Privacy Policy

StackMan ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform at stackos.vercel.app (the "Service").

1. Information We Collect

Account Information: When you register, we collect your name, email address, and profile information. If you sign in via Google, we receive your name, email, and profile picture from Google.

Self-Assessment Data: Wheel of Life scores, daily check-ins, habit tracking data, and other self-reported information you enter into the platform.

AI Coaching Conversations: Messages exchanged with the AI coach are stored to provide personalized coaching, maintain conversation history, and extract coaching insights (memories) to improve future sessions.

Community Content: Posts, comments, and messages you share in community and brotherhood features.

Payment Information: Payments are processed by Stripe. We do not store your credit card details. We receive subscription status, plan type, and billing history from Stripe.

Usage Data: We may collect device type, browser, IP address, and usage patterns to improve the Service.

2. How We Use Your Information

• Provide, maintain, and improve the Service
• Personalize your AI coaching experience using your scores, habits, and conversation history
• Match you with accountability partners (Brotherhood feature)
• Process payments and manage subscriptions
• Send transactional emails (check-in reminders, streak alerts, account updates)
• Enforce our Terms of Service and prevent abuse
• Generate anonymized, aggregated analytics to improve our product

3. AI Data Processing

Your AI coaching conversations are sent to OpenAI for processing. OpenAI processes the data according to their API data usage policy — API inputs and outputs are not used to train their models. We extract and store key coaching insights ("memories") from your conversations to personalize future coaching sessions. You can request deletion of this data at any time.

4. Data Sharing

We do not sell your personal data. We share data only with:

• Supabase: Database hosting and authentication
• OpenAI: AI coaching message processing
• Stripe: Payment processing
• Resend: Transactional email delivery
• Vercel: Application hosting

We may disclose data if required by law or to protect our rights and safety.

5. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) hosted in the EU (eu-west-1). We implement row-level security, input validation, rate limiting, and encryption in transit (HTTPS/TLS). While we take reasonable measures to protect your data, no system is 100% secure.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law. Anonymized, aggregated data may be retained indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Withdraw consent for data processing
• Object to certain types of processing

To exercise these rights, contact us at support@stackman.app.

8. Cookies

We use essential cookies for authentication and session management. We use localStorage to store your theme preference. We do not use third-party tracking cookies or advertising cookies.

9. Children

StackMan is not intended for users under 18 years of age. We do not knowingly collect data from minors. If we learn that we have collected data from a minor, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service constitutes acceptance of the updated policy.

11. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at support@stackman.app.