Privacy Policy

Effective Date: June 1, 2026

Last Updated: May 28, 2026

1. Introduction

WebWright LLC, a Delaware limited liability company owned by RevivifAI Inc. ("we," "our," or "us"), operates the WebWright API platform and related services (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

1.1 Scope

This Privacy Policy applies to all users of the WebWright API platform, including developers, businesses, and individuals who access or use our services through our website, API, or other interfaces.

1.2 Controller

WebWright LLC is the data controller for personal information collected through the Service. For purposes of the California Consumer Privacy Act (CCPA), WebWright LLC is the "business" that collects and processes your personal information.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (stored as a cryptographic hash)
  • Account preferences and settings
  • API keys and authentication credentials
  • Payment information (processed by our payment processor, Finix)

2.2 Usage Information

We collect information about your use of the Service, including:

  • API requests and responses (metadata only, not content)
  • Token consumption and usage patterns
  • Account tier and subscription status
  • Error logs and debugging information
  • Timestamps and request frequency
  • IP addresses and device information

2.3 Error Information

We log error information that occurs during API requests to improve our services. This includes error types, timestamps, and technical details necessary for debugging. We do not log or store the content of your API requests or responses.

2.4 Payment Information

Payment processing is handled by Finix, our third-party payment processor. We do not directly collect or store your credit card numbers, bank account details, or other payment credentials. Finix collects and processes this information in accordance with their own privacy policy and applicable payment card industry (PCI) standards.

2.5 Information We Do NOT Collect

We explicitly do NOT collect or store:

  • The content of your API prompts (Input)
  • The content of API responses (Output)
  • Chat history or conversation logs
  • Training data derived from your usage

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

  • Creating and managing your account
  • Authenticating your API requests
  • Processing payments and managing subscriptions
  • Tracking token usage and calculating charges
  • Providing customer support

3.2 Service Improvement

  • Analyzing usage patterns to improve service quality
  • Debugging and resolving technical issues
  • Developing new features and capabilities
  • Conducting security and fraud prevention

3.3 Communication

  • Sending service-related notifications
  • Responding to your inquiries and support requests
  • Providing updates about policy changes

3.4 Legal Compliance

  • Complying with legal obligations
  • Responding to lawful requests from public authorities
  • Enforcing our Terms and Conditions
  • Protecting our rights and the rights of others

4. AI Training and Data Usage

4.1 No Training on Your Data

We do not use your Input, Output, or any content from your API requests to train our AI models. Your data is processed solely to provide the Service to you and is not retained for model training purposes.

4.2 No Chat Recording

We do not record, store, or retain the content of your API conversations. Your prompts and the AI-generated responses are processed in real-time and are not persisted to our databases for later use.

4.3 Error Logging

We may log error information (such as error codes, timestamps, and request metadata) to diagnose and fix technical issues. This error information does not include the content of your prompts or responses.

4.4 Upstream Processing

Your API requests are processed by our upstream AI infrastructure. While we do not store your content, the upstream provider may temporarily process your requests to generate responses. We recommend reviewing the privacy policies of any upstream providers for details on their data handling practices.

5. Information Sharing

We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Finix - Payment processing
  • Upstream AI providers - Processing API requests
  • Cloud infrastructure providers
  • Analytics and monitoring services

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

5.2 Legal Requirements

We may disclose your information if required by law, regulation, or legal process, including:

  • Court orders, subpoenas, or warrants
  • Law enforcement requests
  • Regulatory investigations
  • To protect our rights, property, or safety

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.

5.4 With Your Consent

We may share your information with your consent or at your direction, such as when you authorize a third-party integration.

5.5 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We do not share your data with advertisers for targeted advertising.

6. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). This section describes your CCPA rights and how to exercise them.

