Skip to content

Privacy Policy

Last updated: April 2026

Plain-English summary

FictionOS stores your account and project data so the app can work. You bring your own OpenRouter key for generation; that key is encrypted before storage. We do not sell your private manuscripts or use private projects as a training dataset. OpenRouter, model providers, Supabase, and Stripe each have their own policies.

1. Information We Collect

We collect the following information when you use FictionOS:

  • Account information: Email address, display name
  • Content: Novels, premises, and settings you create
  • Usage data: Generation statistics, model usage, feature engagement
  • Payment data: Processed by Stripe; we do not store credit card numbers

2. How We Use Your Information

  • To provide and improve the Service
  • To process payments and manage your account
  • To send service-related notifications (novel completion, account updates)
  • To send marketing communications (only with your consent)

3. Your Content

Your generated novels and creative content are stored in our database so the Service can display, revise, export, and recover your work. FictionOS does not use private projects as a training dataset. Your content belongs to you, subject to provider and platform terms.

4. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication
  • OpenRouter: AI model routing (your prompts are sent to AI providers)
  • Stripe: Payment processing

When you use BYOK mode, your API key is encrypted before storage and only decrypted server-side when making API calls on your behalf.

5. Data Retention

Your data is retained for as long as your account is active. You may delete your account and all associated data at any time from the Settings page.

6. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

7. Your Rights

You have the right to:

  • Access your personal data
  • Request deletion of your data
  • Export your content
  • Opt out of marketing communications

8. Security

We implement practical security measures including TLS, encrypted API-key storage, and account-scoped database access. No online service can promise absolute security, so export important work and keep your account credentials private.

9. Contact

For privacy-related questions, contact us via the Help page.