churroBack to home

Privacy Policy

Last updated: April 14, 2026

This Privacy Policy describes how Churro (“we”, “us”, “our”) collects, uses, and protects your information when you use our service at trychurro.com.

1. Information We Collect

Account Information

  • Email address
  • Full name
  • Password (encrypted, we never see or store it in plain text)
  • Google account information (if you sign up with Google OAuth)

Website Information

  • Your website URL
  • CMS type and connection credentials (API keys, stored encrypted)
  • Business niche and brand voice preferences
  • Website content (scanned during onboarding to understand your business)

Generated Content Data

  • Articles generated for your account
  • Keywords researched and tracked
  • Sources and citations used in articles
  • Quality scores and editorial review data
  • Publishing history and CMS post IDs

Payment Information

  • Payment processing is handled entirely by Stripe. We never see or store your credit card number.
  • We store your Stripe customer ID and subscription ID for billing management.

Analytics and Usage Data

  • Pages visited and features used within our dashboard
  • Google Search Console data (if you connect GSC — keyword rankings, impressions, clicks)
  • Browser type, device type, and general location (country level)

2. How We Use Your Information

  • To provide the Service: Generate articles, publish to your CMS, track keyword performance
  • To improve content quality: Anonymized, aggregate performance data helps us improve our writing pipeline
  • To communicate with you: Account notifications, weekly progress reports, product updates
  • To process payments: Manage subscriptions and billing
  • To prevent abuse: Detect fraud, enforce terms of service

3. What We Do NOT Do

  • We do not sell your personal information to third parties. Ever.
  • We do not use your generated content to train AI models.
  • We do not share your website data, keywords, or content with other users or competitors.
  • We do not send marketing emails to your customers or website visitors.

4. Data Sharing

We share your information only with:

  • Supabase: Database hosting and authentication (your data is stored in their secure infrastructure)
  • Stripe: Payment processing
  • Your CMS platform: To publish articles (WordPress, Shopify, Wix, Webflow, Ghost)
  • AI model providers: To generate content (article text is processed but not stored by model providers for training)
  • Analytics providers: Anonymized usage data only

5. Data Security

  • All data is encrypted in transit (TLS/HTTPS) and at rest.
  • CMS credentials are encrypted before storage.
  • Access to production data is restricted to essential personnel only.
  • We use Supabase Row Level Security to ensure users can only access their own data.

6. Data Retention

  • Active accounts: Data is retained for the lifetime of your account.
  • Cancelled accounts: Data is retained for 30 days after cancellation, then permanently deleted.
  • Trial cancellations: Data is deleted within 30 days of cancellation.
  • You may request immediate deletion of your data at any time by contacting us.

7. Your Rights

You have the right to:

  • Access your data — view all information we hold about you in your dashboard
  • Export your data — download your articles, keywords, and account data
  • Delete your data — request full deletion of your account and all associated data
  • Correct your data — update inaccurate information in your account settings
  • Opt out of non-essential communications at any time

8. Cookies

We use essential cookies only:

  • Authentication cookies: To keep you logged in (Supabase auth tokens)
  • Session cookies: To maintain your session state
  • We do not use advertising cookies, tracking pixels, or third-party marketing cookies.

9. Children's Privacy

Churro is not intended for use by anyone under 18 years of age. We do not knowingly collect information from children.

10. International Data Transfers

Your data may be processed in countries outside your own. We ensure adequate protection through our service providers' data protection agreements and compliance with applicable regulations.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 30 days before they take effect.

12. Contact

Questions about your privacy? Contact us at privacy@trychurro.com.