Skip to main content

Privacy Policy

Last updated: February 2026

Introduction

At Wrytze (“we”, “our”, or “us”), we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your data when you use our AI-powered blog content management platform.

Wrytze helps content creators and agencies generate, edit, approve, and publish blog content at scale. This policy covers all aspects of how your data is handled across our dashboard, public API, and related services. By using Wrytze, you agree to the practices described in this policy.

Information We Collect

We collect the following types of information to provide and improve our services:

Account Information

We use OAuth-only authentication through Google and GitHub. When you sign in, we receive your name, email address, and profile photo from your chosen provider. We do not collect or store passwords.

Organization and Team Data

When you create or join an organization, we store organization names, team member roles (owner, admin, editor, reviewer, viewer), and invitation records.

Website Data

We store the URLs you provide for brand profile generation. Our platform crawls publicly accessible pages on your website to analyze your brand voice, tone, and content style. This information is used to generate content that aligns with your brand identity.

Content Data

We store the blog posts, topics, categories, and tags you create or generate using our platform. This includes AI-generated drafts, editor revisions, approval comments, and published content.

Payment Information

Payments are processed entirely by Dodo Payments, our third-party billing provider. We do not store credit card numbers, bank account details, or other payment credentials on our servers. We only retain subscription status and usage records for billing purposes.

API Usage Data

If you use the Wrytze REST API, we log API request metadata (endpoint, timestamp, response status) for monitoring and rate limiting. API keys are hashed with SHA-256 before storage; plaintext keys are never stored after initial creation.

Automatically Collected Data

When you access our platform, we automatically collect device information, browser type, IP address, usage patterns, and essential cookies required for authentication and session management.

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, maintain, and improve our services — including the dashboard, blog editor, approval workflows, scheduling, and publishing features.
  • Generate AI content — we send prompts, context, and brand profile data to OpenAI and Anthropic APIs to power our three-phase blog generation process (research, writing, and media).
  • Analyze your website content — we crawl publicly accessible pages on URLs you provide to build brand profiles that guide content generation.
  • Send transactional emails — including account notifications, team invitations, approval requests, publishing confirmations, and deadline reminders via ZeptoMail.
  • Process payments and manage subscriptions — through our integration with Dodo Payments.
  • Monitor service performance and prevent abuse — including API rate limiting, usage tracking, and security monitoring.
  • Respond to support requests — when you contact us with questions or issues.

Third-Party Services

Wrytze integrates with the following third-party services to deliver our platform. Each service receives only the data necessary for its function:

  • Google & GitHub — OAuth authentication. We receive your name, email address, and profile photo during sign-in.
  • OpenAI & Anthropic — AI content generation. We send prompts, writing context, and brand profile data to generate blog content. These providers process your data in accordance with their respective privacy policies.
  • Dodo Payments — Subscription billing and payment processing. Payment details are handled directly by Dodo Payments and never touch our servers.
  • Neon — PostgreSQL database hosting. All application data is stored on Neon with encryption at rest and in transit.
  • Upstash — Redis caching, rate limiting, and message queuing. Used for API response caching, request rate enforcement, and orchestrating background tasks.
  • AWS S3 + CloudFront — Media storage and content delivery. Uploaded images and generated media are stored in S3 with server-side encryption and served through CloudFront CDN.
  • ZeptoMail — Transactional email delivery. We share recipient email addresses and notification content to deliver account and workflow emails.
  • Google Search Console — Optional analytics integration. If you choose to connect your Search Console account, we access search performance data (impressions, clicks, keywords) at your discretion.
  • Vercel — Application hosting and edge network. Our web application is deployed on Vercel's infrastructure.

Data Storage & Security

We implement robust technical and organizational measures to protect your information:

  • All application data is stored in PostgreSQL on Neon with encryption at rest and in transit.
  • Media files are stored in AWS S3 with server-side encryption (SSE-S3).
  • API keys are hashed using SHA-256 before storage. Plaintext keys are shown only once at creation and are never stored or retrievable afterward.
  • All network traffic is encrypted via HTTPS/TLS.
  • Sessions are managed with secure, HTTP-only cookies to prevent cross-site scripting attacks.
  • We conduct regular security reviews and apply updates promptly to address known vulnerabilities.

Data Retention

We retain your data only as long as necessary to provide our services and fulfill the purposes described in this policy:

  • Account data is retained for as long as your account remains active.
  • Content data (blog posts, topics, categories, tags) is retained until you choose to delete it or close your account.
  • API request logs are retained for 90 days for monitoring and debugging purposes.
  • After account deletion, all associated data is permanently purged within 30 days, except where retention is required by applicable law.

Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct any inaccurate or incomplete data.
  • Deletion — request that we delete your personal data and account.
  • Export — receive your data in a portable, machine-readable format.
  • Restriction or objection — restrict or object to certain types of data processing.
  • Withdraw consent — withdraw consent for optional data collection (such as the Google Search Console integration) at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Cookies

We use only essential cookies that are strictly necessary for the operation of our platform:

  • Session management and authentication — secure cookies that maintain your signed-in state across page loads.
  • Theme preference — a cookie to remember your light or dark mode selection.

We do not use third-party advertising cookies, tracking pixels, or analytics cookies. Your browsing activity on Wrytze is not shared with advertisers or data brokers.

Children's Privacy

Wrytze is designed for professionals and is not intended for users under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete that data promptly. If you believe a child has provided us with their data, please contact us at [email protected].

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you through an email to the address associated with your account or via an in-app notification. We encourage you to review this page periodically. Continued use of Wrytze after changes are posted constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your data, please reach out to us:

Email: [email protected]