Privacy Policy

1. Introduction

Capself ("we," "us," or "our") operates https://capself.coand auth.capself.co. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Personal Development Operating System ("Service").

We are committed to privacy by design. You own your growth data. We do not sell your personal information.

2. Data Controller

Capself
Email: privacy@capself.co
Website: https://capself.co

3. Information We Collect

Account Information

Name, email address, profile image (if using Google OAuth), authentication identifiers, and subscription status.

Development Data

Goals, habits, journal entries, reflections, life domain scores, identity attributes (values, beliefs, motivations), behavioral patterns, milestones, faith preferences, and your personal knowledge graph — all stored with strict per-user isolation.

AI Conversations

Messages you send to Capself AI, model responses, conversation metadata, and derived insights. Pre-signup preview chats are limited to 3 questions and tracked via session cookies.

Technical Data

IP address, browser type, device information, session cookies, security logs, and audit logs for fraud prevention and service integrity.

Payment Data

We do not store full payment card details. Payment processing is handled by our payment providers (Paystack, Lemon Squeezy, or other processors we designate). We receive transaction references, subscription status, and billing metadata only.

4. How We Use Your Information

• Provide and personalize your Personal Development Operating System
• Maintain long-term memory and your personal knowledge graph
• Generate AI-powered reflections, insights, and recommended actions
• Process subscriptions and send service communications
• Enforce security, prevent abuse, and maintain audit trails
• Improve the Service with aggregated, non-identifiable analytics
• Comply with legal obligations

5. AI Processing & Third-Party Providers

Capself uses third-party AI providers (including OpenRouter and underlying model providers) to power conversations. On free tiers, some providers may log prompts for model improvement — we disclose this in-product. Pro subscribers receive enhanced privacy protections where available.

Important: Capself AI is a personal development companion, not a licensed therapist, medical professional, financial advisor, or legal counsel. AI responses may contain errors. You are responsible for verifying important decisions.

We also use:

• Supabase (database hosting)
• Resend (transactional email)
• Google (OAuth authentication)
• Paystack / Lemon Squeezy (payments)

6. Legal Basis (EEA/UK Users)

We process personal data under:

• Contract: to deliver the Service you signed up for
• Consent: where you opt in to marketing or optional features
• Legitimate interests: security, fraud prevention, and service improvement
• Legal obligation: where required by applicable law

7. Data Isolation & Security

Your personal knowledge graph is unique to you. Row-level security (RLS) ensures no user's data can influence another user's graph or be accessed by other users. We employ encryption in transit and at rest, access controls, rate limiting, and audit logging.

8. Data Retention

We retain your data while your account is active. Upon account deletion, we delete or anonymize your personal data within 30 days, except where retention is required by law (e.g., billing records).

9. Your Rights

Depending on your location, you may have the right to access, correct, export, restrict, or delete your personal data, and to object to or withdraw consent for certain processing.

Capself provides in-app data export and account deletion. To exercise rights, contact privacy@capself.co. We respond within 30 days.

EEA/UK residents may lodge a complaint with their local data protection authority.

10. International Transfers

Capself serves users globally. Your data may be processed in countries other than your own, including Nigeria, the United States, and the European Union. We use appropriate safeguards for international transfers where required.

11. Cookies

We use essential cookies for authentication (including cross-subdomain sessions on .capself.co), preview chat limits, and security. We do not use third-party advertising cookies.

12. Children

Capself is not intended for users under 16. We do not knowingly collect data from children. Contact us if you believe a child has provided personal data.

13. Changes to This Policy

We may update this Privacy Policy. Material changes will be notified via email or in-app notice. Continued use after changes constitutes acceptance.