# Revise Privacy Policy Effective date: December 23, 2025 ## 1. Introduction This Privacy Policy explains how Migraine, Inc. ("Migraine," "we," "us," or "our") collects, uses, and shares information about you when you use Revise, our web-based collaborative document editor with AI features, and any related websites, applications, and services that link to this Privacy Policy (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, you must not use the Service. ## 2. Information We Collect We collect information in three main ways: (a) information you provide directly to us, (b) information collected automatically when you use the Service, and (c) information we receive from third parties. 2.1 Information You Provide. We collect information you provide when you use the Service, including: - Account information: Email address, password, and any profile details you choose to provide. - Content and documents: Documents, text, comments, and other content you create, upload, or submit to the Service ("User Content"). - Billing information: If you subscribe to a paid plan, our payment processor (such as Stripe) collects certain billing information, such as your payment method details and billing address. We generally do not store your full payment card number. - Communications: Information you provide when you contact us for support or otherwise communicate with us, including by email. 2.2 Information Collected Automatically. When you access or use the Service, we automatically collect certain information, such as: - Usage data: Information about your interactions with the Service, such as the features you use, the type of content you work with, and the time and duration of your activities. - Device and log data: IP address, browser type and version, device type, operating system, referring and exit pages, and timestamps. - Cookies and similar technologies: We may use cookies and similar technologies to remember your preferences, authenticate you, and understand how you use the Service. 2.3 Information from Third Parties. We may receive information about you from third parties, such as: - Authentication providers: If you sign up or log in using a third-party authentication provider (such as Google), we receive basic account information from that provider, including your email address, name, and profile picture. - Payment processors: Our payment processor (such as Stripe) may provide us with limited information related to your subscription status, billing, and payments. ## 3. How We Use Information We use the information we collect for the following purposes: - To provide and maintain the Service: including operating the editor, collaboration features, AI features, and account management. - To process transactions: including managing subscriptions, billing, and payments. - To communicate with you: including sending service-related messages (such as account notices, security alerts, and subscription updates) and responding to your requests and support inquiries. - To improve and develop the Service: including analyzing how the Service is used, troubleshooting, and developing new features and offerings. - To ensure security and prevent abuse: including detecting, preventing, and responding to fraud, abuse, security risks, and technical issues. - To comply with legal obligations: including recordkeeping, accounting, and responding to lawful requests from authorities where required by law. ## 4. AI Features and Use of Your Content 4.1 Sending Content to AI Providers. When you use AI-powered features in the Service, portions of your User Content, prompts, and related metadata are transmitted to third-party large language model (LLM) providers, including but not limited to OpenAI, Anthropic, and xAI (collectively, "AI Providers"), via their APIs so they can generate outputs. We share only the information reasonably necessary for the AI Providers to generate the requested outputs, and such information is processed subject to their terms and policies. 4.2 No Training on Your Content. Migraine does not permit AI Providers to use your User Content submitted through the Service to train or improve their models, except to the extent such use is strictly necessary to provide the Service to you (for example, for safety monitoring, debugging, or abuse prevention as described in their terms). Migraine itself does not use your User Content to train proprietary machine learning models for general-purpose use. 4.3 AI Output and Responsibility. AI-generated outputs may be inaccurate, incomplete, or inappropriate. You are responsible for reviewing, editing, and validating any AI-generated content before relying on it. You remain responsible for how you use AI-generated content and for ensuring that its use complies with applicable laws and with our Terms of Service. ## 5. Cookies and Similar Technologies We may use cookies and similar technologies (such as local storage) to help operate and improve the Service. These technologies may be used to: - Keep you signed in and maintain your session. - Remember your preferences and settings. - Understand how the Service is used so we can improve it. You may be able to set your browser to refuse cookies or to indicate when a cookie is being sent, but some parts of the Service may not function properly without cookies. ## 6. How We Share Information We may share information about you as follows: - Service providers: With third-party vendors and service providers who perform services on our behalf, such as hosting, cloud storage, analytics, email delivery, customer support, and payment processing (including Stripe). - AI Providers: With AI Providers as described in Section 4 when you use AI-powered features. - Legal and safety: With law enforcement, regulators, or other third parties if we believe disclosure is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request; to protect the security or integrity of the Service; or to protect Migraine, our users, or the public from harm or illegal activities. - Business transfers: In connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership, your information may be transferred to a successor or affiliate as part of that transaction, subject to this Privacy Policy. We do not sell your personal information in the traditional sense of selling data in exchange for money. ## 7. Data Retention We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy, including providing the Service, complying with legal obligations, resolving disputes, and enforcing our agreements. The actual retention period may vary depending on the type of information and the context of your interactions with the Service. You may delete certain User Content at any time through the Service, subject to any technical or legal limitations. We may retain backup copies of data for a limited period of time, as well as records that are reasonably necessary for business or legal purposes. ## 8. Data Security We use reasonable technical and organizational measures to protect your information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security. ## 9. Sensitive and Regulated Data The Service is not designed to store or process highly sensitive or regulated data. You must not use the Service to store, process, or transmit: - Protected Health Information (PHI) or other health information regulated under HIPAA or similar laws. - Payment card numbers, bank account numbers, or other financial account credentials. - Government-issued identification numbers or similar highly sensitive identifiers. - Classified or confidential government information, or any information you are not authorized to store or share. If you choose to upload such information in violation of this Policy, you do so at your own risk and we disclaim any responsibility or liability arising from such use. ## 10. International Data Transfers The Service is operated from the United States. If you access or use the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries that may have data protection laws that are different from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States and other countries as described in this Privacy Policy. ## 11. Your Rights and Choices Depending on your location and applicable law, you may have certain rights regarding your personal information, such as the right to: - Access the personal information we hold about you. - Request correction of inaccurate or incomplete information. - Request deletion of your personal information, subject to certain exceptions. - Object to or restrict certain processing of your information. - Withdraw consent where processing is based on your consent. To exercise any of these rights, you can contact us at [support@revise.io.](mailto:support@revise.io) We may need to verify your identity before responding to your request, and certain rights may be limited or not available depending on your jurisdiction. ## 12. Children's Privacy The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take reasonable steps to delete it. If you believe that a child under 13 has provided us with personal information, please contact us at [support@revise.io.](mailto:support@revise.io) ## 13. Changes to This Privacy Policy We may update this Privacy Policy from time to time. When we make material changes, we will provide notice by, for example, posting the updated Privacy Policy at /privacy and updating the effective date at the top, and/or sending you an email or in-app notification. Your continued use of the Service after the updated Privacy Policy becomes effective constitutes your acceptance of the revised Privacy Policy. ## 14. Contact Us If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at [support@revise.io.](mailto:support@revise.io)