Privacy Policy

Last updated: December 2024

1. Introduction

c137 ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our AI assistant service.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the California Consumer Privacy Act (CCPA).

2. Data We Collect

We collect the following types of data:

  • Account Information: Email address, name, and authentication data provided through our authentication provider (Clerk).
  • Chat Content: Your questions, our AI responses, and any conversations you have with c137.
  • Documents: Any documents or text you upload or create within the service.
  • Memory Data: Compressed summaries of your conversations stored for context retrieval.
  • Usage Data: How you interact with the service, including feature usage and preferences.
  • Payment Information: Billing details processed securely through Stripe. We do not store your full card details.

3. How We Use Your Data

We use your data to:

  • Provide and improve the c137 AI assistant service
  • Process your questions through AI models to generate responses
  • Store and retrieve context to provide personalized assistance
  • Process payments and manage your subscription
  • Send important service updates and notifications
  • Detect and prevent fraud or abuse

4. Third-Party Services

We use the following third-party services to operate c137:

  • Clerk: Authentication and user management
  • Neon: PostgreSQL database hosting (encrypted at rest)
  • Qdrant: Vector database for semantic search
  • xAI (Grok): AI model for generating responses
  • Groq: AI infrastructure for processing
  • OpenAI: Embedding generation for semantic search
  • Stripe: Payment processing
  • Vercel: Application hosting

Each service has its own privacy policy. Your data is transmitted securely using SSL/TLS encryption.

5. Data Retention

We retain your data according to the following policies:

  • Active subscribers: Data retained indefinitely while subscription is active
  • Free trial users (never subscribed): Data automatically deleted 14 days after trial expiry
  • Cancelled subscribers: Data automatically deleted 30 days after subscription ends
  • Manual deletion: Immediate deletion upon request through account settings

6. Your Rights

Under UK GDPR and CCPA, you have the following rights:

  • Right to Access: Request a copy of your data via the "Download Data" feature in account settings
  • Right to Rectification: Update your personal information in account settings
  • Right to Erasure: Delete your data or account via account settings
  • Right to Data Portability: Export your data in JSON format
  • Right to Object: Contact us to object to data processing

7. Security

We implement industry-standard security measures to protect your data:

  • All data transmitted over SSL/TLS encryption
  • Database encryption at rest (Neon PostgreSQL)
  • Secure authentication via Clerk
  • Regular security audits and updates

8. Cookies

We only use essential cookies required for the service to function:

  • Authentication cookies: To keep you signed in (Clerk)
  • Payment session cookies: To process payments (Stripe)

We do not use any tracking, analytics, or marketing cookies.

9. Children's Privacy

c137 is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: support@c137.ai

Terms of ServiceHome