Privacy Policy

Welcome to iJen ("iJen," "we," "us," or "our"), operated by Asmal Digital. This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you access or use our website at ijen.ai (the "Site") and our AI-powered marketing strategy generation platform (the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this Privacy Policy, you must not access or use the Service.

This Privacy Policy applies to all visitors, users, and others who access or use the Service ("Users").

1. Information We Collect

1.1 Personal Information You Provide

When you create an account or use the Service, we may collect the following personal information directly from you:

• Account Information: Your name, email address, and password (or authentication credentials if you sign up via Google OAuth).
• Business Profile Information: Business name, industry, website URL, business description, target audience details, audience pain points, audience goals, unique selling proposition (USP), key differentiators, social media profile URLs (LinkedIn, Instagram, Facebook, TikTok, Twitter/X, YouTube), competitor information (names, websites, social handles, notes), team size, team capacity, content production frequency, business model, revenue range, current marketing activities, marketing budget, and primary business goals.
• Payment Information: When you purchase a strategy, your payment is processed entirely by Stripe, our third-party payment processor. We do not receive, store, or process your credit card numbers, bank account details, or other sensitive financial information on our servers. We receive only a confirmation of payment, your Stripe customer ID, and basic transaction metadata (amount, date, status).
• Communications: Any information you provide when you contact us for support, submit feedback, or communicate with us through any channel.

1.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

• Device and Browser Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
• Usage Data: Pages visited, features used, time spent on pages, click patterns, referring URLs, and navigation paths through the Service.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain your session, remember your preferences, and collect analytics data. See Section 9 for more details.
• Log Data: Server logs that record your interactions with the Service, including request timestamps, request URLs, HTTP status codes, and error information.

1.3 Information Generated Through the Service

When you use the Service to generate marketing strategies, we create and store:

• Research Data: Information gathered through our research pipeline on your behalf, including market research results, competitor analysis data, and industry trend information.
• Generated Strategies: The AI-generated marketing strategy documents, including all chapters, executive briefs, roadmaps, and associated metadata (word count, processing duration, generation costs).
• Generated Documents: PDF and DOCX versions of your strategies stored in our cloud storage infrastructure.
• User Preferences: Your favorited strategies, ratings, feedback, and interaction history with generated content.

2. How We Collect Information

We collect information through the following methods:

• Account Registration: When you sign up for an iJen account using your email address and password, or through Google OAuth.
• Google OAuth: If you choose to sign up or sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive your Google password.
• Business Profile Forms: When you complete the onboarding wizard or update your business profile through our dashboard.
• Strategy Generation: When you initiate a marketing strategy generation, your business profile data is processed through our research and AI pipeline to produce your strategy.
• Payment Processing: When you make a purchase, payment information is collected and processed directly by Stripe. We receive only transaction confirmations and metadata.
• Automatic Collection: Through cookies, analytics tools, and server logs as described in Section 1.2.
• Customer Support: When you contact us for support or submit feedback through any communication channel.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Operate the Service

• Create and manage your user account.
• Store and maintain your business profile information.
• Generate AI-powered marketing strategies based on your business data.
• Conduct market research and competitor analysis on your behalf using third-party research tools.
• Generate, store, and deliver strategy documents (PDF, DOCX).
• Process payments and manage your purchase history.
• Enforce usage limits and plan entitlements.

3.2 To Communicate With You

• Send transactional emails, including account confirmation, password resets, strategy completion notifications, and generation failure alerts.
• Send purchase receipts and payment-related communications.
• Respond to your support inquiries and feedback.
• Send important service updates and policy change notifications.

3.3 To Improve and Protect the Service

• Analyze usage patterns to improve features, user experience, and overall service quality.
• Monitor for and prevent fraud, abuse, and security threats.
• Debug issues, fix errors, and maintain the technical stability of the Service.
• Conduct aggregate, anonymized analytics to understand how the Service is used.

3.4 To Comply With Legal Obligations

• Comply with applicable laws, regulations, and legal processes.
• Respond to lawful requests from public and government authorities.
• Enforce our Terms of Service and other agreements.
• Protect our rights, privacy, safety, or property, and that of our users or third parties.

4. Third-Party Services and Data Sharing

We share your information with the following categories of third-party service providers strictly as necessary to operate the Service. We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

4.1 Supabase (Authentication, Database, and Storage)

We use Supabase to manage user authentication, store your account data, business profile information, generated strategies, and associated files. Supabase processes and stores your personal information, business data, and generated content on our behalf. Supabase's privacy policy is available at supabase.com/privacy.

