Harga

Kasus Penggunaan

Penulis FanfictionNovelisPenulis Skenario

Fitur

AI Co-WriterWorld BibleEditorStruktur Cerita

Sumber Daya

DokumentasiBlogTentang
Lunafic

Privacy Policy

Kreatorku

Last updated: 13 May 2026

1. Who We Are

This Privacy Policy describes how Kreatorku ("we", "us", or "our") collects, uses, discloses, and protects information when you use the Lunafic web application and related services ("Service").

Kreatorku is the data controller responsible for your personal data processed through the Service.

2. Information We Collect

2.1 Information You Provide

  • Account details: Email address, display name, and password (hashed) when you register or sign in via email or Google OAuth.
  • Profile information: Any optional profile details you choose to provide.
  • User content: Projects, documents, characters, world-building entries, and other creative content you create within the Service.
  • Communications: Messages you send to us for support, feedback, or inquiries.

2.2 Information Collected Automatically

  • Device and browser data: Browser type, operating system, screen resolution, and device type.
  • Usage data: Pages visited, features used, and interaction patterns within the Service.
  • Log data: Server logs including IP address, request timestamps, and referring URLs.

2.3 Information from Third Parties

  • Google OAuth: If you sign in with Google, we receive your email address and basic profile information from your Google account.

3. How We Use Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Authenticate users and manage accounts
  • Process AI-assisted writing and creative features
  • Process payments and manage subscriptions
  • Send transactional emails (account verification, password reset, billing receipts)
  • Analyze usage patterns to improve reliability and performance
  • Detect, prevent, and address security issues and abuse
  • Comply with legal obligations

4. AI Processing

When you use AI features, your prompts and project context pass through our backend to AI processing systems. We apply these safeguards:

  • All AI requests are proxied through our backend. We do not send your data directly to external AI services from your browser.
  • We minimize the data sent to what is necessary to generate the requested output
  • We do not use your content to train, fine-tune, or improve any AI models
  • We do not log your prompts or writing input unless you activate prompt logging in your account settings. You can disable this at any time.
  • We enforce access controls on our infrastructure to protect your data in transit and at rest

5. Data Storage & Transfers

Your primary data is stored on servers in Singapore. AI processing is distributed across multiple regions. When you use AI features, your prompts and context may be transmitted to AI processing systems outside Singapore.

When you access the Service from outside Singapore, your data may be transferred to and processed in the country where you are located. By using the Service, you consent to such transfers.

6. Cookies & Local Storage

We use cookies and browser storage (localStorage) for authentication, session management, user preferences (such as theme), and consent state. Analytics cookies are only set after you grant consent via our cookie banner.

For detailed information about cookie categories and how to manage them, see our Cookie Policy.

7. Third-Party Services

The Service integrates with the following third-party providers:

  • Cloudflare — Content delivery, security, and DDoS protection
  • Google OAuth — Social login authentication
  • Amplitude — Product analytics (only activated after you grant consent)
  • Datadog — Infrastructure monitoring and performance analytics
  • Polar Software Inc — Payment processing for subscriptions
  • Xendit (PT Sinar Digital Terdepan) — Payment processing for subscriptions

Each provider processes data under their own privacy policy. We share the minimum information each service needs to function.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained until you delete your account or request deletion
  • User content: Retained until you delete it or delete your account
  • Analytics data: Retained according to Amplitude's retention settings
  • Server logs: Retained for up to 90 days for security and debugging

We may retain certain information longer where required by law, to resolve disputes, or to enforce our agreements.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to certain types of processing, including profiling
  • Withdrawal of consent: Withdraw consent for analytics tracking at any time via cookie settings

To exercise any of these rights, contact us at [email protected]. We will respond to legitimate requests within a reasonable timeframe and in accordance with applicable law.

10. Data Security

We implement administrative, technical, and organizational measures to protect your information:

  • Encryption of data in transit (HTTPS/TLS)
  • Hashed password storage
  • Access controls on our infrastructure and databases
  • Consent-gated analytics with input masking for sensitive fields

No method of Internet transmission or electronic storage is fully secure. We cannot guarantee absolute security.

11. Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at [email protected].

12. Changes to This Policy

We may update this Privacy Policy. We will post the revised version on this page with an updated effective date. If we make material changes, we will notify you via the Service or by email. Continued use of the Service after changes become effective constitutes acceptance of the revised policy.

13. Governing Law

This Privacy Policy is governed by the laws of the Republic of Indonesia. For users in regions with mandatory data protection laws (such as Singapore's PDPA, the EU's GDPR, the UK's Data Protection Act, or applicable US state privacy laws), the applicable mandatory protections shall apply.

14. Contact

For privacy inquiries, data access requests, or questions about this policy, contact us at: [email protected].

Questions? Contact us at [email protected]

We use cookies to improve your experience and analyze traffic. You can accept or reject non-essential cookies.