Privacy Policy
Last updated: October 10, 2025
1. Introduction
Welcome to Engine Y (“Engine Y,” “we,” “our,” or “us”).
Engine Y is a software-as-a-service (SaaS) platform for communications professionals. The Service helps users generate strategic ideas, campaign concepts, presentation decks, and visual materials from client briefs and creative inputs (“Generated Work”).
Your privacy and the confidentiality of your clients’ materials are our top priorities. This Privacy Policy explains how we collect, use, disclose, and protect your information, as well as your rights under applicable laws, including:
The General Data Protection Regulation (EU GDPR)
The UK GDPR and Data Protection Act 2018
The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
By using Engine Y, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.
2. Information We Collect
We collect only the information necessary to provide and improve the Service.
a. Account Information
When you register or manage your account, we collect:
Name, email address, and organization name
Account credentials (securely encrypted)
Billing and payment information (processed by trusted third-party providers)
b. Inputs and Outputs
In the normal course of using Engine Y, you may provide:
Inputs: client briefs, background materials, brand data, and creative prompts
Outputs: strategic concepts, campaign ideas, PowerPoint decks, campaign boards, visuals, and related creative content (“Generated Work”)
All such materials are treated as confidential and are not shared or reused without your consent.
c. Usage and Technical Data
We automatically collect limited data such as:
IP address, browser, and device type
Log files and activity timestamps
Performance, diagnostic, and crash information
Cookies or similar technologies to enable secure login and user analytics (see Section 9)
3. How We Use Information
We use personal data only for legitimate purposes, including to:
Operate, maintain, and improve the Service
Authenticate users and manage accounts
Provide customer support and security notifications
Process payments and manage subscriptions
Analyze usage trends to enhance functionality
Comply with legal obligations and prevent fraud
We do not use or review your client briefs, Generated Work, or confidential materials for model training, marketing, or competitive analysis without your explicit, opt-in consent.
4. Legal Bases for Processing (EU & UK Users)
Under the GDPR, we process your personal data under the following lawful bases:
Contract performance: To provide the Service you have requested.
Legitimate interest: To improve and secure our platform.
Legal obligation: To comply with applicable laws and tax requirements.
Consent: When you opt in to specific communications or data uses.
You may withdraw your consent at any time by contacting privacy@enginey.ai.
5. Confidentiality of Client Materials and Generated Work
Confidentiality is a core principle of Engine Y.
All client briefs, uploaded content, and Generated Work remain private by default.
We do not access or view your content unless required for support or maintenance at your explicit request.
You control all sharing; no data is made public or accessible to other users without your authorization.
Your data and creative outputs are never used to train AI models or shared with third parties for commercial purposes.
6. Data Ownership
You retain full ownership of:
Any content or materials you upload or input
All Generated Work produced through the Service
Engine Y claims no ownership, license, or rights to your creative or client data. You may export, delete, or modify your content at any time.
7. Data Sharing and Disclosure
We never sell or rent your data.
We share limited data only when necessary:
With service providers: trusted partners who host servers, process payments, or deliver infrastructure services, all bound by strict confidentiality and data protection agreements.
For legal compliance: when required by law, regulation, or court order.
For business transfers: in the event of a merger or acquisition, users will be notified and may opt out before any transfer occurs.
8. Data Security
We use industry-standard security measures to protect your data, including:
Encryption in transit (TLS/SSL) and at rest
Role-based access controls
Regular vulnerability scans and penetration tests
Continuous system monitoring and logging
While we maintain robust safeguards, no system can be entirely secure. We encourage you to use strong passwords and protect your login credentials.
9. Cookies and Tracking
Engine Y uses minimal cookies and similar technologies to:
Authenticate sessions
Maintain secure logins
Gather anonymous usage statistics
You can manage or disable cookies through your browser settings. Disabling cookies may affect Service functionality.
10. Data Retention and Deletion
We retain your data only for as long as necessary to provide the Service or meet legal requirements.
When you delete your account:
All personal data, inputs, and Generated Work are permanently deleted within 30 days.
Backup copies are securely deleted on a rolling schedule.
Certain billing records may be retained for legal compliance.
11. International Data Transfers
If you access Engine Y from outside our hosting region, your data may be transferred to and processed in the United States or other jurisdictions.
We comply with GDPR and UK data transfer requirements by using Standard Contractual Clauses (SCCs) and ensuring equivalent safeguards.
12. Your Rights
For EU and UK Users (GDPR)
You have the right to:
Access your personal data
Correct or update inaccurate information
Delete your data (“right to be forgotten”)
Restrict or object to processing
Receive your data in a portable format
Withdraw consent at any time
Lodge a complaint with your national data protection authority
For California Users (CCPA/CPRA)
You have the right to:
Know what personal data we collect and how it’s used
Request access or deletion of your data
Opt out of the “sale” or “sharing” of personal data (we do not sell data)
Correct inaccurate data
Limit use of sensitive personal information
To exercise any of these rights, contact privacy@enginey.ai. We will respond within the timelines required by law.
13. Children’s Privacy
Engine Y is intended for professional use. We do not knowingly collect or process data from individuals under 16 years of age. If we become aware of such data, it will be promptly deleted.
14. Updates to This Policy
We may update this Privacy Policy occasionally to reflect legal, technical, or operational changes. Updates will be posted here, and significant changes will be communicated via email or in-app notice prior to taking effect.
15. Contact
If you have questions or concerns about this Privacy Policy or your data rights, please contact us:
privacy@enginey.ai
For EU users, our Data Protection Officer (DPO) can be contacted via the same email address.
