Privacy Policy
Your data belongs to you. This document explains, in plain English, what Peplio actually collects, why, who else sees it, and how to get it deleted — no dark patterns, no fine print buried in legalese.
The short version
If you want the whole policy in three sentences: Peplio doesn’t sell your data, doesn’t build shadow profiles, and doesn’t require an account to use most of the site. What we do collect is standard web-analytics traffic data, newsletter emails you willingly hand over, and the text prompts you type into free tools — which are sent to third-party AI providers to generate a response.
Peplio has no ad-retargeting pixels, no session recorders, and no data-broker integrations. The only tracker is Google Analytics 4 for aggregate traffic understanding.
Who is the data controller
The person legally responsible for how your data is handled on Peplio is:
- Sougan Kumar MandiFounder & sole operator of Peplio
- LocationDurgapur, West Bengal, India
- Contact for privacy requestsVia the contact page — subject line “Privacy request”
What we collect & why
Here’s the full inventory of data Peplio touches, categorised by why it exists:
| What | Why we collect it | Legal basis |
|---|---|---|
| Email address | Newsletter subscription; sending you free eBooks and updates you asked for | Your consent |
| Name (optional) | Personalising the newsletter greeting | Your consent |
| IP address | Rate-limiting tool abuse, security, geographic analytics | Legitimate interest |
| Browser & device info | Making the site work correctly across devices; debugging | Legitimate interest |
| Tool inputs (prompts, images) | Generating your requested output; not stored beyond the request | Contract (you asked for a result) |
| Comment content | Displaying your discussion post publicly; moderation | Your consent |
| Purchase details | Order fulfilment, receipts, tax records | Contract & legal obligation |
Third-party services in the stack
Peplio is not a self-contained castle — it’s a shopfront built on top of several independent services. Each of them may receive some of your data as part of making the site function. Their privacy policies apply in addition to this one.
- Hostinger. Hosts the WordPress installation. Sees server logs including IP addresses.
- Google Analytics 4 & Search Console. Aggregate traffic and keyword performance. IPs are anonymised.
- Google AdSense. Displays ads and may set advertising cookies. Governed by Google’s own privacy policy.
- Google Gemini API. Receives the text prompts you enter into text-based tools.
- Hugging Face. Receives the prompts sent to FLUX.1-schnell for image generation.
- WooCommerce & payment gateway. Handles paid orders, including billing information you provide.
- RankMath. On-site SEO plugin — does not transmit personal user data.
- Newsletter service. Stores your email so we can send you updates.
How AI tools handle your inputs
When you use a Peplio AI tool — the image generator, meme maker, AEO content scorer, blog idea generator, and so on — your input is sent through our secure proxy to the underlying AI provider, and the response is returned to you.
- Peplio does not store the inputs. Prompts and images pass through and are not saved to our database.
- The AI provider may log requests. Google and Hugging Face may retain requests briefly for abuse prevention, per their own policies.
- Do not send sensitive data. Don’t paste passwords, financial data, medical records, or confidential company information into any tool.
Treat the tools like public utilities: use them freely, but don’t feed them anything you wouldn’t be comfortable saying in a coffee shop.
Cookies & tracking
Peplio uses cookies for the site to function and to understand aggregate traffic. The full breakdown — types, providers, how to opt out — lives in our dedicated Cookie Policy.
Short version: essential cookies always run, analytics can be declined via your browser, and there are no third-party ad-retargeting cookies dropped on you outside of Google AdSense’s contextual ad system.
Your rights over your data
Under India’s Digital Personal Data Protection Act 2023 (DPDP) and, where applicable, the EU General Data Protection Regulation (GDPR), you have the following rights:
- Right of access. Ask for a copy of the personal data Peplio holds about you.
- Right to correction. Ask for inaccurate data to be fixed.
- Right to erasure. Ask for your data to be deleted (e.g. unsubscribing from the newsletter and deleting the record).
- Right to withdraw consent. Change your mind about newsletter subscription or cookie consent at any time.
- Right to grievance redress. If you’re unsatisfied with our response, you may escalate to the Data Protection Board of India.
To exercise any of these, email through the contact page with the subject “Privacy request”. Requests are honoured within 30 days.
Data retention & security
We keep personal data only as long as it’s genuinely useful for the purpose you gave it:
- Newsletter emails. Kept until you unsubscribe.
- Comment content. Kept for as long as the article exists, unless you request removal.
- Purchase records. Kept for 7 years for tax and legal purposes (Indian statutory requirement).
- Server logs. Rotated automatically after 30 days.
Security-wise, the site runs over HTTPS, the AI proxy has rate limiting and SSRF protection, and the WordPress admin uses two-factor authentication. No system is unbreachable, but reasonable measures are in place.
Children’s privacy
Peplio is not directed at children under 13. We do not knowingly collect personal data from anyone under 13, and users between 13 and 18 should have a parent or guardian’s supervision when using the tools or subscribing to the newsletter.
If you believe a child has provided data to Peplio, please email us and we will delete it promptly.
Changes & contact
This policy will be updated whenever Peplio adds a new tool, changes a third-party provider, or when Indian or international privacy law changes. The “Last updated” date at the top will always reflect the current version.
For any privacy question, correction, deletion request, or friendly hello, use the contact page. Related reading: Terms & Conditions, Cookie Policy, Disclaimer.