Privacy Policy

ArchAI Academy ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit archaiacademy.com, create an account, enroll in a program, book a coaching session, or interact with us in any other way.

Please read this policy carefully. By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

2.1 Information You Provide Directly

• Account registration: Full name and email address when you create an account.
• Program enrollment: Name, email, and payment information (processed by Stripe — we never store your full card number).
• Session booking: Name, email, and your selected date/time preference.
• Contact forms: Name, email, phone number (optional), organization (optional), and your message.
• Newsletter subscription: Email address.

2.2 Information Collected Automatically

• Usage data: Pages visited, time spent on pages, links clicked, and referring URLs.
• Device data: Browser type, operating system, IP address, and device identifiers.
• Cookies: We use strictly necessary cookies for authentication session management. See our Cookie section below.

2.3 Information from Third Parties

• Stripe: When you make a payment, Stripe provides us with a transaction ID, last four digits of your card, and billing confirmation. Stripe handles all payment data under its own privacy policy.
• Supabase: Our authentication and database provider. Auth tokens and session data are managed by Supabase.

We use the information we collect to:

• Create and manage your account and authenticate your identity
• Process program enrollments and coaching session bookings
• Send transactional emails (booking confirmations, enrollment confirmations, account verification)
• Send our newsletter if you have subscribed (you may unsubscribe at any time)
• Respond to your inquiries and provide customer support
• Improve our website, programs, and overall user experience
• Comply with legal obligations and enforce our Terms of Service
• Protect the security and integrity of our platform

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

If you are in the European Economic Area, our legal bases for processing your data are:

• Contract performance: Processing necessary to deliver the services you enrolled in.
• Legitimate interests: Improving our services, preventing fraud, and maintaining platform security.
• Consent: Newsletter subscriptions and non-essential communications (you can withdraw consent at any time).
• Legal obligation: Compliance with applicable laws and regulations.

We share data only in the following circumstances:

• Service providers: Stripe (payments), Supabase (auth/database), Vercel (hosting and infrastructure). Each operates under their own data protection agreements.
• Legal requirements: When required by law, court order, or government authority.
• Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate confidentiality protections.
• With your consent: Any other sharing only with your explicit permission.

We retain your personal data for as long as necessary to:

• Maintain your account and deliver services you have enrolled in
• Comply with legal, tax, and regulatory obligations (typically 7 years for financial records)
• Resolve disputes and enforce our agreements

If you delete your account, we remove your profile and personal data within 30 days, except where retention is required by law.

We use the following types of cookies:

• Strictly necessary: Authentication cookies that keep you signed in. These cannot be disabled without affecting the service.
• Functional: Remembering your preferences (e.g., selected date/time on the schedule page).

We do not use advertising or cross-site tracking cookies. You can manage cookies through your browser settings, but disabling strictly necessary cookies will prevent you from logging in to your account.

We protect your data using industry-leading security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, zero-trust network architecture, and automated key rotation. Our platform maintains a 99.99% uptime SLA with continuous threat monitoring. Details are available on our Platform page.

No method of transmission over the internet is 100% secure. We take commercially reasonable steps to protect your data but cannot guarantee absolute security.

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Erasure ("right to be forgotten"): Request deletion of your personal data.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests.
• Withdrawal of consent: Withdraw consent for newsletter or other consent-based communications at any time.
• CCPA (California): The right to know, delete, and opt-out of the sale of personal information (we do not sell personal information).

To exercise any of these rights, email us at info@archaiacademy.com or call +1 888 566 9760. We will respond within 30 days.

Our services are not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it promptly.

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time. When we do, we will update the "Effective Date" at the top of this page and, for material changes, notify you by email or by a prominent notice on our website. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy: