This policy explains what personal data Lacudelph collects, why, how we use it, who we share it with, and the choices you have. Lacudelph is operated by Attius Digital Art, registered in Israel.
What we collect
From hosts (people with accounts):
- Email address, name (if you provide one), and authentication tokens (Auth.js / Resend magic links; optionally Google OAuth profile basics: name + email).
- Brief content you create — names, descriptions, objectives, audience descriptions, and any text you paste into the brief form or refinement chat.
- Your organisation membership and role.
- If you bring your own Anthropic API key (BYO-key tier only): the key, encrypted at rest with AES-256-GCM. We never log it in plaintext.
- Billing-related identifiers from our payments provider (Paddle): customer ID, subscription ID, billing-period dates. We do not see or store payment-instrument details.
From participants (people who take an interview):
- The interview transcript — every utterance you send and every host turn the conductor produces.
- Derived state: extraction snapshots, deployed meta-notices, the final takeaway artefact.
- If you choose to “claim” your reflection by signing in with your email at the end of an interview: your email address, used only to link the interview to a lightweight participant account so you can revisit your reflections.
- IP address, used only for rate-limiting and abuse prevention. We don’t store your IP after the rate-limit window expires (currently 1 hour).
Why we collect it
- To provide the Service: render the dashboard, generate brief templates, run interviews, send takeaway artefacts, persist your work between visits.
- To bill subscribers and apply per-organisation usage caps.
- To prevent abuse (rate limits, daily spend caps).
- To send transactional email (magic-link sign-in, takeaway delivery, billing receipts).
We do not: sell personal data, send marketing email you didn’t ask for, build advertising profiles, or use Your Content to train any general-purpose model.
Third parties
Data flows through these providers only as needed to operate the Service:
- Vercel (US/EU regions) — application hosting and serverless functions.
- Neon (US-East) — managed Postgres database; stores user accounts, briefs, interview transcripts, organisation data, billing-mirror state.
- Resend (US) — transactional email delivery for magic-link sign-in and account communications.
- Anthropic (US) — large language model provider for the conductor, meta-noticing, and takeaway generation. Interview content is sent to Anthropic’s API to produce the next host turn or final takeaway.
- Vercel AI Gateway — request-routing layer in front of LLM providers; sees the same content as the underlying provider.
- Paddle (UK; Merchant of Record) — payment processing and tax handling.
- Google (only if you sign in with Google OAuth) — receives the redirect and returns your basic profile (name + email).
Each provider has its own privacy policy; we’ve chosen providers that contractually commit not to use your data for their own model training or advertising. The baseline Data Processing Addendum lists each sub-processor + region.
Cookies and local storage
We use a single first-party session cookie set by Auth.js (“authjs.session-token”) to keep you signed in, and a short-lived per-interview cookie (“lx_int_…”) that lets your browser submit answers to the interview you started. For visit-volume measurement on the public surface (home, pricing, vertical landing pages) we use Vercel Analytics in cookieless mode — no advertising cookies, no third-party tracker cookies, and no profile attached to you. If we ever add cookie-based product analytics, we’ll update this page and add a banner where required.
Your rights
Wherever you live, you can:
- Access your data — request a copy via the contact details below.
- Correct inaccurate data via your dashboard or by contacting us.
- Delete your account; this cascades-deletes your briefs, interviews, transcripts, takeaways, organisation memberships, and llm-call telemetry. Some logs (e.g. billing records required for tax compliance) may be retained as required by law.
- Export your briefs and takeaways via the dashboard (transcript download forthcoming).
- Object to processing based on legitimate interest, where applicable under GDPR.
- Withdraw consent at any time without affecting prior lawful processing.
Under the EU GDPR, you have the right to lodge a complaint with your local data-protection authority. Under the Israeli Privacy Protection Law, you can complain to the Privacy Protection Authority.
Data retention
We retain interview content for as long as the host organisation’s account exists. You can delete individual briefs (and all associated interviews + transcripts) at any time. Deleting your account triggers cascade deletion within 30 days. We retain billing records as required by Israeli tax law (currently up to 7 years for invoices).
Security
Connections to Lacudelph use HTTPS. Database access is authenticated with a connection-string secret rotated as needed. BYO Anthropic keys are encrypted at rest with AES-256-GCM, keyed off a server-side secret distinct from the session-signing key. Session cookies are HttpOnly + Secure. Rate limits and per-organisation daily spend caps protect against runaway usage.
No system is impenetrable; if we discover a security incident affecting your data, we’ll notify you without undue delay and within any timeframe required by applicable law.
International transfers
We’re a small Israeli company using US- and EU-hosted providers. Data may be transferred to the US, EU, and UK as part of the Service. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.
Changes to this policy
Material changes will be announced by email to the account owner and posted at this URL with a new “Last updated” date.
Contact
For privacy-related questions or to exercise any of the rights above, get in touch. We’ll respond within 30 days.