Colour PF Create with splash
Loading…

Last updated: April 3, 2026

PeeperFrog AI Inc. (“we,” “us,” or “our”) operates PF Create (PFCreate.ca). This Privacy Policy explains what personal information we collect, how we use it, and your rights in relation to it. By using the service, you agree to the practices described here.

1. Who We Are

PeeperFrog AI Inc.
Ontario, Canada
[email protected]

2. Information We Collect

2.1 Account Information

When you register, we collect:

  • Email address — used for account login, password resets, and service communications
  • Display name — shown in your account profile
  • Password — stored as a one-way bcrypt hash; we cannot recover or read your password

The following fields are optional and only collected if you choose to provide them:

  • Phone number
  • Mailing address

Billing information — the platform is currently in a testing phase. Billing and payment data collection will be added in a future update. This policy will be updated at that time.

2.2 API Keys, Credentials, and Connected Sites

You may optionally connect third-party service credentials and websites to your account, including:

  • AI provider API keys (OpenAI, Google, Together AI)
  • WordPress site URLs and associated application passwords and usernames
  • LinkedIn OAuth access tokens
  • Telegram bot credentials

WordPress site URLs are stored to identify and route operations to the correct site. All credentials are encrypted at rest using AES-256. They are never logged in plain text, never exposed to other users, and never sent to AI assistants — only the results of authenticated operations are returned.

2.3 Usage Data

We maintain a log of MCP tool calls associated with your account. Logs include tool name, timestamp, and duration. Logs do not include image content, prompt text, or the content of any files you work with. Logs are retained for 90 days.

2.4 Generated Images and Files

Images you generate and files you upload are stored in a private, user-isolated directory on our servers. No other users or staff can access your files in the normal course of operations. We reserve the right to access your files where required for legal compliance, abuse investigation, or platform maintenance, consistent with the Terms of Service.

2.5 Technical Data

We may collect standard server-side technical data including IP addresses and request timestamps, primarily for security, rate-limiting, and abuse detection purposes.

3. How We Use Your Information

We use your information to:

  • Provide and operate the service
  • Authenticate your account and process requests
  • Send transactional emails (welcome email, password reset, API key delivery)
  • Enforce our Terms of Service and Acceptable Use Policy
  • Monitor for abuse and enforce rate limits
  • Comply with legal obligations

We do not use your information to serve you advertising, sell or rent your data to third parties, or train AI models on your content or prompts.

4. How We Share Your Information

We do not sell your personal information. We may share information only in the following limited circumstances:

Service providers. We use third-party infrastructure providers (hosting, email delivery) who process data on our behalf under confidentiality obligations.

AI providers. When you generate an image, your prompt is sent to the AI provider you have selected (Google Gemini, OpenAI, or Together AI). Your use of those providers is also subject to their own privacy policies and terms of service.

Legal requirements. We may disclose information if required to do so by law, court order, or governmental authority, or where we believe disclosure is necessary to protect our rights or the safety of users or the public.

Business transfer. In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the site before your information becomes subject to a different privacy policy.

5. Data Retention

We retain your account information for as long as your account is active. Generated images and uploaded files remain stored until you delete them or your account is closed. Tool call logs are retained for 90 days.

If you delete your account, we will permanently delete all associated personal data within 30 days. This cannot be undone. Anonymised aggregate data may be retained indefinitely as it cannot be used to identify you.

6. Security

We implement industry-standard security measures including AES-256 encryption for credentials stored at rest, bcrypt hashing for passwords, user-isolated file storage, TLS encryption for all data in transit, and firewall-level rate limiting and IP blocking to prevent abuse.

No system is completely secure. If you believe your account has been compromised, rotate your API keys immediately from the account dashboard and contact [email protected].

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request that inaccurate data be corrected
  • Deletion — request deletion of your account and all associated data
  • Portability — request your data in a machine-readable format (data export is on our roadmap)
  • Objection — object to certain types of processing

To exercise any of these rights, contact us at [email protected].

EU/EEA users. If you are located in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your personal data is the performance of our contract with you (Article 6(1)(b) GDPR) and our legitimate interests in operating a secure and functional service (Article 6(1)(f) GDPR). You also have the right to lodge a complaint with your local supervisory authority.

8. Cookies

The user portal at user.pfcreate.ca uses session cookies to maintain your login state. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Children

The service is not directed at persons under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has registered an account, please contact us at [email protected] and we will delete the account promptly.

10. Third-Party Links

The platform may contain links to third-party websites (for example, official licence texts, AI provider documentation). We are not responsible for the privacy practices of those sites.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice on the site. Continued use of the service after notice of changes constitutes acceptance. The date at the top of this document reflects the last revision.

12. Contact

Privacy enquiries: [email protected]
General support: [email protected]
Location: Ontario, Canada