trust & security
What we collect. What we don't.
A plain-English overview of how GenLP handles your data, your generated content, and your visitors' privacy.
What we collect.
We collect what we need to build, ship, and bill the websites you generate — and nothing else. Each item below ties directly to a feature you use.
- Account
- Name, email, and a hashed password. We never store your password in plaintext.
- Generation input
- The name and link you provide. That's the entire brief.
- Generated content
- The structured profile, written copy, and imagery our pipeline produces from your input. This is your content; you can export it as static HTML at any time.
- Site analytics
- If you publish a site, we record basic page-view and referral source counts. No visitor fingerprints, no cross-site identifiers.
- Billing
- Subscription state and invoice records. Card numbers are handled by Stripe — we never see or store the full number.
What we don't collect.
The research stage reads the public footprint of the link you give us — nothing behind a login, nothing your visitors haven't agreed to share.
- Private content from behind a login.
- Paywalled articles or gated newsletters.
- Communications you don't share with us directly.
- Behavioral profiles of your visitors beyond aggregated, anonymous analytics.
Where data flows.
We use a small set of vendors. Each has a clear role. The full list, including any model providers we add or remove, lives at our /subprocessors page, updated when it changes.
Vendor
Role
Region
Google Cloud
Compute, Firebase authentication, Vertex AI inference
United States
Parallel AI
Deep research provider
United States
Runware
Image generation
European Union
Cloudflare
CDN, DDoS protection
Global
Stripe
Billing and payment processing
United States
How long we keep it.
- Account data
- Retained while your account is active. Deleted within 30 days of account closure.
- Generated sites
- Retained while your site is published. Deleted within 30 days of unpublishing plus account closure.
- Billing records
- Retained for 7 years for tax compliance.
- Audit logs
- Retained for 90 days, then permanently purged.
What you can do.
- Export everything — your generated sites can be exported as static HTML.
- Delete an account at any time.
- Request a data export via /privacy-requests.
- California residents: see /privacy/california-notice.
If something looks wrong.
Spotted an abusive site, a copyright violation, or anything that shouldn't be on a generated GenLP site? Tell us at /abuse and we'll respond within 48 hours.
Report abuse →