Last updated: July 6, 2026
Webitro AI is operated by Webitro Software Company ("Webitro", "we"). This policy explains what personal data we process when you use webitroai.com and the Webitro AI service, and what rights you have.
Account data: email address, optional name, hashed password, plan and credit balance.
Usage data: the commands you submit, generated plans and outputs, verification results, credit consumption and technical logs (timestamps, status codes) needed to run and audit the service.
Technical data: session cookies required for authentication, and your saved interface preferences such as language and theme (stored in your browser).
We use your data to provide the service (planning, running and verifying productions), to bill credits, to secure accounts, to comply with legal obligations and to improve reliability. Your commands and outputs are sent to the third-party AI engines needed to fulfil your request; we share only what is necessary to execute the task.
We do not sell your personal data.
We use strictly necessary cookies for authentication (an HttpOnly refresh token) and a non-sensitive sign-in indicator used only to route you to the right page. Preference values such as language and theme are kept in your browser storage.
We keep personal data only as long as needed for the purposes above or as required by law.
You can request deletion of your account and associated personal data at any time. Deletion requests are fulfilled within 30 days, except for minimal records we are legally required to retain (for example billing records).
Depending on your jurisdiction, you have the right to access, rectify, erase and receive a copy of your personal data, to restrict or object to processing, and to withdraw consent. You also have the right to lodge a complaint with your supervisory authority.
Residents of Türkiye also have rights under KVKK; see our KVKK notice for details.
We apply industry-standard measures: passwords are stored hashed, sessions use short-lived tokens with HttpOnly refresh cookies, and provider API keys are stored encrypted. No system is perfectly secure; we will notify affected users of any breach as required by law.
Third-party AI engine providers and hosting providers may process data outside your country. We select providers with appropriate safeguards and share only what is needed to run your task.
We may update this policy; changes appear on this page with an updated date. Privacy questions and deletion requests can be sent through the contact options published on this site.