We collect your email address (for authentication), the content you create in the platform (conversations, notes, sources, identity documents), and usage data (token counts, API costs, session timestamps). We do not collect payment card data directly — that is handled by Paddle.
Your content is processed server-side to generate AI responses, create embeddings for semantic search, and produce session protocols. We use usage data to calculate billing and monitor platform health. We do not sell your data, share it with third parties for advertising, or use it to train AI models.
We use Anthropic (AI responses), Voyage AI (embeddings), Supabase (database and authentication), Paddle (billing), and Railway (hosting). Each processes data only as needed to provide their service. Anthropic's data retention policy applies to API calls made through our platform — we do not opt in to training data use.
Your data is stored in Supabase (PostgreSQL) with row-level security — only you can read your data. Data is stored in the EU (Supabase default region). API keys you provide are encrypted at rest using AES-256-GCM before storage.
You can delete your account and all associated data at any time from Settings → Delete account. Deletion is permanent and immediate. Backups may retain data for up to 7 days before being overwritten.
We use localStorage to store your session token and preferences. We do not use third-party analytics, tracking pixels, or advertising cookies.
Questions or data requests: [email protected]
This policy may be updated. We will note the effective date at the top.