Privacy Policy for Poof

Last Updated: May 14, 2025

Welcome to Poof (the "Service"), operated by Tarobase, Inc. ("we," "us," or "our"). We are committed to protecting your privacy and providing transparency about our data practices. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website poof.new, use our AI-powered services, or interact with us in other ways.

Please read this privacy policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with the terms herein, please do not access or use the Service.

1. Information We Collect

We may collect information about you in a variety of ways. The information we may collect on the Service includes:

a. Personal Data You Provide to Us:
We collect personally identifiable information, such as your name (if provided), email address, wallet address(es), and other contact or identifying information you voluntarily give to us when you register for the Service, create or modify your user profile, purchase Credits, use the Service to build applications (including providing inputs to our AI features such as prompts or data for code generation), contact us for support, or otherwise communicate with us.

b. Project Content and Configuration Data:
When you use our Service to build, configure, and deploy applications (including on-chain code and smart contracts), we store the data, code, configurations, assets you upload or create, or that are generated by the Service based on your inputs ("Project Content"). This may include source code, AI-generated code, smart contract parameters, environment variables, and other data necessary for the functioning of your applications.
Important Note on Sensitive Information: While our Service provides storage and deployment capabilities, you are solely responsible for the Project Content you upload or generate. We strongly advise against including or generating sensitive personal information, private keys, API secrets, or other confidential data directly within your Project Content unless absolutely necessary and appropriately secured by you. Our responsibility for such data is limited as described in this policy and our Terms of Service. We do not intentionally access or use such sensitive data within your Project Content except as required to provide the Service or as directed by you.

c. Derivative Data and Usage Information:
Our servers automatically collect information when you access the Service, such as your IP address, browser type, operating system, access times, and the pages you have viewed directly before and after accessing the Service. We may also collect information about your use of the Service, such as features used, projects created, deployment activities, AI Tasks initiated (including aspects like prompts, inputs, generated outputs, success/failure status, resources utilized, and Credits consumed in relation to your account), and interactions with our platform.

d. Financial Data:
We may collect financial information, such as data related to your payment method (e.g., valid credit card number, card brand, expiration date) when you purchase Credits or other services. We store only very limited, if any, financial information that we collect. Otherwise, all financial information is stored by our payment processor(s) (e.g., Stripe), and you are encouraged to review their privacy policy and contact them directly for responses to your questions.

e. Blockchain Data:
When you deploy applications or interact with blockchains through our Service, information related to those transactions (such as your wallet address, transaction IDs, smart contract addresses deployed) will be publicly available on the respective blockchain networks. This data is not controlled by us and is inherently public.

f. Cookies and Tracking Technologies:
We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Service to help customize the Service and improve your experience. These technologies are used for essential operations (like authentication and security), performance analytics (to understand how our Service is used), and to remember your preferences. You can usually control cookie settings through your browser; however, disabling certain cookies may affect Service functionality.

2. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience, and to improve our Service. Specifically, we may use information collected about you via the Service to:

Create and manage your account and your use of Credits.
Provide, operate, maintain, and improve the Service, including its AI-powered features.
Process your transactions (including Credit purchases) and send you related information, including purchase confirmations and invoices.
Process and execute the AI-driven Tasks you initiate, including using your inputs and Project Content with our AI models or those of our third-party service providers.
Send you technical notices, updates, security alerts, and support and administrative messages.
Respond to your comments, questions, and requests and provide customer service.
Communicate with you about products, services, offers, promotions, rewards, and events offered by us and others, and provide news and information we think will be of interest to you (you may opt-out of marketing communications at any time).
Monitor and analyze trends, usage, and activities in connection with our Service to understand how it is being used and identify areas for improvement.
Personalize and improve the Service and provide content or features that match user profiles or interests.
**Develop, improve, and optimize our Service, including our AI models, algorithms, and user experience. For this purpose, we may use your Personal Data (often in an aggregated or de-identified form), Project Content (including your inputs/prompts to AI features and the generated outputs, which may be anonymized or used in an aggregated manner), and Derivative Data. This use is integral to our ability to enhance the quality, accuracy, and capabilities of our AI features and the overall Service.**
Detect, investigate, and prevent fraudulent transactions, security incidents, and other illegal activities and protect the rights and property of Tarobase, Inc. and others.
Comply with legal and regulatory obligations.
For any other purpose for which the information was collected, with your consent if required by applicable law.

