Privacy Policy

Last updated: March 18, 2026

One Blog a Day (“we,” “us,” or “our”) operates the platform at oneblogaday.com. This Privacy Policy explains how we collect, use, and protect your personal data.

1. Information We Collect

  • Account information: Email address, name (when provided via signup or Google OAuth)
  • Business information: Website URL, business details extracted during onboarding (business name, type, services, location)
  • CMS credentials: WordPress, Shopify, or Wix connection details — stored encrypted using AES-256-GCM encryption
  • Usage data: Blog generation history, keyword selections, publishing activity
  • Google Search Console data: Keyword rankings and search performance (only if you connect GSC)

2. How We Use Your Data

  • To generate blog content tailored to your business
  • To discover relevant keywords for your industry
  • To publish content to your connected CMS
  • To send transactional emails (signup, blog notifications, password reset)
  • To improve our platform and content quality

We do not use your content or business data to train AI models. Your data is used solely to deliver the Service to you.

3. Third-Party Services

We use the following third-party services to operate the platform:

  • Large Language Models (LLMs): We use third-party LLM providers for blog content generation, featured image generation, keyword analysis, and category matching. Your business context is sent to these providers for processing. We select providers whose API terms prohibit using your data to train their models.
  • Supabase: Database hosting, authentication, and file storage.
  • Resend: Transactional email delivery.
  • Dodo Payments: Payment processing as Merchant of Record. Dodo handles all billing data and global tax compliance.

4. Data Security

CMS credentials are encrypted using AES-256-GCM before storage. All data is transmitted over HTTPS. We follow industry-standard security practices to protect your information.

5. Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data
  • Withdraw consent at any time

To exercise these rights, email us at nimit@oneblogaday.com.

6. Cookies

We use essential cookies for authentication (session tokens). We do not use tracking cookies or third-party advertising cookies.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where required by law.

8. California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell your data)
  • Not be discriminated against for exercising your rights

To make a CCPA request, email nimit@oneblogaday.com.

9. European Residents (GDPR)

If you are in the European Economic Area, you have additional rights under GDPR including the right to data portability, the right to restrict processing, and the right to lodge a complaint with a supervisory authority. Our lawful basis for processing is your consent and the performance of our contract with you.

10. Governing Law

This Privacy Policy is governed by the laws of India. Any disputes shall be subject to the exclusive jurisdiction of the courts in Mumbai, India.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email.

12. Contact

For questions about this Privacy Policy, contact us at nimit@oneblogaday.com.