Privacy Policy
Effective: 2026-07-09 · Last Updated: 2026-07-09
Inner Circle ("we", "us", "our") operates joininnercircle.net (the "Service"). This Privacy Policy describes how we collect, use, share, and protect your personal information.
By accessing or using the Service, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Information you provide directly
| Category | When collected | Purpose |
|---|---|---|
| Email address | Signup, magic-link auth, support, free trial | Account identity, member communication, magic-link delivery |
| Full name | Stripe Checkout | Receipt, member display, support |
| Payment information (card last 4, brand, country) | Stripe Checkout | Tokenized via Stripe. We never see or store full card numbers. |
| Onboarding intake (7 questions) | First-time login | Personalize the GameBoy AI drafting tool. Stored in your member profile, scoped to your user ID via Postgres Row-Level Security. |
| Community messages | When you post | Visible to other paid members of your tier. |
| Quiz answers (per module) | When you submit a quiz | Track which modules you have passed. We do not analyze quiz answers for any purpose other than pass/fail unlocking. |
| GameBoy drafting input (paid members) | Per drafting request | Sent to our AI provider to generate reply drafts. Audit-logged for up to 90 days for safety and chargeback evidence, then auto-purged by a scheduled job. We do not use paid-member drafting inputs to train any AI model. |
1.2 Free-trial messages (sensitive content)
When you use the free trial of the GameBoy drafting tool before creating a paid account, you paste the message you received and any context you add. We process that text to generate a reply draft, and we store the text you submit, in encrypted form, together with the drafts we generate.
- What is stored: the message you paste, any context you provide, the conversation history you include, and the drafts we return. These fields are encrypted at rest. Because these messages can describe your dating and personal life, we treat them as sensitive information.
- Why we store it: to operate and abuse-protect the trial, and to study and improve the quality of the drafting tool. Internally these records are used as a product-improvement and training dataset for our own Service. We do not sell them and we do not hand them to third-party advertisers.
- Consent and age: before your first free draft, we show a notice and ask you to confirm you are 18 or older and agree to this collection. If you do not agree, do not use the trial.
- Your choices: you can ask us to delete your trial records by emailing [email protected] with subject "trial deletion request". See §8 for retention.
This is different from the paid GameBoy drafting tool described in §1.1, where drafting inputs are kept only in a short-lived audit log and are not used to train any model.
1.3 Information collected automatically
| Category | Purpose & handling |
|---|---|
| IP address (full) | Recorded for abuse detection, rate limiting, geo-enforcement, and as part of our consent/compliance audit trail. When collected with an account action, the IP address is associated with your member/account identity and retained as part of that record (see §8). We do not truncate or anonymize it. |
| Device identifier & device fingerprint | A client-generated device ID (a random identifier stored in your browser) and a device fingerprint are used to enforce free-trial limits and prevent trial abuse (for example, resetting the free-draft cap by clearing storage). They are not used for cross-site advertising. |
| User-agent string | Browser/device debugging and the consent audit trail. |
Cloudflare bot-management cookie (__cf_bm) | Set by Cloudflare. Required for Service operation and security. |
| Supabase auth token | Holds your session JWT (about 1 hour expiry, auto-refreshed). Cleared on sign-out. |
| Trial / consent state (browser storage) | Local storage flags that remember your trial state and that you accepted the notice, so we do not re-prompt you. Domain-scoped. |
1.4 Information we do NOT collect
- We do not run third-party advertising or cross-site tracking tags (no Google Analytics, Meta Pixel, or TikTok Pixel) on our pages.
- We do not run any third-party session-recording or session-replay tool. (A dormant session-recording script that was previously present has been removed from the Service.)
- We do not record video or audio sessions outside of explicitly disclosed 1-on-1 calls.
- We do not sell or rent your personal information to anyone.
