L
Constavita

Privacy Policy

Last updated: January 2025

1. Who We Are

Constavita (“we”, “our”, “us”) operates the Constavita platform at constavita.app. We provide AI-powered self-reflection tools for educational purposes. References to “you” refer to users of our platform.

2. Information We Collect

We collect the following categories of information:

  • Account information: Name, email address, hashed password.
  • Profile data: Age range, work type, goals, and lifestyle preferences you provide during onboarding.
  • Calculator inputs and scores: The values you enter into our calculators and the resulting educational index scores.
  • AI interaction data: Prompts sent to and responses received from our AI system Logos.
  • Payment information: Processed securely by Stripe. We do not store full card numbers.
  • Usage data: Pages visited, features used, session timing — collected for product improvement.
  • Technical data: IP address, browser type, device type.

3. How We Use Your Information

  • Provide, operate, and improve the Constavita platform.
  • Generate personalized educational insights and AI reflections.
  • Process subscription payments via Stripe.
  • Send essential account and security notifications (no unsolicited marketing without consent).
  • Comply with legal obligations.

4. Data Sharing

We do not sell your personal data. We share data only with:

  • OpenAI: To generate AI reflections (your anonymized scores are sent, never your name/email).
  • Stripe: To process payments.
  • Infrastructure providers: Vercel (hosting), Neon/Supabase (database) — subject to their privacy policies.
  • Law enforcement: When required by valid legal process.

5. Data Retention

We retain your account data for as long as your account is active. Calculator results and AI reflections are stored indefinitely to power your trend analytics, unless you delete them. You may request deletion of all your data at any time via Settings → Data & Privacy.

6. Security

We use industry-standard security: passwords are hashed with bcrypt, sessions use HTTP-only cookies with JWT encryption, all data is transmitted over HTTPS, and databases are encrypted at rest. No system is 100% secure; please use a strong unique password.

7. Cookies

We use a single essential session cookie (HTTP-only) for authentication. We do not use advertising or tracking cookies. No third-party analytics cookies are set.

8. Your Rights

You have the right to access, correct, export, or delete your personal data. See our GDPR Rights page for full details.

9. Contact

For privacy inquiries, contact us at privacy@constavita.app.