councly
Sign In

Privacy Policy

Last Updated: 12/6/2025

1. Information We Collect

We collect the following information:

  • Account information (email, authentication tokens via Clerk)
  • Hearing data (subjects, model configurations, verdicts)
  • API keys (encrypted with AES-256-GCM, if BYO mode)
  • Billing information (via Stripe, not stored directly)
  • Usage analytics (if opted in via PostHog)

2. Data Region

All data is stored in the EU (Frankfurt / Central Europe region) via Neon Postgres. We comply with GDPR requirements.

🇪🇺EU Data Region

3. How We Use Your Data

We use your data to:

  • Provide the Councly.ai service (hearings, reports)
  • Process payments via Stripe
  • Improve the service (aggregated, anonymized analytics)
  • Communicate important service updates

4. Data Retention

Hearing data is retained for 90 days by default. Users can:

  • Opt-out via "Do Not Store" (data deleted immediately after completion)
  • Delete individual hearings at any time
  • Request bulk deletion via support

5. Security

We implement industry-standard security:

  • API keys encrypted with AES-256-GCM (envelope encryption)
  • Keys decrypted only at call time, never logged
  • HTTPS enforced for all connections
  • Regular security audits

6. Share Links

Share links are:

  • Unlisted (not indexed by search engines)
  • Valid for 30 days from creation
  • Revocable by the hearing owner at any time
  • Do not expose user information or API keys

7. Third-Party Services

We use the following third-party services:

  • Clerk: Authentication (privacy policy: clerk.com/privacy)
  • Stripe: Payment processing (privacy policy: stripe.com/privacy)
  • Neon: Database hosting (EU region)
  • PostHog: Analytics (optional, opt-out available)
  • OpenAI, Anthropic, xAI: AI model providers (hosted mode)

8. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Rectify inaccurate data
  • Request data deletion
  • Export your data (JSON/Markdown)
  • Opt-out of analytics

To exercise these rights, contact us via support.

9. Cookies

We use essential cookies for authentication (via Clerk) and session management. Optional analytics cookies can be disabled via your browser settings.

10. Changes to This Policy

We may update this Privacy Policy. Changes will be posted on this page with an updated "Last Updated" date.

11. Contact

For privacy-related questions, please contact us via our support channels.