← Back to app

Privacy Policy

Last updated: March 27, 2026

What Architect Is

Architect is a personal growth app that helps you identify limiting belief patterns, transform them into actionable blueprints, and track your progress. We take the privacy of your inner work seriously.

What We Collect

We collect only what we need to make the app work for you:

  • Email address — for sign-in and account recovery
  • Password — stored as a one-way hash (we never see your actual password)
  • Timezone — to schedule reminders at the right time
  • Phone number (optional) — only if you enable SMS/WhatsApp notifications

We do not collect your name, address, date of birth, or any government identification.

Your Activity Data Is Pseudonymous

Everything personal you share — your beliefs, patterns, coaching conversations, mood check-ins, and reflections — is stored under a pseudonymous identifier that is architecturally separated from your email and account information.

This means your personal growth data and your identity live in different zones of our database. Even in a data breach scenario, your beliefs and coaching conversations cannot be linked to your real identity without compromising two independent security boundaries.

AI Processing

Architect uses Claude (by Anthropic) to generate lessons, reframe beliefs, and power the AI coach. When you interact with AI features:

  • Your message and relevant context (patterns, phase, mood) are sent to the AI
  • Your email and identity are never sent to the AI — only your pseudonymous activity data
  • AI responses are streamed back in real time and stored in your conversation history
  • Anthropic does not use your data to train their models (per their API data policy)

Payments

When payment processing is available, it will be handled entirely by Stripe. We will never store your credit card number, billing address, or payment details in our database. We store only your subscription status (active/inactive) and expiration date.

Row-Level Security

Every table containing user data is protected by row-level security (RLS) policies. This means database queries can only return your own data — even if our application code had a bug, the database itself enforces that you cannot see another user's beliefs, patterns, or conversations.

Third-Party Services

  • Supabase — database and authentication (hosted infrastructure)
  • Anthropic (Claude) — AI processing for lessons, reframes, and coaching
  • Vercel — application hosting
  • Twilio — SMS/WhatsApp notifications (only if you opt in)

We do not sell, rent, or share your data with advertisers or data brokers. Third-party services receive only the minimum data needed to perform their function.

Your Rights

  • Access — you can request a copy of all data we hold about you
  • Deletion — you can request deletion of your account and all associated data
  • Correction — you can update your information at any time
  • Portability — you can request your data in a machine-readable format
  • Opt out — you can disable any notification channel at any time

These rights apply regardless of where you live. We respect GDPR, CCPA, and similar privacy regulations by design, not just by compliance checkbox.

Data Retention

Your data is retained as long as your account is active. If you delete your account, all associated data — including your pseudonymous activity data — is permanently deleted within 30 days. We do not keep backups of deleted accounts.

No Tracking, No Ads

Architect has no advertising, no third-party analytics trackers, no Facebook pixels, and no Google Analytics. The telemetry we collect is first-party only — used exclusively to improve your experience within the app.

Contact

Questions about your data? Email us at privacy@architect.app