Privacy Policy

Effective: May 28, 2026

What we collect

When you sign in, we store:

  • Your email address.
  • Your name, if you give it to us or if it comes through a Google sign-in.
  • A record of when you signed in and when you last signed in.

When you use the chat, we store:

  • The text of your messages and the assistant's replies, so the conversation persists and so we can enforce your monthly usage quota.
  • A count of how many messages you've sent this billing period.
  • The model and interceptor you selected (for display in the conversation).

When you subscribe to a paid plan, we store:

  • Your Stripe customer ID and a reference to your active subscription.
  • The last four digits of your card and the card type (provided by Stripe; we never see the full card number).

We do not collect:

  • IP addresses or device fingerprints beyond what's strictly needed for the session.
  • Anything from third-party social networks beyond what Google sign-in returns (your name and email).

If you accept analytics or advertising cookies (see Cookies below), some third-party services receive limited browsing-behavior data. You can reject these at any time.

Cookies

We use cookies in three categories. You're shown a consent banner on your first visit and can change your choices anytime from the "Cookies" link in the footer.

Strictly necessary (always on):

  • A session cookie that keeps you signed in.
  • A CSRF token cookie that prevents request forgery.
  • A consent cookie that remembers your cookie preferences.

Analytics (off by default — only set if you accept):

  • Google Analytics 4 — aggregated usage metrics (pages visited, session duration). Provided by Google.
  • Microsoft Clarity — session replays and heatmaps to help us see where the UI is confusing. Provided by Microsoft.

Advertising (off by default — only set if you accept):

  • Meta Pixel — measures the effectiveness of ads we run on Meta platforms. Provided by Meta.
  • Google Ads — measures the effectiveness of ads we run on Google. Provided by Google.

If you reject the optional categories (or your browser sends a Global Privacy Control signal), none of the analytics or advertising scripts load.

When you visit a Stripe page (Checkout, Customer Portal), Stripe sets its own cookies on its own domain — see Stripe's privacy policy for that.

How we use it

  • To run the service: store your conversations, check your quota, take your payments, send sign-in links.
  • To improve the service: aggregated metrics about usage patterns (e.g., "X% of users use the Reasoning interceptor"). Never tied to identifiable users.
  • To respond to you if you contact us.

When you paste a URL

If your message contains a URL, our server fetches the page on your behalf and includes the extracted text alongside your prompt so the model can read it. The target site's logs will see our server's IP, not yours. We don't store the fetched content beyond the request itself.

When you use the Web interceptor

The Web interceptor is off by default. When you select it, the model gains two tools: a web search tool and a URL fetch tool. Two extra things happen when those tools fire on a turn:

  • Search queries are sent to a third-party search provider (currently Brave Search). They process the query to return results and don't retain it for training. The query may contain content from your prompt.
  • URL fetches behave exactly like pasted URLs above — our server fetches on your behalf, target sites see our IP not yours.

Each search and fetch is visible in your message bubble as a badge, so you can see exactly what was looked up. Search results and fetched content are used only to generate the reply and are not persisted.

If you want a fully offline chat, don't select the Web interceptor.

What we don't do with your data

We do not train any AI model on your conversations. Not ours, not anyone else's. Your messages are not used as training data.

We don't sell, rent, or share your personal data with anyone for marketing purposes.

Who sees your data

Your conversation text passes through one third-party model-inference provider on its way to the model and back (currently Fireworks AI; this may change as we evolve our infrastructure). They process the data to generate the response and don't retain it for training. We pick providers with this commitment.

If you select the Web interceptor, a third-party search provider (currently Brave Search) sees your search queries on the turns where the model decides to search. See "When you use the Web interceptor" below.

We use Stripe for billing. Stripe sees your name, email, and payment information.

We use a transactional email service for sign-in links and account emails. That provider sees your email address.

If you accept analytics cookies, Google and Microsoft receive aggregated usage metrics and session replays of your interactions with our site. If you accept advertising cookies, Meta and Google receive information about your visits that helps us measure ad performance — including, for Google, a hashed copy of your email when you complete a purchase, used only to match the conversion back to an ad click. None of these receive the content of your chat conversations.

We don't share your data with anyone else.

Where your data lives

Our servers are hosted in the European Union. Stripe and the model providers may process your data in other jurisdictions; see their privacy policies for specifics.

How long we keep it

  • Conversations: kept while your account is active. You can discard a conversation manually at any time.
  • Account record: kept while your account is active. If you delete your account, the record and your conversations are deleted within 30 days.
  • Billing record: we keep Stripe-related records as long as legally required (typically 7 years for tax purposes), independent of your account.

Your rights

You can:

  • Sign in and see, save, or discard your conversations.
  • Cancel your subscription via the Account page (Stripe Customer Portal).
  • Ask us to delete your account. We'll do it within 30 days, except for billing records we're legally required to keep.
  • Ask us what data we have on you, and we'll send it.

Email us for any of these.

Security

We use industry-standard encryption in transit (HTTPS) and AES-256 at rest. Your password isn't stored — we use magic links and OAuth. Anyone who gets your sign-in email could sign in once, so don't forward it.

Changes

If we materially change this policy, we'll notify active subscribers by email and update the effective date at the top.

Contact

Berges Institute SLU For questions about these terms, email dan@bergesinstitute.com.