared secret keys

We use the following third-party services, each with their own privacy policies:

• Google OAuth — Authentication
• Stripe — Payment processing
• OpenAI — AI photo analysis and copy generation
• AWS S3 — Photo storage
• Supabase — Database hosting
• Resend — Transactional email delivery
• Railway — Application hosting

We do not share your personal information with any party not listed above, and each service receives only the minimum data required.

• Account data is retained while your account is active
• Uploaded photos and generated content are retained until you delete them
• Payment records are retained as required for tax and legal compliance
• If you delete your account, we will remove your personal data within 30 days, except where retention is required by law

You have the right to:

• Access your personal data
• Delete your account, photos, and generated content
• Export your generated content (stories, emails, brochures)
• Disconnect linked email accounts at any time
• Object to processing — contact us to discuss

To exercise any of these rights, contact us at support@alcove-ai.com.

We use only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

The Service is not intended for users under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify users of material changes via email or in-app notice. Continued use after changes constitutes acceptance.

Questions or concerns about your privacy? Contact us at support@alcove-ai.com.