Privacy Policy

Last updated: 12/12/2025

1. Information We Collect

When you use diagram-generator.com, we collect and process information necessary for providing our service. This includes:

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Profile information from social login providers (if you sign up via Google, GitHub, etc.)
  • Account preferences and settings

1.2 Diagram and Usage Data

  • The text descriptions you provide to generate diagrams
  • Generated diagrams and their accompanying explanations
  • Timestamps of when diagrams are created and accessed
  • Credit usage and subscription history

1.3 Technical Information

  • Basic usage data and analytics to improve our service
  • Browser type, IP address, and device information
  • Session data and authentication tokens

2. User Authentication and Account Management (Clerk)

We use Clerk to manage user authentication, accounts, and sessions. Clerk is a secure, modern authentication platform that handles:

  • User registration and login (email/password and social providers)
  • Session management and security tokens
  • Password recovery and account verification
  • Multi-factor authentication (if enabled)
  • Social login integration (Google, GitHub, etc.)

Data Processed by Clerk:

  • Email address and password (hashed and encrypted)
  • Authentication tokens and session data
  • Social login profile information (name, email, profile picture from OAuth providers)
  • Login history and device information for security purposes
  • IP addresses for fraud prevention

Clerk employs industry-standard security measures including encryption at rest and in transit, SOC 2 Type II compliance, and regular security audits. Your authentication data is processed in accordance with Clerk's privacy practices. For more information, please review Clerk's Privacy Policy.

Important: We do not have access to your password. Clerk stores passwords using secure one-way hashing, meaning your password cannot be retrieved or viewed by anyone, including our team.

3. Artificial Intelligence (AI) Usage

Our service uses AI to generate diagrams based on your text descriptions:

  • Standard Mode: Claude AI by Anthropic for diagram code generation
  • Pro Mode: Nanobanana Pro for enhanced image generation capabilities

When you submit a request, your input is processed by these AI providers to create diagram code, images, and explanations.

Important Notice About AI: AI systems can occasionally produce inaccurate or misleading information (known as "hallucinations"). While we strive to provide accurate diagram generations, the AI may sometimes generate content that is incorrect, incomplete, or not precisely aligned with your intent. We recommend reviewing all generated diagrams for accuracy before using them in critical applications.

Data Shared with AI Providers:

  • Your text prompts and diagram descriptions
  • Context necessary for diagram generation
  • No personal account information is shared with AI providers

Your data processed by our AI providers is subject to their respective privacy policies:

4. Data Storage with Supabase

All generated diagrams, user data, and related information are stored using Supabase, a secure open-source database platform. Supabase provides enterprise-grade security with encryption at rest and in transit.

The data stored in Supabase includes:

  • Your generated diagram code (Mermaid, PlantUML, etc.)
  • Generated diagram images
  • Diagram metadata (creation date, diagram type, resolution, etc.)
  • Shareable link identifiers
  • User account references and credit balances
  • Subscription and billing status

Supabase operates in accordance with industry-standard security practices and compliance requirements. For detailed information, please refer to Supabase's Privacy Policy.

5. Payment Processing (Stripe)

If you subscribe to a paid plan, payment processing is handled by Stripe, a leading secure payment platform. We do not store your full credit card number, CVV, or other sensitive payment details on our servers—all payment information is processed and stored directly by Stripe.

Data Processed by Stripe:

  • Credit/debit card details (card number, expiration, CVV)
  • Billing name and address
  • Payment method preferences
  • Transaction history

Data We Receive from Stripe:

  • Last four digits of your card (for display purposes)
  • Card type (Visa, Mastercard, etc.) and expiration date
  • Billing address
  • Transaction and subscription status
  • Stripe Customer ID (for linking payments to your account)

Stripe is PCI-DSS Level 1 certified, the highest level of security certification in the payments industry. Stripe also employs advanced fraud detection, encryption, and secure tokenization to protect your payment information.

