Privacy Policy
Plain English: what we collect, why, who else sees it. No surprises.
1. What we collect
- Email address — for sign-in (magic link), account management, and essential account notifications.
- Profile data — your welding level, process, and goal, used to tailor AI responses to you.
- Chat messages and weld photos — what you submit to the AI tutor.
- Subscription / payment status — managed by Stripe; we store a customer ID and your current plan. We never see or store your card details.
- Basic usage logs — daily message counts (for free-tier limits) and server logs for debugging.
2. How we use it
Only to deliver and improve the Service:
- Authenticate you and remember your preferences.
- Send your messages and photos to our AI provider (Anthropic) to generate responses.
- Enforce free-tier limits and active subscription access.
- Send essential account emails (sign-in links, billing receipts, important changes).
3. Who else sees your data
We share data with these processors solely to operate the Service:
- Anthropic (Claude AI) — generates AI responses. Anthropic does not train its models on your messages by default. See Anthropic's privacy policy.
- Supabase — database and authentication. See Supabase privacy.
- Stripe — payment processing. Card data goes directly to Stripe, never to us. See Stripe privacy.
- Vercel — website hosting. See Vercel privacy.
We do not sell your data. We do not run ads. We do not share with marketers.
4. Cookies and tracking
We use a session cookie to keep you signed in. We do not use third-party tracking, analytics, or advertising cookies.
5. Data retention
- Account data: kept while your account is active.
- Chat history: kept so you can pick up where you left off; deleted when your account is deleted.
- Cancelled-subscription accounts: kept for 90 days after cancellation, then deleted unless you re-subscribe.
- Backup retention: up to 30 days in encrypted infrastructure backups.
6. Your rights
You can:
- Access your data — email us and we'll send you a copy.
- Delete your account and all associated data — email us at the address below.
- Correct any data — most fields are editable in the app, or email us.
- If you're in the EU/UK/California, you have additional rights under GDPR/UK GDPR/CCPA. We honor all of them — email us to exercise any.
7. Security
We use encryption in transit (HTTPS) and at rest, hosted infrastructure with industry-standard security practices, and minimum-necessary access controls. No system is perfect — if we ever discover a breach affecting your data, we'll notify you promptly.
8. Children
Arc-Ademia is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us data, contact us and we'll delete it.
9. Changes to this policy
We'll notify you of material changes by email or in-app notice.
10. Contact
Privacy questions or data requests? Email abel.marrero07@gmail.com.