Legal

Privacy Policy

Last updated: May 30, 2026

The short version

We collect the minimum we need to run the product. We don't sell your data. We use AI providers to generate your deliverables — your intake answers are sent to them for that purpose only.

What we collect

  • Account info: email, name, display name, profile picture (via Google sign-in if you use it).
  • Your intake answers: the responses you give in Brand Compass, Identity Blueprint, and Empire Blueprint.
  • Your deliverables: the reports and blueprints we generate for you.
  • Companion data: check-ins, journal entries, content logs, offers, and sales you record.
  • Payment info: handled by Stripe — we never see your card details.
  • Basic analytics: pages visited, errors, performance metrics.

How we use it

  • To generate your deliverables and run the Companion Workspace.
  • To send transactional emails (purchase receipts, deliverable-ready notifications).
  • To improve the product (aggregated, never identifying you publicly).
  • To answer support requests.

AI processing

Your intake answers are sent to large language model providers (Google, OpenAI) for the sole purpose of generating your deliverables. These providers process the data under their own privacy terms and do not use it to train their general-purpose models for our API tier. We don't share your intake answers with anyone else.

Who we share with

Service providers acting on our behalf only:
  • Stripe — payment processing.
  • Supabase / Lovable Cloud — database and hosting.
  • Google, OpenAI — AI generation.
  • Email delivery providers — transactional emails.
We don't sell, rent, or trade your data.

Your rights

You can request a copy of your data, ask us to correct it, or ask us to delete it (subject to legal record-keeping requirements). Email hello@digitalproductoracle.com and we'll respond within 30 days.

Retention

We keep your account and deliverables as long as your account exists. Payment records are retained as required by tax and accounting law (typically 7 years). Delete your account and we remove your personal data within 30 days, except where we're legally required to retain it.

Security

Data is encrypted in transit and at rest. We use industry-standard practices, but no system is perfectly secure. If we ever have a breach affecting you, we'll notify you within the timeframes required by law.

Children

The Service isn't directed to anyone under 16. If you believe a child has provided us personal data, contact us and we'll delete it.

Changes

We may update this policy. Material changes will be noted on this page with a new “Last updated” date.

Contact

hello@digitalproductoracle.com