Company information
Engine Y AB,
Järnvägsgatan 84
172 75 Sundbyberg
Sweden
Privacy Policy
Last updated: October 10, 2025
1. Introduction
Welcome to Engine Y (“Engine Y,” “we,” “our,” or “us”).
Engine Y is a software-as-a-service (SaaS) platform for communications professionals. The Service helps users generate strategic ideas, campaign concepts, presentation decks, and visual materials from client briefs and creative inputs (“Generated Work”).
Your privacy and the confidentiality of your clients’ materials are our top priorities. This Privacy Policy explains how we collect, use, disclose, and protect your information, as well as your rights under applicable laws, including:
The General Data Protection Regulation (EU GDPR)
The UK GDPR and Data Protection Act 2018
The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
By using Engine Y, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.
2. Information We Collect
We collect only the information necessary to provide and improve the Service.
a. Account Information
When you register or manage your account, we collect:
Name, email address, and organization name
Account credentials (securely encrypted)
Billing and payment information (processed by trusted third-party providers)
b. Inputs and Outputs
In the normal course of using Engine Y, you may provide:
Inputs: client briefs, background materials, brand data, and creative prompts
Outputs: strategic concepts, campaign ideas, PowerPoint decks, campaign boards, visuals, and related creative content (“Generated Work”)
All such materials are treated as confidential and are not shared or reused without your consent.
c. Usage and Technical Data
We automatically collect limited data such as:
IP address, browser, and device type
Log files and activity timestamps
Performance, diagnostic, and crash information
Cookies or similar technologies to enable secure login and user analytics (see Section 9)
3. How We Use Information
We use personal data only for legitimate purposes, including to:
Operate, maintain, and improve the Service
Authenticate users and manage accounts
Provide customer support and security notifications
Process payments and manage subscriptions
Analyze usage trends to enhance functionality
Comply with legal obligations and prevent fraud
We do not use or review your client briefs, Generated Work, or confidential materials for model training, marketing, or competitive analysis without your explicit, opt-in consent.
4. Legal Bases for Processing (EU & UK Users)
Under the GDPR, we process your personal data under the following lawful bases:
Contract performance: To provide the Service you have requested.
Legitimate interest: To improve and secure our platform.
Legal obligation: To comply with applicable laws and tax requirements.
Consent: When you opt in to specific communications or data uses.
You may withdraw your consent at any time by contacting privacy@enginey.ai.
5. Confidentiality of Client Materials and Generated Work
Confidentiality is a core principle of Engine Y.
All client briefs, uploaded content, and Generated Work remain private by default.
We do not access or view your content unless required for support or maintenance at your explicit request.
You control all sharing; no data is made public or accessible to other users without your authorization.
Your data and creative outputs are never used to train AI models or shared with third parties for commercial purposes.
6. Data Ownership
You retain full ownership of:
Any content or materials you upload or input
All Generated Work produced through the Service
Engine Y claims no ownership, license, or rights to your creative or client data. You may export, delete, or modify your content at any time.
7. Data Sharing and Disclosure
We never sell or rent your data.
We share limited data only when necessary:
With service providers: trusted partners who host servers, process payments, or deliver infrastructure services, all bound by strict confidentiality and data protection agreements.
For legal compliance: when required by law, regulation, or court order.
For business transfers: in the event of a merger or acquisition, users will be notified and may opt out before any transfer occurs.
8. Data Security
We use industry-standard security measures to protect your data, including:
Encryption in transit (TLS/SSL) and at rest
Role-based access controls
Regular vulnerability scans and penetration tests
Continuous system monitoring and logging
While we maintain robust safeguards, no system can be entirely secure. We encourage you to use strong passwords and protect your login credentials.
9. Cookies and Tracking
Engine Y uses minimal cookies and similar technologies to:
Authenticate sessions
Maintain secure logins
Gather anonymous usage statistics
You can manage or disable cookies through your browser settings. Disabling cookies may affect Service functionality.
10. Data Retention and Deletion
We retain your data only for as long as necessary to provide the Service or meet legal requirements.
When you delete your account:
All personal data, inputs, and Generated Work are permanently deleted within 30 days.
Backup copies are securely deleted on a rolling schedule.
Certain billing records may be retained for legal compliance.
11. International Data Transfers
If you access Engine Y from outside our hosting region, your data may be transferred to and processed in the United States or other jurisdictions.
We comply with GDPR and UK data transfer requirements by using Standard Contractual Clauses (SCCs) and ensuring equivalent safeguards.
12. Your Rights
For EU and UK Users (GDPR)
You have the right to:
Access your personal data
Correct or update inaccurate information
Delete your data (“right to be forgotten”)
Restrict or object to processing
Receive your data in a portable format
Withdraw consent at any time
Lodge a complaint with your national data protection authority
For California Users (CCPA/CPRA)
You have the right to:
Know what personal data we collect and how it’s used
Request access or deletion of your data
Opt out of the “sale” or “sharing” of personal data (we do not sell data)
Correct inaccurate data
Limit use of sensitive personal information
To exercise any of these rights, contact privacy@enginey.ai. We will respond within the timelines required by law.
13. Children’s Privacy
Engine Y is intended for professional use. We do not knowingly collect or process data from individuals under 16 years of age. If we become aware of such data, it will be promptly deleted.
14. Updates to This Policy
We may update this Privacy Policy occasionally to reflect legal, technical, or operational changes. Updates will be posted here, and significant changes will be communicated via email or in-app notice prior to taking effect.
15. Contact
If you have questions or concerns about this Privacy Policy or your data rights, please contact us:
privacy@enginey.ai
For EU users, our Data Protection Officer (DPO) can be contacted via the same email address.
Company information
Engine Y AB,
Järnvägsgatan 84
172 75 Sundbyberg
Sweden