2. How We Use Your Information
- Provide the Service (auth, content access, billing, support)
- Generate AI reply drafts via our AI provider
- Operate and improve the free trial, including studying trial messages (encrypted, see §1.2) to improve the drafting tool
- Enforce trial limits, detect abuse, and secure the Service (device identifier/fingerprint, IP, rate limiting)
- Record your consent and age confirmation for compliance (with IP and user-agent as the audit trail)
- Send transactional emails (welcome, expiry reminders, dunning) and, if you opt in, marketing emails
- Comply with tax and financial-record retention requirements
3. Sharing With Third Parties
We share your data only with these processors, only for the purposes listed:
| Processor | Data shared | Purpose |
|---|---|---|
| Stripe | Email, name, billing address, card token | Payment processing, refunds, chargeback defense |
| Supabase | Service data (encrypted where noted) | Database, auth, Realtime chat |
| Cloudflare (Pages, Workers, KV) | Request metadata, IP, JWT in transit | Application hosting, edge security, caching, and privacy-preserving aggregate traffic analytics (see below) |
| Resend | Email address, email body | Transactional and (opt-in) marketing email delivery |
| OpenRouter / Anthropic / Google | GameBoy drafting input, system prompt | AI reply generation. Our AI providers are contractually committed not to train on API inputs. |
| Cloudflare Stream | Video playback metadata | Tier-gated video streaming |
Cloudflare analytics. Cloudflare, our hosting and edge-security provider, may collect aggregate, cookieless traffic and performance metrics (Cloudflare Web Analytics / Insights) as part of hosting the Service. This analytics is privacy-preserving: it does not use advertising cookies, does not build a cross-site profile of you, and does not record your screen. We do not use it to identify individuals.
We do not share your data with advertising networks, data brokers, or third-party advertising analytics providers, and we do not sell or "share" your personal information as those terms are defined under California law (see §7).
4. Data Security
- All data in transit is encrypted via TLS 1.2+.
- The database is encrypted at rest (AES-256).
- Sensitive free-trial message content and stored conversation content are additionally encrypted at the application layer before storage.
- Service-role keys are stored as encrypted secrets in our hosting environment.
- Member data is read/write-restricted via Postgres Row-Level Security policies. By default a member can read/write only their own row.
- Admin actions are audit-logged with reason and timestamp.
If a breach affects your data, we will notify you within 72 hours of confirmation by email to your account email.
5. Cookies & Local Storage
We use only essential cookies and browser storage. We do not use non-essential advertising or cross-site tracking cookies, so we do not display a cookie consent banner.
- Security cookies set by Cloudflare (for example
__cf_bm) protect the Service against bots and abuse. - Authentication storage holds your session token so you stay signed in. It is cleared on sign-out.
- Local storage remembers your free-trial state, your device identifier used for trial limits, and that you accepted our notices, so we do not repeat prompts.
You can clear cookies and local storage in your browser at any time; doing so may sign you out and reset UI preferences.
6. Your Rights & Choices
Depending on where you live, you may have some or all of the following rights. We honor these requests regardless of your state of residence where practical.
| Right | How to exercise |
|---|---|
| Know / access - request a copy of your data | Email [email protected] with subject "data access request" |
| Correct - fix inaccurate data | Edit your profile in the Member Area, or email us |
| Delete - request erasure (including trial messages) | Email with subject "deletion request". See §8 for what is deleted vs. retained for legal compliance. |
| Portability - receive your data in a machine-readable format | Email request; we deliver JSON within 30 days |
| Limit use of sensitive information | Email with subject "limit sensitive data". You may ask us to stop using your free-trial message content for product improvement. |
| Opt out of marketing emails | Use the unsubscribe link in any marketing email. Transactional emails (receipts, expiry notices) continue while you are an active member. |
Global Privacy Control and universal opt-out signals. If your browser or a browser extension sends a Global Privacy Control (GPC) or similar universal opt-out signal, we treat it as a valid request to opt out of any "sale" or "sharing" of personal information and to limit the use of sensitive information, to the extent required by law. Because we do not sell or share personal information, there is nothing to opt out of, but we honor the signal as a standing preference.
