Privacy Policy

This Privacy Policy explains how chapter3five (“chapter3five”, “we”, “us”) collects, uses, shares, and protects information about you. It applies to the chapter3five website and any related services (collectively, the “Service”).

chapter3five is intended for users who are at least eighteen (18) years of age. We do not knowingly collect personal information from minors.

We collect the following categories of information:

• Account information. Email address and password (hashed) you provide on signup. Optionally, your name and language preference.
• Your archive content. The text answers you record, the oracle name you choose, and the mode (real or randomized) you select.
• Conversation content. Messages you send to and receive from your archive’s conversational interface.
• Usage and device data. Pages viewed, actions taken, IP address, device and browser type, approximate location, and timestamps. We may use cookies and similar technologies (see our Cookie Policy).
• Payment information, if you make a purchase. Card data is handled by our payment processor; we do not store full card numbers.
• Communications you send us, including support requests and feedback.

• To provide, operate, and maintain the Service.
• To create and serve responses from the conversational interface, grounded in your archive.
• To authenticate accounts, prevent fraud, and protect the security of the Service.
• To communicate with you about your account, the Service, and updates.
• To improve the Service through aggregated, de-identified analytics.
• To comply with legal obligations and enforce our Terms.

We do not sell your personal information. We do not use your archive content to train third-party general-purpose AI models.

We share information only with vetted service providers who help us operate the Service, under contractual confidentiality and data protection obligations. These currently include:

• Supabase — database, authentication, file storage.
• Anthropic — generation of conversational responses based on your archive content. Anthropic processes content under its own data protection commitments and does not use API content to train its models by default.
• Resend — transactional email delivery.
• Vercel — application hosting and content delivery.
• Stripe (when applicable) — payment processing.

You may grant access to your archive to specific people you designate. We share archive content with those people under the permissions you set. We are not responsible for what authorized recipients do with content you share with them.

We may disclose information if required by law or legal process, to protect the rights, property, or safety of chapter3five, our users, or others, or in connection with a corporate transaction (with notice to users where practicable).

Information may be processed in the United States and other countries that may have different data protection laws than your jurisdiction. We rely on appropriate safeguards (such as Standard Contractual Clauses) where required.

We retain your information for as long as your account is active or as needed to provide the Service, and as required to comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion at any time (see Section 9).

Subject to your jurisdiction, you may have the right to access, correct, port, or delete your personal information; to restrict or object to certain processing; and to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact privacy@chapter3five.app. We will respond within the timeframes required by applicable law.

California residents (CCPA/CPRA). You have the right to know what personal information we collect; to access and delete it; to correct inaccurate information; to opt out of any sale or sharing of personal information (we do not sell or share); and to be free from retaliation for exercising these rights.

EU/UK residents (GDPR/UK GDPR). Our lawful bases for processing are: contractual necessity (to provide the Service), legitimate interests (security, improvement, fraud prevention), consent (where applicable, e.g., optional analytics cookies), and legal obligations.

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. Database access is restricted via row-level security; passwords are hashed; transport is encrypted (TLS). No system is impenetrable, and we cannot guarantee absolute security.

The Service is for users 18 and older. We do not knowingly collect information from children under 18. If you believe we may have collected information from a child, contact privacy@chapter3five.app and we will delete it.

chapter3five is designed so that an archive may persist after the person who created it has died. We will, prior to general availability, publish a clear successor designation process and procedures for verifying identity. By using the Service, you agree we may take reasonable measures to verify a successor before granting access, and that we may delete inactive archives after a notice period.

We may update this Policy from time to time. Material changes will be announced via the Service or by email. The “Last updated” date above reflects the most recent revision.

For privacy questions, requests, or complaints, contact privacy@chapter3five.app.