6.1 Right to Know

You have the right to request disclosure of what personal information we have collected about you in the past 12 months, including:

  • Categories of personal information collected
  • Specific pieces of personal information
  • Categories of sources from which we collected information
  • Business or commercial purposes for collecting information
  • Categories of third parties with whom we share information

6.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions. We will delete your information within 45 days of receiving a verifiable request, unless retention is required for:

  • Completing a transaction or providing a service
  • Detecting security incidents or fraud
  • Debugging and repairing errors
  • Complying with legal obligations
  • Exercising free speech rights

6.3 Right to Correct

You have the right to request correction of inaccurate personal information. We will correct your information upon verification of your identity and the inaccuracy.

6.4 Right to Opt-Out of Sale

We do not sell personal information. Therefore, this right does not apply to our practices. However, you may still request that we not share your information for cross-context behavioral advertising, which we also do not engage in.

6.5 Right to Limit Use of Sensitive Information

You have the right to limit our use and disclosure of your sensitive personal information. We do not collect or use sensitive personal information beyond what is necessary to provide the Service.

6.6 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights. This means we will not deny service, charge different prices, or provide different quality of service because you exercised your privacy rights.

6.7 How to Exercise Your Rights

To exercise your CCPA rights, please contact us at:

We will verify your identity before processing your request. We may request additional information to confirm your identity. You may also authorize an agent to submit requests on your behalf.

6.8 Response Timeline

We will respond to your request within 45 days. If we need more time, we will notify you of the extension and the reason for the delay.

7. Data Retention

7.1 Account Information

We retain your account information for as long as your account is active. After account deletion, we retain certain information for up to 90 days to comply with legal obligations and resolve any outstanding issues.

7.2 Usage Data

We retain usage data (token counts, request metadata) for billing and analytics purposes for up to 3 years, or as required by law.

7.3 Error Logs

Error logs are retained for up to 90 days for debugging and security purposes, then permanently deleted.

7.4 Payment Records

Payment records are retained as required by applicable tax and accounting laws, typically 7 years.

7.5 Data Deletion Requests

You may request deletion of your personal information at any time by contacting us at privacy@webwright.ai. We will process your request in accordance with applicable law.

8. Security

8.1 Security Measures

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest
  • Secure password hashing (Argon2)
  • Access controls and authentication
  • Regular security audits and monitoring
  • Secure API key management

8.2 API Key Security

Your API keys are stored as cryptographic hashes. We cannot retrieve your original API key after it has been issued. If you lose your API key, you must generate a new one.

8.3 No Guarantee

While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

8.4 Incident Response

In the event of a data breach, we will notify affected users in accordance with applicable law, including providing details about the breach and steps you can take to protect yourself.

9. Cookies and Tracking

9.1 Cookies

We use essential cookies and similar technologies to operate our website and maintain your session. These cookies are necessary for the Service to function and do not require your consent.

9.2 Analytics

We may use analytics services to understand how users interact with our website. These services may collect anonymous usage data, but do not track individual users across sessions.

9.3 Third-Party Tracking

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to review their privacy policies.

9.4 Do Not Track

We currently do not respond to "Do Not Track" signals in your browser settings. However, we do not engage in cross-site tracking or behavioral advertising.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will promptly delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@webwright.ai.

11. International Users

11.1 Data Location

Our servers are located in the United States. If you are accessing the Service from outside the United States, please be aware that your information will be transferred to and processed in the United States.

11.2 GDPR Compliance

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation (GDPR). Please contact us at privacy@webwright.ai to exercise your GDPR rights.

11.3 Data Transfers

For users outside the United States, we implement appropriate safeguards for international data transfers, including standard contractual clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days' notice via email to your registered email address or through the Service before the changes take effect.

We encourage you to review this Privacy Policy periodically. The "Last Updated" date at the top of this document indicates when the most recent changes were made. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

WebWright LLC

a subsidiary of RevivifAI Inc.

Email: privacy@webwright.ai

Web: https://webwright.ai

For CCPA requests, please include "CCPA Request" in the subject line. For general privacy inquiries, include "Privacy Inquiry" in the subject line.