Privacy Policy
Privacy Policy (Draft)
Information we process
Account data (your email and authentication state); content you submit (AI conversations you paste, and Council questions, context, and answers); payment metadata (product, amount, status — never card numbers or full payment payloads); email metadata; and safe operational metadata.
Account data
We use your email to sign you in (via a one-time link) and to tie records to your account. We do not sell your data.
User-submitted AI conversations
Conversations you keep are encrypted at rest and scoped to your account. We use them only to provide the service to you.
Council questions and answers
Council content (your question, context, the independent answers, your selections, and the synthesis) is encrypted and private to your account.
Payment metadata
When purchasing is enabled, we store only safe billing metadata (product, integer amount, currency, status, date). We never store card numbers or sensitive payment-method details.
Email metadata
Transactional emails contain no private questions, answers, or decisions — only safe notices and links. In local/test operation, email is captured locally and not sent externally.
Operational metadata
Logs, metrics, and diagnostics use safe metadata and exclude your private content.
Local/test vs production
This build operates locally with deterministic mock AI providers, test-mode billing simulation, and local email capture. Production behavior (real providers, live billing, external email, managed keys) remains disabled and is gated pending review.
Service providers
We use an authentication and database provider to operate the service. When real AI providers are enabled, selected content may be sent to them; their retention terms are reviewed before that happens.
Retention and deletion
You can permanently delete any record at any time. Self-service full-account deletion is handled as a reviewed request (see Settings).
Support messages
If you contact us through the support form, we receive the email address you provide, the topic you choose, your message, any optional order or record reference, and — if you are signed in — your account email. Support messages are used only to respond to your request, are delivered as internal email to AnswerKeep support, and are not used for analytics. They are not end-to-end encrypted, so do not include passwords, card numbers, or other credentials.
Exports
You can export your records as text or JSON.
Security
Records are encrypted at rest and access is owner-scoped. This is not zero-knowledge: the authorized application server can decrypt records to provide the service. No system is risk-free.
Children
AnswerKeep is not directed to children.
International users
[Placeholder — to be completed with counsel.]
Changes to this policy
We will update this draft as the product and its legal review progress.
Contact
Support and privacy questions go through the in-app support form. Formal legal contact details (including any legal entity and mailing address) have not been established and will be added after counsel review — publishing them is a launch requirement, not something we will invent here.