Privacy Policy

We collect only what we need to run the service:

• Account data: your email address, name, and authentication identifiers provided through Clerk (our authentication provider).
• Billing data: processed and stored by Stripe. We receive your customer ID and subscription status; we never see or store your payment card details.
• HubSpot OAuth tokens: encrypted access and refresh tokens granted when you connect your HubSpot portal. We use these only to read page content and deploy schema markup on your behalf.
• Page content: HTML, metadata, and structured data we read from your HubSpot pages to generate schema markup. This content is processed by our AI provider (Anthropic) at the moment of analysis.
• Generated schemas: the JSON-LD we create for your pages, stored so you can edit and re-deploy them later.
• Usage data: anonymized logs (request timestamps, feature usage, error traces via Sentry) used to operate and improve the service.

• Provide and operate the SchemaGenerator service.
• Generate, store, and deploy schema markup to your HubSpot pages.
• Process payments and manage your subscription.
• Respond to support requests.
• Detect abuse, debug errors, and improve reliability.

We do not sell your data, use it to train AI models, or share it for advertising.

We rely on the following subprocessors to run SchemaGenerator:

• Clerk — authentication.
• Supabase — database and file storage.
• Stripe — payments and subscription billing.
• Anthropic (Claude API) — AI analysis and schema generation. Anthropic does not retain inputs or outputs for training.
• HubSpot — OAuth integration and CMS API access.
• Sentry — error monitoring.
• Vercel — hosting and edge delivery.

We keep your account, schemas, and usage data for as long as your account is active. You can delete your data at any time by disconnecting your HubSpot portal, removing generated schemas, or deleting your account. Once deleted, data is purged from our active systems within 30 days; backups are retained for up to 90 days.

When you connect HubSpot, you grant SchemaGenerator permission to read page content and update the page’s headHTML. You can revoke this permission at any time from your HubSpot account → Connected Apps, or from within SchemaGenerator under Project Settings. Revoking access immediately stops all further reads and writes.

Depending on where you live (GDPR, CCPA, or similar), you have the right to access, correct, export, or delete your personal data, and to object to processing. Email privacy@schemagenerator.ai with any request. We respond within 30 days.

Data is encrypted in transit (TLS) and at rest. HubSpot OAuth tokens are encrypted in the database with a key stored in our server environment. Access to production systems is limited to the MS Themes, Inc engineering team and audited.

We’ll post material changes to this policy on this page and update the “Last updated” date. For significant changes that affect how we process your data, we’ll email the address on your account.

Questions about this policy or your data? privacy@schemagenerator.ai.