Privacy & Cookie policy

Last updated: March 2026

1. Overview

Puddin AI provides software that verifies authorship by analyzing how text is written, not what is written.

In simple terms:

  • We collect basic website analytics

  • If you use software that integrates Puddin, we collect writing process signals such as timing and edits

  • We use this to generate a cryptographic proof of authorship

  • We do not sell your personal data

This policy explains how data is collected, used, and protected.

2. Scope

This Privacy Policy applies to:

  • Visitors to the puddin.ai website

  • Users of products or services that integrate the Puddin SDK

In many cases, Puddin acts as a data processor on behalf of enterprise customers. Those customers determine how the Service is deployed and may provide separate privacy notices.

3. Information We Collect

3.1 Information You Provide

  • Name, email address, and organization

  • Messages or inquiries submitted through forms or email

3.2 Website Data

When you visit puddin.ai, we may collect:

  • IP address and approximate location

  • Device and browser information

  • Pages visited and interaction data

3.3 Cookies and Tracking

We use standard web technologies such as cookies and similar mechanisms to:

  • Maintain site functionality

  • Analyze traffic and usage patterns

You can control cookies through your browser settings.

3.4 Process Data (Core Product Functionality)

When the Puddin SDK is active within a writing environment, we may collect:

  • Timing intervals between inputs

  • Edit sequences including insertions and deletions

  • Paste and input method events

This data reflects the process of writing, not the semantic meaning of text. Puddin does not rely on content analysis to determine authorship.

Note: Depending on how a customer integrates the SDK, text content may transiently pass through systems, but it is not used for authorship inference.

4. Purpose of Processing

We use data to:

  • Provide and operate the Service

  • Generate cryptographic authorship attestations

  • Maintain system integrity and prevent misuse

  • Respond to inquiries and communicate with users

  • Improve performance and reliability

We do not use Process Data for advertising or profiling.

5. Legal Basis

Where applicable, we rely on:

  • Legitimate interest: to provide secure authorship verification and prevent fraud

  • Contractual necessity: when providing services to enterprise customers

  • Consent: where required, such as for optional analytics cookies

6. Data Sharing

We do not sell personal data.

We may share data:

  • With infrastructure providers such as hosting and analytics services

  • With enterprise customers using Puddin under contract

  • When required by law or legal process

  • To protect system security or prevent abuse

All third parties are subject to confidentiality and data protection obligations.

7. Data Retention

  • Website analytics data is typically retained for up to 12 months

  • Contact information is retained as needed to manage communications

  • Process Data is retained in hashed or derived form for verification purposes, subject to contractual requirements

Retention periods may vary based on legal or contractual obligations.

8. Security

We implement safeguards including:

  • Cryptographic hashing and signing of process data

  • Secure transmission protocols

  • Access controls based on least privilege

No system is completely secure. Residual risk exists.

9. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your personal data

  • Correct inaccurate information

  • Request deletion or restriction

  • Object to certain processing

  • Request data portability

To exercise these rights, contact: [Insert Email]

We may need to verify your identity before fulfilling requests.

10. International Transfers

Data may be processed outside your country of residence. Where required, we use safeguards such as standard contractual clauses or equivalent legal mechanisms.

11. Jurisdiction Specific Disclosures

European Economic Area and United Kingdom

You have rights under GDPR, including access, erasure, and objection. You may lodge a complaint with a supervisory authority.

California

Under CCPA or CPRA, you have rights to know, delete, and correct personal information. Puddin does not sell personal data.

Japan

We handle personal information in accordance with the Act on the Protection of Personal Information.

12. Children

The Service is not intended for individuals under 16. We do not knowingly collect data from children.

13. Changes to This Policy

We may update this policy. Changes will be reflected by the effective date. Continued use indicates acceptance.

14. Contact

Email: info@puddin.ao
Company: Puddin AI
Address: 3rd Floor, 2-8-11 Shibata, Kita-ku, Osaka-shi, Osaka, Japan
Website: https://puddin.ai

15. Role Clarification

In most enterprise deployments:

  • The customer is the data controller

  • Puddin is the data processor

We process data only according to customer instructions and contractual agreements.