Privacy Policy
This Privacy Policy describes how Conclave ("we", "us", "our") collects, uses, and shares information when you use the Conclave service (the "Service"). By using the Service you agree to the practices described in this Policy. If you do not agree, do not use the Service.
1. Information We Collect
1.1 Information you provide directly
- Account information: email address; if you sign in via Google, your Google account name and profile photo as provided by Google.
- Prompts and attachments: the text you type and any files you upload. Attachments are stored in our hosted storage and associated with your account until you delete them.
- Conversation history: prompts and AI-generated responses are stored so you can revisit past sessions. You can delete a session at any time from the sidebar.
- Billing information: when you purchase a subscription or credits, payment data is collected directly by Stripe, Inc. We receive a Stripe customer identifier and transaction metadata but do not see or store your full payment card number.
- Communications: if you contact support@conclavecouncil.com, the message and your email address.
1.2 Information collected automatically
- Usage data: request timestamps, the kind of request (Verdict / Deliberate / attachment), tier, and approximate token counts for billing and cap enforcement.
- Technical data: IP address, user-agent string, and basic request metadata that our hosting provider records as part of normal operation.
- Browser storage: we use
localStorageto remember your sound preference, mode (Deliberate vs Verdict), and which seats you have enabled. We do not use third-party advertising cookies or trackers.
2. How We Use Information
We use the information we collect to:
- Provide, operate, and maintain the Service, including routing your prompts to third-party AI providers;
- Enforce usage caps and bill subscriptions and one-time purchases;
- Persist your conversation history and attachments so you can return to past sessions;
- Respond to support requests and communicate operational notices (e.g., outage updates, policy changes);
- Detect, investigate, and prevent abuse, fraud, and security incidents;
- Comply with legal obligations.
We do not sell your personal information. We do not use the contents of your prompts, attachments, or AI outputs to train Conclave-owned models — we do not train our own models. Note, however, that third-party AI providers process your prompts under their own policies (see below).
3. Third Parties We Share Information With
The Service relies on the following third-party processors. Each operates under its own privacy policy; we encourage you to review them.
| Processor | Purpose | What we share |
|---|---|---|
| Anthropic, PBC | Claude language model (Magister seat) | Your prompts, conversation context, and image attachments when this seat is enabled |
| OpenAI, L.L.C. | GPT language model (Praetor seat) | Your prompts, conversation context, and image attachments when this seat is enabled |
| Google LLC | Gemini language model (Oracle seat) and Google OAuth sign-in | Your prompts and image attachments when the seat is enabled; for sign-in, the limited Google profile fields you authorize |
| xAI Corp. | Grok language model (Censor seat) | Your prompts and image attachments when this seat is enabled |
| Perplexity AI, Inc. | Sonar language model with live web search (Scribe seat) | Your prompts when this seat is enabled. Perplexity may issue live web searches to answer your query. |
| Mistral AI SAS | Mistral language model (Adept seat) | Your prompts when this seat is enabled |
| Supabase, Inc. | Authentication, database hosting, file storage | Account, conversation history, attachments, usage data |
| Stripe, Inc. | Payment processing and subscription management | Billing identifiers, transaction metadata. We never receive full card numbers. |
| Render Services, Inc. | Application hosting | Server logs and request metadata, transiently the content of in-flight requests |
We may also share information when required by law, in response to valid legal process, to protect rights or safety, or in connection with a merger, acquisition, or asset sale (in which case we will notify you of any change in ownership or in the way your information is handled).
4. Data Retention
- Account and conversation data is retained while your account is active. You can delete individual sessions at any time, which removes the conversation and its associated attachments from our hosted storage.
- Usage and billing records are retained for as long as needed to operate the Service and meet legal/tax obligations (typically 7 years for U.S. tax purposes).
- Server logs are retained on a rolling basis (typically 30 days) by our hosting provider.
- When you delete your account, we delete your account record, conversations, and attachments within a reasonable period, except where retention is required by law or for fraud prevention.
5. Security
We use industry-standard measures to protect information, including HTTPS in transit, encrypted-at-rest storage via our database and storage providers, row-level security to isolate user data, and least-privilege access controls on our server-side credentials. No method of electronic transmission or storage is 100% secure; we cannot guarantee absolute security.
6. Your Rights
Depending on where you live, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at support@conclavecouncil.com. We will respond within the timeframe required by applicable law.
6.1 California Residents
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we have collected about you, the right to delete it, the right to correct inaccurate information, and the right to opt out of the "sale" or "sharing" of personal information. We do not sell personal information. To exercise these rights, contact support@conclavecouncil.com.
6.2 European Economic Area / United Kingdom Residents
The Service is operated from the United States and is not specifically directed at EU or UK residents. If you choose to use the Service from those regions, your data will be transferred to and processed in the United States and other jurisdictions where our processors operate. Where the GDPR applies, our lawful bases for processing are: (a) the performance of a contract with you, (b) our legitimate interests in operating and improving the Service, and (c) your consent where applicable.
7. Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us at support@conclavecouncil.com and we will take steps to delete it.
8. International Data Transfers
We and our processors operate primarily in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our processors operate, which may have different data-protection laws than your country.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by email to the address associated with your account. The "Last updated" date at the top of this Policy indicates when it was most recently revised.
10. Contact
Questions or requests about this Privacy Policy can be sent to support@conclavecouncil.com.