Skip to main content

Privacy Policy

Last updated: 2026-05-08

Summary

Claudemy.org is a non-profit education project. No ads, no selling of personal data. Reading lessons does not require an account. If you create an account (to track progress and rate lessons), we collect the minimum data needed for those features to work.

1. Data we collect

Anonymous visitors

  • Google Analytics 4: aggregate metrics (page view, session, country-level region). IP anonymized by default. Default-denied until you accept via the cookie banner.
  • Local reading progress: stored in browser localStorage (namespace `claudemy:anon:*`), never sent to a server.

Account holders

  • Email address (required — for magic-link sign-in and account-related contact).
  • Display name + avatar (only when signing in with Google OAuth — provided by Google).
  • Preferred locale (`locale_pref`) so emails come in the right language.
  • Per-lesson progress (lesson_id, reading/completed status, timestamps).
  • Per-lesson 👍 ratings (lesson_id, timestamp).
  • Authentication audit log (sign-in / sign-out / delete events, IP, user agent), retained 90 days for abuse detection.

We do NOT collect: session-level reading history, phone numbers, addresses, exact dates of birth, payment-card data (the product is free, no payments).

2. Why we collect it

  • Secure sign-in (magic link / OAuth).
  • Sync learning progress across devices.
  • Show community signal (count of "found this helpful") — only displayed once the lesson reaches ≥ 5 ratings, protecting individual privacy.
  • Detect and prevent abuse (rate limiting, audit log).

3. Where it is stored

  • Cloudflare D1 (managed SQLite) in the Asia-Pacific region (Hong Kong) — closest to our Asia-Pacific users.
  • Weekly backups exported to Cloudflare R2 in the same region, encrypted at rest, auto-pruned after 90 days.
  • Passwords are NOT stored (we do not use passwords). Magic-link tokens are one-time random strings, expire after 10 minutes.

4. Third parties (subprocessors)

  • Cloudflare infrastructure (Workers, D1, R2). EU SCC DPA applies.
  • Resend magic-link email delivery. Stores recipient address + email body (system templates) up to 30 days, then auto-purges. DPA signed.
  • Google OAuth only when you choose to sign in with Google. We receive: Google id, email, name, avatar. We do not request access tokens to other data.
  • Cloudflare Turnstile bot-protection CAPTCHA on the sign-in form. No biometrics, no cross-site tracking.
  • Google Analytics 4 only runs if you accept via the cookie banner. Default denied.

5. Retention

  • Active account data: kept until you request deletion.
  • On account deletion: email, name, avatar, and OAuth tokens are erased immediately from the database, and active sessions are revoked. Ratings are anonymized (de-linked from user_id) and retained as community signal. Deletion is currently irreversible; a grace-period mechanism is planned for a future release.
  • Audit log: 90 days.
  • D1 backups: 90 days.

6. Your rights

  • Access / Export download all your data as JSON from the Account page.
  • Correct update name, locale, avatar in account settings.
  • Delete remove your account completely from the account page (see section 5).
  • Complaint contact us (see section 9). You may also contact your local data protection authority.

7. Cookies

  • Necessary — Authentication (only when signed in): HttpOnly + Secure cookie that holds your session. No tracking. Cannot be disabled while signed in; sign-out clears it.
  • Analytics (optional): Google Analytics 4. Default denied. Opt-in via the banner.

8. Children

Account features are for users 16 years or older. By signing up you confirm you meet this age requirement (see Terms of Service). If we discover an account belongs to someone under 16, it will be deleted.

9. Contact

For any privacy inquiries: privacy@claudemy.org. We respond within 30 days.

10. Policy updates

For material changes we update the "Last updated" date above and email account holders a notice.

See Terms of Service →