Privacy Policy

Last updated: April 16, 2026 (v1.1)

NewPR.io (the “Service”) is owned and operated by US Trade Group, a Pennsylvania S Corporation (“we,” “us,” or “our”). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read this policy carefully. If you disagree with its terms, please discontinue use of the service.

1. Information We Collect

We collect the following categories of information:

Category	What We Collect	Purpose
Account Information	Email address, password (encrypted)	Account creation and authentication
Profile Information	Organization name, contact name, phone, website, boilerplate text	Personalizing AI-generated content
Usage Data	Number of generations used, current subscription plan, generation timestamps	Enforcing plan limits and billing
Content Inputs	Text you enter into the app (crisis situations, topics, key points, etc.)	Generating AI content on your behalf
Payment Information	Processed by Stripe - we never store card numbers	Subscription billing
Technical Data	Browser type, device type, IP address, access timestamps	Security, fraud prevention, service improvement

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the NewPR.io service
• Process your content inputs through our AI models to generate PR content
• Manage your account, subscription, and billing
• Enforce our Terms of Service and usage limits
• Send transactional emails (account verification, password reset, billing receipts)
• Respond to support requests and inquiries
• Detect and prevent fraud, abuse, or security incidents
• Comply with applicable legal obligations

We do not use your content inputs or AI-generated outputs to train AI models. Your content stays yours.

3. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

Service Providers: We use trusted third-party services to operate NewPR.io:

• Firebase / Google Cloud - Authentication, database storage, and hosting (Google LLC, USA)
• Anthropic — AI content generation. Your prompts are transmitted to Anthropic via an Enterprise API. Under our agreement with the provider, these inputs are used solely for generation and are not used to train the underlying large language models. Anthropic’s privacy policy governs any incidental data handling on their end.
• Stripe - Payment processing. Stripe is a PCI-DSS compliant payment processor. We never receive or store your full card details.
• Netlify - Landing page hosting

Legal Requirements: We may disclose your information if required by law, court order, or government authority, or to protect the rights, safety, or property of NewPR.io or others.

Business Transfers: If NewPR.io is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. If you close your account, we will delete or anonymize your personal data within 90 days, except where retention is required by law or legitimate business purposes (such as resolving disputes or fraud prevention).

Content you generate is stored temporarily to support the auto-save and draft restoration features. You may delete saved drafts at any time from within the app.

5. Data Security

We implement industry-standard security measures to protect your information:

• All data is transmitted over HTTPS/TLS encryption
• Passwords are hashed and never stored in plain text
• API keys and secrets are stored in Google Cloud Secret Manager, not in application code
• Firebase security rules restrict database access to authenticated users only
• Payment data is handled exclusively by Stripe’s PCI-compliant infrastructure

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Breach Notification: In the event of a security breach involving your personal information, we will notify affected users and the Pennsylvania Office of Attorney General in accordance with the Pennsylvania Breach of Personal Information Notification Act (BPINA), as amended. We will provide notification without unreasonable delay and within the timeframes required by applicable law.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your account and associated personal data
• Portability: Request an export of your data in a machine-readable format
• Objection: Object to processing of your data for certain purposes
• Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@newpr.io. We will respond within 30 days.

7. Cookies and Tracking

NewPR.io uses minimal cookies and local storage:

• Authentication cookies: Firebase uses session cookies to keep you logged in. These are essential for the service to function.
• Local storage: We store your preferences (e.g., organization name, onboarding status) locally on your device for a better experience.
• Analytics: We do not currently use third-party analytics cookies or tracking pixels.

You may disable cookies in your browser settings, but this may affect the functionality of the service.

8. Children's Privacy

NewPR.io is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information, we will delete it promptly. If you believe a child has provided us with personal information, contact us at privacy@newpr.io.

9. International Data Transfers

NewPR.io is operated in the United States. If you are accessing the service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using the service, you consent to this transfer. We take steps to ensure that your data receives adequate protection in accordance with this Privacy Policy.

10. GDPR (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your personal data includes:

• Contract performance: Processing necessary to provide the service you've signed up for
• Legitimate interests: Security, fraud prevention, and service improvement
• Legal compliance: Where required by applicable law
• Consent: Where you have provided explicit consent

To exercise your GDPR rights or lodge a complaint, contact us at privacy@newpr.io or contact your local data protection authority.

11. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights. We do not sell your personal information for monetary value, nor do we share your personal information for cross-context behavioral advertising. California residents may request to know what personal information we collect, request deletion of personal information, and opt out of the sale or sharing of personal information. To exercise these rights, contact privacy@newpr.io.

12. Pennsylvania Consumer Data Privacy (HB 78)

NewPR.io is operated by US Trade Group, a Pennsylvania S Corporation. In anticipation of Pennsylvania’s Consumer Data Privacy Act (HB 78), we are proactively building our platform to comply with its requirements.

Controller and Processor Roles: For the purposes of applicable data privacy laws, US Trade Group acts as the Data Controller for your account information (name, email, profile data, usage data), and as a Data Processor for the content you input into the AI tool (crisis situations, press release topics, speech details, etc.).

Pennsylvania users have the following rights, which we honor now and will continue to honor upon HB 78's passage:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Delete: Request deletion of your personal data. Submit requests to privacy@newpr.io and we will process your request within 45 days
• Right to Correct: Request correction of inaccurate personal data
• Right to Opt-Out: Opt out of the sale or sharing of personal data for targeted advertising. We do not sell or share your personal data for advertising purposes
• Right to Data Portability: Receive your data in a portable, machine-readable format
• Right to Appeal: If we deny your privacy request, you may appeal our decision by contacting privacy@newpr.io

We will not discriminate against you for exercising any of these rights.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@newpr.io
• Support: support@newpr.io