4.2 Stripe (Payment Processing)

We use Stripe to process all payments. When you make a purchase, your payment information (credit card number, billing address, and related financial data) is collected and processed directly by Stripe. We never receive, transmit, or store your full payment card details on our servers. We receive only your Stripe customer ID, transaction confirmations, and basic transaction metadata. Stripe's privacy policy is available at stripe.com/privacy.

4.3 Google (OAuth Authentication)

If you choose to sign up or sign in using Google OAuth, we receive your name, email address, and profile picture from Google. We do not receive or store your Google account password. Google's privacy policy is available at policies.google.com/privacy.

4.4 Anthropic / Claude API (AI Content Generation)

We use Anthropic's Claude API as the core AI engine for synthesizing and generating your marketing strategy documents. When a strategy is generated, your business profile data, research data, and contextual information are sent to the Claude API for processing. Anthropic processes this data to generate the strategy content and returns the output to our Service. We recommend reviewing Anthropic's privacy and usage policies at anthropic.com/privacy.

4.5 Perplexity API (Market Research)

We use the Perplexity API to conduct market research, industry analysis, and competitor intelligence as part of the strategy generation pipeline. Queries based on your business profile data (such as your industry, competitor names, and target audience) are sent to Perplexity for research purposes. Perplexity's privacy policy is available at perplexity.ai/privacy.

4.6 Resend (Transactional Email)

We use Resend to send transactional emails, including account confirmations, password resets, strategy completion notifications, and other service-related communications. Your email address and name are shared with Resend for the sole purpose of delivering these emails. Resend's privacy policy is available at resend.com/legal/privacy-policy.

4.7 Vercel (Hosting and Analytics)

We use Vercel to host the Service and for web analytics. Vercel may collect usage data, IP addresses, and performance metrics to provide hosting services and analytics insights. Vercel's privacy policy is available at vercel.com/legal/privacy-policy.

4.8 Other Disclosures

In addition to the service providers listed above, we may disclose your information in the following circumstances:

• Legal Requirements: If required by law, subpoena, court order, or other legal process.
• Protection of Rights: To protect the rights, property, or safety of iJen, our users, or the public.
• Business Transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to a successor entity. We will notify you of any such transfer and the choices you may have regarding your information.
• With Your Consent: We may share your information for any other purpose with your explicit consent.

5. AI-Generated Content

The Service uses artificial intelligence, including large language models and automated research tools, to generate marketing strategies. By using the Service, you acknowledge and agree to the following:

• Data Processing by AI: Your business profile data, including business name, industry, competitors, target audience, and other details you provide, is sent to third-party AI providers (Anthropic and Perplexity) for processing as part of the strategy generation pipeline. This processing is essential to the Service and cannot be performed without transmitting your data to these providers.
• No Guarantee of Accuracy: AI-generated strategies are produced by automated systems and may contain inaccuracies, errors, outdated information, or omissions. The strategies are provided for informational and planning purposes only and should not be relied upon as the sole basis for any business, financial, legal, or operational decisions.
• No Professional Advice: The AI-generated content does not constitute professional marketing, business, financial, legal, or any other form of professional advice. You should consult with qualified professionals before making significant business decisions based on any strategy generated through the Service.
• User Responsibility: You are solely responsible for reviewing, validating, and implementing any strategies generated by the Service. iJen assumes no liability for any actions taken or decisions made based on AI-generated content.
• Content Ownership: Generated strategies are stored in your account and are accessible only to you (and any team members you explicitly authorize, if applicable). We do not use your generated strategies to train AI models or share them with other users.
• Research Data: The research data collected during the strategy generation process (such as publicly available information about your industry and competitors) is stored alongside your strategy for reference and transparency purposes.

6. Data Storage and Security

6.1 Where Your Data Is Stored

Your data is stored on Supabase's cloud infrastructure, which uses Amazon Web Services (AWS) as its underlying infrastructure provider. Generated documents (PDFs and DOCX files) are stored in Supabase Storage. Our application is hosted on Vercel's global edge network.

6.2 Security Measures

We implement reasonable and appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit using TLS/SSL (HTTPS).
• Encryption of data at rest in our database and storage systems.
• Passwords are hashed using industry-standard algorithms and are never stored in plain text.
• Row Level Security (RLS) policies in our database ensure that users can only access their own data.
• Access to production systems and data is restricted to authorized personnel only.
• Authentication tokens and session management follow security best practices.
• API keys and secrets are stored securely in environment variables and are never exposed to client-side code.

6.3 Limitations

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your data. You acknowledge that you provide your personal information at your own risk, and you are responsible for maintaining the confidentiality of your account credentials.

7. Data Retention

7.1 Active Accounts

We retain your personal information, business profile data, generated strategies, and associated files for as long as your account remains active and as needed to provide you with the Service.

