Privacy Policy

When you sign up, we collect:

• Your email address (used to create your account, send transactional emails like password reset, and contact you about your subscription).
• Your name (only used inside the product, for personalization).

When you use the product, you provide:

• Your writing samples — texts you upload or paste during onboarding to teach Lyra your voice.
• Your "personal must / never" preferences (optional).
• Briefs you submit to generate new texts.
• The texts Lyra generates for you.

We also collect:

• Basic technical logs (IP address, browser type, timestamps) for security and abuse prevention.
• Your subscription status from Stripe (active / cancelled / past due) — but not your card details. Stripe handles all payment information; we never see your card.

• Your writing samples are used solely to generate texts in your voice for you. They are stored in your private profile and are never used to train any AI model — ours or anyone else's.
• Your generations are stored in your account so you can refer back to them.
• Your email is used for transactional communication (account, billing, password reset). We don't send marketing emails without your explicit opt-in.

We use the following service providers ("subprocessors"), who process data only as instructed by us:

• Anthropic (claude-sonnet-4-6 model) — your writing samples and briefs are sent to Anthropic each time you generate a text. Anthropic does not use API inputs to train its models. See https://www.anthropic.com/legal/privacy.
• Stripe — for payment processing. Stripe receives your email and card details directly.
• Supabase / Lovable — for hosting, authentication, and database. Data is stored on EU servers (West Europe / Ireland).

We don't sell your data. We don't share it with advertisers. We don't use it to train AI.

Your data is stored on servers located in the European Union (Ireland). Stripe and Anthropic may process data in the United States; in those cases, we rely on Standard Contractual Clauses or equivalent transfer mechanisms.

• Account data: while your account is active, plus 30 days after deletion to handle billing edge cases.
• Writing samples and generations: while your account is active. You can delete them at any time from Settings → Delete account.
• Logs: 90 days, then automatically deleted.

If you're in the EU, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (you can do this yourself via Settings → Delete account; cascades to voice profile and generations).
• Export your data (we provide JSON export on request).
• Object to or restrict processing.
• Lodge a complaint with the State Data Protection Inspectorate of Lithuania (vdai.lrv.lt).

To exercise these rights, email hello@writelyra.com.

We use only essential cookies (for login session and basic functionality). We don't use tracking, advertising, or analytics cookies in v1. If we add analytics later, we'll update this policy and notify you.

We may update this policy. We'll notify you by email at least 14 days before any material change.

Questions about privacy: hello@writelyra.com

Data controller: Comma PR, MB, Lithuania.