Privacy Policy

When you sign in with Google, we receive from Google: your email address, your name (which you may change to a nickname), and your profile picture. We do not request access to your contacts, calendar, or any other Google data.

When you use the Service, we process the answers you provide during the intake conversation, the anchors you supply (birthday, color), the reading the AI generates, and any reflections you submit. Most of this data is stored on your device in browser localStorage, not on our servers. We do not currently maintain a server-side database of user content.

When you subscribe, Stripe processes your payment information. We never see or store your card numbers. Stripe shares with us your email, subscription status, and billing history.

Technical data automatically collected: IP address, browser type, device type, and standard server logs. This data is used for security and basic operations only.

• To provide the Service and generate your readings and tasks
• To authenticate you and persist your session
• To process subscription payments
• To respond to your messages and support requests
• To detect, prevent, and address security issues, fraud, and abuse
• To comply with legal obligations

We do not sell your personal information. Period.

To generate your reading and task content, we send your intake answers to a third-party AI provider (currently Anthropic). The provider processes the request and returns a response. The provider's data handling is governed by their own privacy policy and API terms, which include commitments not to use your data for training their models.

By using the Service, you consent to this processing. If you do not consent, do not use the Service.

We share information only with:

• Google — sign-in identity provider
• Anthropic — AI generation
• Stripe — payment processing
• Vercel — application hosting
• Legal authorities — only when required by law

We do not share your information with advertisers. We do not run advertising on the Service.

We use browser localStorage to save your ring state on your device. We use cookies and similar technologies as needed for sign-in sessions and basic site functionality. We do not use third-party tracking or advertising cookies.

You have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete your data — for client-side data, clear your browser localStorage; for server-side data, email us
• Withdraw consent at any time by ceasing use and signing out
• Export your data — email us for a copy

To exercise any of these rights, email legal@7rings.com.

If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what categories of personal information we collect, the right to deletion, and the right to opt out of any sale of your personal information (we do not sell). To exercise these rights, email legal@7rings.com.

We do not discriminate against California residents who exercise their CCPA rights.

If you are in the EU or UK, you have additional rights under the GDPR, including the right of access, rectification, erasure, restriction of processing, data portability, and the right to object. Our lawful basis for processing your data is your consent and the performance of our contract with you (these Terms). To exercise your rights, email legal@7rings.com. You also have the right to lodge a complaint with your local data protection authority.

Client-side data persists in your browser's localStorage until you clear it or until your browser cleans up storage automatically. Subscription records are retained as required by law and accounting needs (typically 7 years). Server logs are retained for up to 90 days.

The Service is intended for users 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, contact legal@7rings.com and we will promptly delete it.

We take reasonable measures to protect your information, including encryption in transit (HTTPS), use of well-established third-party providers (Google, Stripe, Anthropic, Vercel) that maintain enterprise-grade security, and limited access to backend systems. No system is perfectly secure, however, and we cannot guarantee absolute security.

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. Your continued use after changes constitutes acceptance.

For any privacy-related questions, requests, or concerns: legal@7rings.com.