Privacy Policy

Last updated: April 11, 2026

1. Information We Collect

Account information: Email address and name (provided at purchase). We use magic link authentication — we do not store passwords.

Payment information: Processed by Lemon Squeezy and Stripe. We never see or store your full card number.

Usage data: Lesson progress, checklist completion, and platform interactions to track your sprint progress.

Analytics: We use PostHog for product analytics. Session recordings mask all input fields. We respect Do Not Track headers.

2. How We Use Your Information

We use your information to:

• Provide access to the course platform and track your progress
• Send transactional emails (welcome sequence, login links, certificate delivery)
• Process payments and refunds
• Track referral commissions
• Improve the product based on aggregate usage patterns

3. Data Storage

Your data is stored in Supabase (PostgreSQL) with row-level security policies. Data is encrypted in transit (TLS) and at rest. Our infrastructure is hosted on Vercel and Supabase cloud services.

4. Third-Party Services

We share data with these services solely to operate the platform:

• Supabase — Database and authentication
• Lemon Squeezy / Stripe — Payment processing
• Resend — Transactional email delivery
• PostHog — Product analytics (privacy-first, EU-hosted option available)
• Vercel — Application hosting

We do not sell your data to third parties. We do not use your data for advertising.

5. Cookies

We use essential cookies for authentication (session management) and a 30-day referral attribution cookie. PostHog uses a first-party cookie for analytics. You can disable non-essential cookies in your browser settings.

6. Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your account and data
• Export your data (lesson notes, progress, profile)
• Opt out of analytics tracking (we respect Do Not Track)

To exercise any of these rights, email hello@aisprintapp.com.

7. Data Retention

We retain your account data for as long as your account is active. If you request deletion, we remove your personal data within 30 days. Anonymized analytics data may be retained indefinitely.

8. Security

We implement industry-standard security measures including: encrypted connections (TLS), row-level database security, webhook signature verification, and secure authentication (magic links, no stored passwords).

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email.

10. Contact

For privacy questions or data requests, email hello@aisprintapp.com.