InnoCanvas← Back to Home
Legal

Privacy Policy

Last updated: March 17, 2026

InnoCanvas ("we," "our," or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights regarding it. By using InnoCanvas you agree to the practices described here.

Contents

  1. 01.Information We Collect
  2. 02.How We Use Your Information
  3. 03.Information Sharing & Disclosure
  4. 04.Data Security
  5. 05.Data Retention
  6. 06.Your Rights
  7. 07.Cookies & Tracking
  8. 08.Third-Party Services
  9. 09.Children's Privacy
  10. 10.International Data Transfers
  11. 11.Changes to This Policy
  12. 12.Contact Us

1. Information We Collect

Information you provide directly

  • Account data: email address, full name, password hash, profile photo
  • Profile data: age, country, job title, company, industry, experience level
  • Business data: content of business model canvases you create
  • Communication data: messages you send to our support team
  • Payment data: billing details processed by our payment provider (we do not store raw card numbers)

Information collected automatically

  • Usage data: pages visited, features used, clicks, and session duration
  • Device data: browser type, operating system, screen resolution
  • Log data: IP address, timestamps, error logs
  • Cookies and similar tracking technologies (see Section 7)

2. How We Use Your Information

We use your data to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Process payments and manage subscriptions
  • Generate AI-powered business canvases based on your inputs
  • Send transactional emails (account verification, receipts, security alerts)
  • Respond to support requests and feedback
  • Detect, prevent, and address technical issues and fraud
  • Comply with legal obligations
  • With your consent: send product updates and marketing communications

We do not use your canvas content to train AI models without your explicit consent.

3. Information Sharing & Disclosure

We do not sell your personal information. We share data only in these circumstances:

Service Providers

We share data with trusted vendors who help us operate the Service (e.g., Supabase for database/auth, Anthropic/OpenAI for AI generation, our payment processor). These vendors are contractually bound to protect your data.

Legal Requirements

We may disclose data when required by law, court order, or to protect the rights, property, or safety of InnoCanvas, our users, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

With Your Consent

We may share data for other purposes when you give us explicit permission.

4. Data Security

We implement industry-standard security measures to protect your information:

  • TLS/HTTPS encryption for all data in transit
  • Encryption at rest for stored data
  • Row-level security (RLS) in our database — you can only access your own data
  • Secure, hashed password storage (we never store plaintext passwords)
  • Regular security reviews and access controls

Despite these measures, no system is 100% secure. If you suspect a breach affecting your account, contact us immediately at privacy@innocanvas.site.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account and profile data: retained until you delete your account
  • Canvas data: retained until you delete individual canvases or your account
  • Payment records: retained for up to 7 years as required by financial regulations
  • Log data: retained for up to 90 days
  • After account deletion, we may retain anonymized, aggregated data indefinitely

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access

Request a copy of the data we hold about you.

Correction

Ask us to correct inaccurate or incomplete data.

Deletion

Request deletion of your personal data ("right to be forgotten").

Portability

Receive your data in a structured, machine-readable format.

Restriction

Ask us to limit how we process your data.

Objection

Object to processing based on legitimate interests or for direct marketing.

Withdraw Consent

Withdraw previously given consent at any time.

Complaints

Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@innocanvas.site. We will respond within 30 days.

7. Cookies & Tracking

We use the following types of cookies:

Essential Cookies: Required for authentication and core functionality. Cannot be disabled.
Preference Cookies: Remember your settings such as theme and language.
Analytics Cookies: Help us understand how the Service is used (anonymized). You may opt out.

You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent the Service from working correctly.

8. Third-Party Services

InnoCanvas integrates with the following third-party services, each governed by their own privacy policies:

SupabaseDatabase, authentication, and file storage
Anthropic / OpenAIAI canvas generation
Payment ProcessorSecure payment and subscription management

9. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10. International Data Transfers

InnoCanvas operates globally. Your data may be stored or processed in countries other than your own. We ensure any international transfers comply with applicable data protection laws through appropriate safeguards such as Standard Contractual Clauses where required.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or a prominent notice on the Service at least 14 days before they take effect. We encourage you to review this page regularly.

12. Contact Us

For privacy-related inquiries, data requests, or complaints:

Email: privacy@innocanvas.site

Subject line: Privacy Inquiry

We aim to respond to all requests within 30 days.

Terms of ServiceRefund PolicyBack to Home