Privacy Policy

Account information: email address, hashed password, account creation date.

Billing information: name, billing address, and payment method tokens — stored and processed by Stripe. We never see or store full card numbers.

Brief content: the niche briefs and inputs you submit to the orchestration pipeline. These are processed to generate your websites and retained so you can re-run or fork them.

Generated websites: the Next.js projects produced for your account, stored encrypted at rest.

Usage telemetry: anonymized request logs, composition durations, error events. Used to improve performance and stability.

Communications: support tickets, emails you send us.

• Provide, operate, and improve the Service
• Process payments and prevent fraud
• Send transactional emails (receipts, password resets, security notices)
• Send product update emails (you can unsubscribe anytime)
• Analyze aggregated usage to identify performance bottlenecks
• Comply with legal obligations

We do not sell, rent, or trade personal information. We do not use your briefs to train AI models without explicit opt-in.

The following sub-processors help us operate the Service:

We use first-party cookies for session management and security. We do not use third-party advertising trackers. Aggregated, anonymized analytics are collected for product improvement only.

Account data is retained for the lifetime of your account. After deletion, account data is purged within 30 days, except where retention is required by law (e.g., billing records for tax purposes — typically 7 years).

Briefs and generated websites can be exported anytime and are deleted with your account.

Subject to applicable law — including GDPR for EU/UK residents, CCPA for California residents, and the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) for residents of the United Arab Emirates — you have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Delete your account and associated data ("right to be forgotten")
• Export your data in a machine-readable, structured format (portability)
• Object to or restrict certain processing
• Withdraw consent at any time, without affecting prior lawful processing
• Lodge a complaint with a supervisory authority

UAE residents: exercise the rights granted by Articles 13–22 of the UAE Personal Data Protection Law by emailing support@jrgenix.com. If we are unable to resolve your request, you may escalate to the UAE Data Office.

All other residents: email support@jrgenix.com to exercise any of the above rights. We respond within 30 days.

The Service is operated globally. Your data may be processed in countries other than your own (including the United States, where most of our sub-processors are based). We rely on Standard Contractual Clauses and other lawful transfer mechanisms where required.

The Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact support@jrgenix.com.

We use TLS 1.3 for all network traffic, encrypt data at rest, store passwords using bcrypt with per-user salts, and follow industry standards for access control and key management. No system is 100% secure — report any vulnerability to support@jrgenix.com.

We may update this Privacy Policy. Material changes will be announced via email at least 30 days before they take effect.

Data Controller: JR Nexus Solutions FZ-LLC, a Free Zone Limited Liability Company registered with the Ras Al Khaimah Economic Zone Authority (RAKEZ), United Arab Emirates, licence number 47032257.
Registered office: VUNE1701, Compass Building – Al Hulaila, AL Hulaila Industrial Zone-FZ, Ras Al Khaimah, United Arab Emirates.

Privacy questions: support@jrgenix.com. Data protection officer: support@jrgenix.com. Security disclosures: support@jrgenix.com.