7.2 Account Deletion

You may request deletion of your account and associated data at any time by contacting us at support@ijen.ai. Upon receiving a verified deletion request, we will:

• Delete your account and personal information from our active systems within 30 days.
• Delete your business profile, generated strategies, research data, and associated documents.
• Request deletion of your data from our third-party service providers where technically feasible.

Please note that certain information may be retained after deletion in the following circumstances:

• Information required to comply with legal obligations, resolve disputes, or enforce our agreements may be retained for the period required by applicable law.
• Anonymized and aggregated data that can no longer be associated with you may be retained indefinitely for analytics and service improvement purposes.
• Backup copies may persist in our backup systems for a limited period (typically up to 30 additional days) before being permanently overwritten.
• Data that has been processed by third-party AI providers (Anthropic, Perplexity) is subject to those providers' own data retention policies, and we cannot guarantee its deletion from their systems.

7.3 Inactive Accounts

We may delete accounts and associated data that have been inactive for more than 24 months after providing advance notice to the email address on file.

8. Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right of Correction: You have the right to request correction of any inaccurate or incomplete personal information. You can update most of your information directly through your account settings and business profile.
• Right of Deletion: You have the right to request deletion of your personal information, subject to certain exceptions required by law.
• Right to Data Portability: You have the right to request a copy of your data in a structured, commonly used, and machine-readable format.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to Object: You have the right to object to the processing of your personal information in certain circumstances, including processing for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
• Right to Opt Out of Marketing: You can opt out of receiving marketing communications at any time by clicking the unsubscribe link in any marketing email or by contacting us. Note that you cannot opt out of transactional emails that are necessary for the operation of the Service (such as account confirmations, strategy completion notifications, and security alerts).

To exercise any of these rights, please contact us at support@ijen.ai. We will respond to your request within 30 days, or within the timeframe required by applicable law. We may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

9.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to website operators.

9.2 Cookies We Use

We use the following types of cookies:

• Essential/Session Cookies: Required for user authentication, session management, and security. These cookies are necessary for the Service to function and cannot be disabled.
• Functional Cookies: Used to remember your preferences and settings (such as dashboard layout choices) to provide a more personalized experience.
• Analytics Cookies: Used by Vercel Analytics to collect anonymized usage data, including page views, session duration, and navigation patterns. This data helps us understand how the Service is used and how we can improve it.

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. However, if you block essential cookies, you may not be able to use certain features of the Service, including signing in to your account.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age. If we become aware that we have inadvertently collected personal information from a child under 18, we will take reasonable steps to delete such information as promptly as possible.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at support@ijen.ai so that we can take appropriate action.

11. International Data Transfers

iJen is an international SaaS platform. Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

By using the Service, you consent to the transfer of your information to countries outside of your country of residence, including countries that may not provide the same level of data protection as your home country. We take reasonable steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on appropriate legal mechanisms for international data transfers, including Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other lawful transfer mechanisms, where applicable.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Effective Date" and "Last Updated" dates at the top of this page.
• Notify you via email to the address associated with your account at least 14 days before the changes take effect.
• Display a prominent notice within the Service.

Your continued use of the Service after the updated Privacy Policy takes effect constitutes your acceptance of the changes. If you do not agree with the updated Privacy Policy, you must stop using the Service and may request deletion of your account.

13. GDPR Compliance (European Economic Area Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this section provides additional information about your rights and our obligations under the General Data Protection Regulation (GDPR) and equivalent legislation.

13.1 Legal Bases for Processing

We process your personal data on the following legal bases:

• Performance of a Contract: Processing necessary to fulfill our contract with you, including providing the Service, generating marketing strategies, and managing your account (Article 6(1)(b) GDPR).
• Consent: Where you have given explicit consent to the processing of your personal data for specific purposes, such as receiving marketing communications or opting into Google OAuth (Article 6(1)(a) GDPR). You may withdraw your consent at any time.
• Legitimate Interests: Processing necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving the Service, ensuring security, and preventing fraud (Article 6(1)(f) GDPR).
• Legal Obligation: Processing necessary to comply with a legal obligation to which we are subject (Article 6(1)(c) GDPR).

13.2 Your GDPR Rights

In addition to the rights listed in Section 8, EU/EEA users have the right to:

• Lodge a complaint with a supervisory authority in your member state of habitual residence, place of work, or place of the alleged infringement.
• Obtain information about whether your personal data is being transferred outside the EEA and the safeguards applied to such transfers.
• Request that we restrict processing of your personal data while we verify the accuracy of disputed data or assess whether our legitimate interests override your rights.

