GhostPrompt is built on a simple principle: we cannot misuse data we do not have. This policy documents exactly what data exists, where it lives, and who controls it.
Last updated: April 2026
We never receive your document content.
All document parsing, entity detection, and replacement happens on your device. No document text, entity data, replacement manifests, or file contents are ever transmitted to GhostPrompt or any third party. We have built no infrastructure to receive them. This is not a policy choice. It is an architectural fact.
When GhostPrompt validates your license, it sends a minimal payload containing only: an anonymous device fingerprint (a one-way hash of hardware identifiers), your license key ID, and the application version number. Total payload: under 200 bytes. No document content, no usage patterns, no personally identifiable information beyond the license key you purchased.
When you purchase a license, your payment is processed by LemonSqueezy. GhostPrompt receives your email address and license key. Your email is used only to deliver your license key and product updates. We do not sell, share, or use your email for advertising.
If you submit your email via the waitlist or checklist forms on ghostprompt.io, we store your email address and the role category you selected. This data is stored in Netlify Forms and used only to send you the AI Data Safety Checklist and periodic build updates. Unsubscribe at any time by replying to any email.
None.
GhostPrompt does not collect usage analytics, crash reports, feature telemetry, or any behavioral data from within the application. We do not know how often you use GhostPrompt, which features you use, or what types of documents you process.
GhostPrompt stores locally on your device: your license key, your custom entity library, and session replacement manifests. All local data is stored in an encrypted local store. You can delete all local data by uninstalling the application. We have no access to locally stored data.
The personal data we hold about you is limited to your email address and license key. To access, correct, or delete this data email hello@ghostprompt.io. We respond within five business days. This policy is consistent with PIPEDA (Canada) and GDPR (EU).
Privacy questions: hello@ghostprompt.io. We respond within one business day.