Financial-incentive notice. Our free trial lets you use the drafting tool in exchange for your email address and (optionally) your continued interest. This is a limited value exchange. It is reasonably related to the value of the data provided, you are not required to participate, and you may stop at any time. It does not otherwise affect the price or level of any paid product.
How we verify and respond. We respond to verified requests within 45 days (extendable once by 45 days where the law allows). We may ask you to confirm your identity using the email on file. You may use an authorized agent where the law permits.
Right to appeal. If we deny your privacy request, you may appeal by replying to our decision or emailing [email protected] with subject "privacy appeal". We will review the appeal and respond in writing, generally within 45 days, explaining our decision. Where your state's Attorney General provides a complaint channel, we will also tell you how to contact them.
7. California Privacy Rights (CCPA/CPRA)
This section applies to California residents and reflects the California Consumer Privacy Act as amended by the CPRA.
Do Not Sell or Share My Personal Information. We do not sell your personal information, and we do not "share" it for cross-context behavioral advertising, as those terms are defined under California law. Because we do not sell or share, there is no separate "Do Not Sell or Share" opt-out to submit; if that ever changes, we will provide a clear opt-out link and update this policy first.
Sensitive personal information. Free-trial message content (§1.2) may reveal details about your personal life and is treated as sensitive. We use it only to provide and improve the Service, never to infer characteristics for advertising. You have the right to limit our use of sensitive information (see §6).
As a California resident you have the right to know what we collect, to access and receive a copy, to correct inaccuracies, to delete your information, to limit the use of sensitive information, and to not be discriminated against for exercising these rights. Exercise them through the channels in §6, including the appeal path. The categories of personal information we collect, our purposes, and the processors we disclose to are listed in §1 and §3.
8. Data Retention & Deletion
- Active members: account data is retained while your account is active.
- Free-trial messages: the encrypted trial content described in §1.2 is retained to operate and improve the Service. You can request its deletion at any time (subject "trial deletion request"), and we delete it within 30 days of a verified request unless we must keep a limited record to defend against abuse or for legal reasons.
- IP and consent audit records: the IP address, user-agent, and consent/age records tied to your account are retained as part of our compliance and abuse-defense audit trail. They are associated with your account identity and kept for as long as needed for those purposes.
- Paid GameBoy drafting audit log: auto-purged at 90 days.
- Cancelled accounts: coaching access ends per the bifurcated entitlement model; lifetime content access is preserved unless you request deletion. We retain your member row and email for tax/financial-record purposes.
- On deletion request: within 30 days we delete your profile, community messages, module progress, trial content, and drafting audit log. We retain financial records (purchases, refunds, admin actions) and the minimum compliance records required by law (typically up to 7 years).
9. Children's Privacy
The Service is not directed to and may not be used by anyone under 18. We do not knowingly collect personal information from anyone under 18, and the free trial requires an 18+ confirmation before the first draft. If we learn we have collected data from a person under 18, we will delete it promptly.
10. International Users & Geo-Blocking
The Service is currently not available to residents of the European Union, United Kingdom, Switzerland, or other countries with comparable data-protection regimes (GDPR, UK GDPR, Swiss FADP). This restriction is enforced by an IP-based geo-block on our checkout and free-trial endpoints, not merely stated.
If you are outside those regions, your data is stored on infrastructure with US data centers as primary. By using the Service, you consent to the transfer of your data to the US.
11. Changes to This Policy
We will notify you by email at least 30 days before any material change to this Privacy Policy takes effect. Continued use of the Service after the effective date constitutes acceptance.
12. Contact
Inner Circle
[Address — pending LLC/PO Box] [COUNSEL]
[email protected]
This Privacy Policy is current as of the date above. We are continuing to refine it with legal counsel; substantive changes will be emailed to active members at least 30 days before they take effect. Questions about this policy can be sent to the email address above.