13.3 Data Protection Officer

For any questions or concerns regarding our data protection practices, you may contact us at support@ijen.ai. We will designate a Data Protection Officer (DPO) if and when required by applicable law, and will update this section accordingly.

14. CCPA Compliance (California Users)

If you are a California resident, this section provides additional information about your rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

14.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

• Identifiers: Name, email address, IP address, account credentials.
• Commercial Information: Purchase history, transaction records.
• Internet or Electronic Network Activity: Browsing history, interaction with the Service, usage data.
• Professional or Employment-Related Information: Business name, industry, team size, and other business profile information you provide.
• Inferences: Information derived from the above categories to create a profile about you, including your content preferences and service usage patterns.

14.2 Your CCPA Rights

As a California resident, you have the following rights:

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business purpose for collecting the information, and the categories of third parties with whom we share the information.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions permitted by law.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt Out of Sale or Sharing: We do not sell your personal information and do not share your personal information for cross-context behavioral advertising purposes. Therefore, there is no need to opt out of such activities.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you the Service, charge you different prices, provide a different quality of service, or suggest that you would receive different treatment for exercising your rights.

14.3 Exercising Your CCPA Rights

To exercise your CCPA rights, please contact us at support@ijen.ai. We will verify your identity before processing your request and will respond within 45 days of receipt. You may also designate an authorized agent to make a request on your behalf.

14.4 Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. We currently do not respond to DNT signals. If a standard for responding to DNT signals is established that we must follow, we will update this section accordingly.

15. Limitation of Liability and Disclaimers

15.1 AI-Generated Content Disclaimer

The marketing strategies and all other content generated by the Service are produced by artificial intelligence systems and automated research tools. While we strive to provide high-quality and useful outputs, we make no representations or warranties, express or implied, regarding the accuracy, completeness, reliability, suitability, or availability of any AI-generated content. Any reliance you place on AI-generated content is strictly at your own risk.

15.2 No Professional Advice

The Service and all content generated through it are provided for general informational and planning purposes only. Nothing in the Service constitutes professional marketing, business, financial, legal, tax, or other professional advice. You should independently verify any information and consult with appropriate professionals before making decisions based on AI-generated strategies.

15.3 Limitation of Liability

To the maximum extent permitted by applicable law, iJen and its officers, directors, employees, agents, affiliates, and licensors shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, revenue, data, or business opportunities, arising out of or related to your use of or inability to use the Service, any AI-generated content, or any data breach, whether based on warranty, contract, tort (including negligence), strict liability, or any other legal theory, even if we have been advised of the possibility of such damages.

In no event shall our total aggregate liability to you for all claims arising out of or related to the Service exceed the amount you have paid to us in the twelve (12) months preceding the event giving rise to the claim, or fifty US dollars ($50), whichever is greater.

15.4 Third-Party Services

We are not responsible for the privacy practices, security measures, or data handling of any third-party service providers listed in this Privacy Policy. Your use of third-party services is governed by their respective privacy policies and terms of service.

15.5 Indemnification

You agree to indemnify, defend, and hold harmless iJen and its officers, directors, employees, agents, affiliates, and licensors from and against any and all claims, damages, obligations, losses, liabilities, costs, or expenses (including reasonable attorneys' fees) arising from: (a) your use of or access to the Service; (b) your violation of this Privacy Policy or any applicable law or regulation; (c) your violation of any third-party rights, including intellectual property rights; or (d) any content you submit, post, or transmit through the Service.

16. Data Processing Consent

By creating an account and using the Service, you expressly consent to the following:

• The collection and processing of your personal information and business data as described in this Privacy Policy.
• The transfer of your business profile data to third-party AI providers (Anthropic and Perplexity) for the purpose of generating marketing strategies.
• The transfer of your business profile data to third-party research tools for the purpose of conducting market research and competitor analysis.
• The storage of your data on cloud infrastructure operated by third-party providers (Supabase, Vercel).
• The processing of your payment information by Stripe.
• The sending of transactional emails through Resend.
• The international transfer of your data as described in Section 11.

You may withdraw your consent at any time by deleting your account or contacting us at support@ijen.ai. Please note that withdrawing consent may prevent us from providing the Service to you, and does not affect the lawfulness of processing carried out before the withdrawal.

17. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions. Any dispute arising out of or relating to this Privacy Policy shall be resolved in the competent courts of the State of Delaware, United States, and you consent to the personal jurisdiction and venue of such courts.

If you are a consumer in the European Union, you may also be entitled to submit disputes to the Online Dispute Resolution (ODR) platform provided by the European Commission at ec.europa.eu/consumers/odr.

18. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

We aim to respond to all inquiries within 5 business days. For data protection and privacy-related requests, we will respond within the timeframes required by applicable law.