For more information about how Stripe handles your data, please review Stripe's Privacy Policy.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to provide and improve our service:

6.1 Essential Cookies

These are necessary for the website to function properly, including:

  • Authentication and session management (via Clerk)
  • Remembering your preferences
  • Ensuring secure access to our service

6.2 Analytics Cookies

We use the following analytics tools to understand how users interact with our service:

  • Google Analytics: Tracks user behavior, page views, and interactions to help us improve the user experience. Data is collected in accordance with Google's Privacy Policy.
  • Umami Analytics: A privacy-focused, open-source analytics platform that collects anonymous usage statistics without tracking personal information. Learn more at Umami Privacy.

6.3 Performance Cookies

These cookies help us monitor service performance and loading times to ensure optimal functionality.

6.4 Security and Bot Protection

We use Cloudflare Turnstile to protect our service from spam, abuse, and automated attacks. Turnstile analyzes browser characteristics and behavior to distinguish between legitimate users and bots. Data processed by Turnstile is subject to Cloudflare's Privacy Policy.

You can control cookie settings through your browser preferences. Please note that disabling essential cookies may affect the functionality of our service, including the ability to log in.

7. How We Use Your Information

The information we collect is used to:

  • Create and manage your user account
  • Authenticate your identity and maintain secure sessions
  • Generate diagrams using AI technology
  • Store and retrieve your generated diagrams
  • Process payments and manage subscriptions
  • Track credit usage and enforce plan limits
  • Create and maintain shareable links for your diagrams
  • Improve our service quality and user experience
  • Monitor service performance and troubleshoot technical issues
  • Analyze usage patterns to develop new features
  • Send service-related communications (account verification, password resets, etc.)
  • Ensure the security and integrity of our platform

8. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days.
  • Generated Diagrams:
    • Free Tier: Diagrams may be retained indefinitely in our public gallery.
    • Paid Subscribers: Diagrams are retained for as long as your account is active. You may request deletion at any time.
  • Authentication Logs: Retained for security purposes for up to 12 months.
  • Payment Records: Retained as required by law for tax and accounting purposes.

You may request deletion of your specific diagrams or account at any time by contacting us.

9. Your Rights and Choices

You have the following rights regarding your data:

  • Access: View your account information and generated diagrams through your dashboard
  • Deletion: Request deletion of your account and associated data
  • Export: Download your diagrams in various formats (PNG, SVG, etc.)
  • Correction: Update your account information or regenerate diagrams
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications (service emails will still be sent)

To exercise these rights, contact us at info@diagram-generator.com or use the account settings in your dashboard.

10. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for stored data
  • Secure authentication via Clerk with optional multi-factor authentication
  • Secure password hashing (we never store plaintext passwords)
  • Regular security audits and updates
  • Access controls and role-based permissions

However, no method of internet transmission or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

11. Third-Party Services Summary

Our service integrates with the following third-party services:

Service Purpose Privacy Policy
Clerk User authentication & account management clerk.com/legal/privacy
Stripe Payment processing & subscriptions stripe.com/privacy
Claude AI (Anthropic) AI-powered diagram code generation anthropic.com/legal/privacy
Nanobanana Pro AI-powered image generation (Pro mode) https://developers.google.com/terms/api-services-user-data-policy
Supabase Database storage supabase.com/privacy
Google Analytics Website analytics policies.google.com/privacy
Umami Analytics Privacy-focused analytics umami.is/privacy
Cloudflare Turnstile Bot protection & security cloudflare.com/privacypolicy

We carefully select providers based on their security standards and compliance with data protection regulations.

12. International Data Transfers

Your data may be processed in countries outside your jurisdiction, including the United States, where our service providers operate. We ensure appropriate safeguards are in place in accordance with applicable data protection laws.

13. Children's Privacy

Our service is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

14. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when the policy was last revised. We will notify registered users of significant changes via email. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at:

Email: info@diagram-generator.com

For data protection inquiries or to exercise your privacy rights, please include "Privacy Request" in the subject line.

Privacy Policy | Free AI Diagram Generator