3. Disclosure of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

a. By Law or to Protect Rights:
If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies (including our Terms of Service), or to protect the rights, property, and safety of Tarobase, Inc., our users, or others, we may share your information as permitted or required by any applicable law, rule, or regulation.

b. Third-Party Service Providers:
We may share your information with third-party vendors, consultants, and other service providers who perform services for us or on our behalf and require access to such information to do that work. Examples include payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. This includes sharing data with third-party AI service providers that help us power or enhance certain AI functionalities within our Service. For instance, we may transmit your inputs (e.g., prompts) or parts of your Project Content to such providers to generate responses or code. These providers process your data as necessary to deliver the AI service to us and may use data in accordance with their own privacy policies, which may include using it to improve their services. We endeavor to work with reputable providers and take steps to limit data sharing to what is reasonably necessary for the functionality.

c. Business Transfers:
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

d. Affiliates:
We may share your information with our affiliates (meaning entities controlled by, controlling, or under common control with Tarobase, Inc.), in which case we will require those affiliates to honor this Privacy Policy.

e. With Your Consent:
We may disclose your personal information for any other purpose with your consent.

f. Publicly Deployed Data:
Information, including Project Content, that you choose to deploy to public blockchains or otherwise make publicly available through the Service will be inherently public and accessible by anyone. We have no control over how this public data is used by third parties.

g. Aggregated or De-Identified Data:
We may share or disclose aggregated or de-identified information, which cannot reasonably be used to identify you, with third parties for various purposes, including for research, analytics, service improvement, or marketing.

We do not sell your personal information to third parties for monetary consideration.

4. Security of Your Information

We use administrative, technical, and physical security measures designed to help protect your personal information and Project Content stored on our systems. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.

Your Responsibility: You are responsible for maintaining the security of your account credentials and for the security of any sensitive information (such as API keys, private keys, or secrets) you include in your Project Content. We are not responsible for any unauthorized access to or use of your Project Content or any sensitive information therein that results from your failure to secure such information or your account. You are also responsible for reviewing and validating any code or content generated by the AI features of our Service before deployment or use, as AI-generated content can sometimes be inaccurate, incomplete, or contain unintended elements.

5. Data Retention

We will retain your personal information and Project Content for as long as your account is active or as needed to provide you with the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Data related to your interactions with our AI features (such as prompts, inputs, and generated outputs) may be retained for a period necessary to provide and improve the Service, for troubleshooting, and for AI model development and refinement purposes as described in Section 2, potentially in an anonymized or aggregated form for longer periods. We may also retain de-identified or aggregated data indefinitely for analytics, research, and service improvement purposes.

6. Your Data Protection Rights

Depending on your location and applicable law (e.g., GDPR for European residents, CCPA for California residents), you may have certain rights regarding your personal information, such as:

The right to access – You have the right to request copies of your personal data.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
The right to opt-out of the "sale" of personal information (as defined by applicable laws like CCPA). As stated, we do not sell your personal information for monetary consideration.

To exercise these rights, please contact us at founders@poof.new or founders@tarobase.com. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may need to verify your identity before processing your request. Please note that exercising certain rights, such as requesting deletion of data or objecting to certain processing activities (particularly those essential for AI model improvement as described in Section 2), may impact your ability to use some or all features of the Service or may limit our ability to enhance the Service effectively. We may also be unable to delete certain information if it is necessary for us to maintain for purposes such as compliance with legal obligations, dispute resolution, or enforcement of our agreements.

7. Children's Privacy

Our Service is not directed to individuals under the age of 13 (or a higher age threshold as required by applicable law in your jurisdiction, such as 16 in some parts of Europe). We do not knowingly collect personal information from children under these age limits. If we become aware that a child under the applicable age limit has provided us with personal information, we will take steps to delete such information. If you believe that we might have any information from or about a child under the applicable age limit, please contact us.

8. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there, and potentially to other countries where our service providers are located. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. We will take steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws. This may include implementing Standard Contractual Clauses or relying on other legally-provided mechanisms for international data transfers where required.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. In some cases, we may also provide more prominent notice (such as by adding a statement to our homepage or sending you a notification). You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Service after the effective date of the revised Privacy Policy will constitute your acceptance of the changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: founders@poof.new or founders@tarobase.com

Tarobase, Inc.