Council

Privacy Policy

Council · App Bundle: com.isingwithaz.council
Effective date: June 28, 2026

1. Who We Are

Council is operated by Pavel Smolin. This policy applies to the Council web app, mobile app, shared result pages, and waitlist.

For privacy questions or requests, contact contact@pavelsmolin.com.

2. What We Collect

Depending on how you use Council, we collect:

  • Account data, such as your email address, display name, and profile photo when you sign in with Google through Supabase.
  • Council session data, including the questions you submit, generated AI responses, synthesis results, timestamps, and saved/shared session identifiers.
  • Waitlist data, such as the name and email address you submit on the waitlist page.
  • Usage and quota data, including an anonymous browser ID, authenticated user ID, usage event timestamps, and subscription status.
  • Subscription and billing-related data from Stripe, RevenueCat, and app store billing providers, such as customer IDs, subscription IDs, purchase events, and renewal or expiration dates.
  • Support communications and any information you choose to include when contacting us.

Please avoid submitting sensitive personal information unless you are comfortable with it being processed to provide the service, including by third-party AI providers.

3. How We Use Your Data

  • Authenticate you and keep you signed in.
  • Generate independent AI expert responses and synthesized recommendations.
  • Save and retrieve your Council sessions, including shared result pages.
  • Enforce free usage limits, prevent abuse, and keep the service reliable.
  • Process subscriptions and restore paid access.
  • Send waitlist and release updates if you join the waitlist.
  • Respond to support, privacy, and account requests.
  • Maintain security, debug problems, and comply with legal obligations.

We do not sell your data, display ads, or use your data to train our own AI models.

4. Legal Bases

Where privacy law requires a legal basis, we rely on the following:

  • Contract, to provide Council, authenticate accounts, process subscriptions, and deliver the features you request.
  • Legitimate interests, to secure the service, prevent abuse, enforce quota limits, maintain logs, improve reliability, and respond to support requests.
  • Consent, for waitlist and release updates where consent is required.
  • Legal obligations, for records we must keep for billing, tax, accounting, compliance, or dispute handling.

5. Third-Party Services

ServicePurposeData Shared
SupabaseAuthentication, database, and storageAccount data, sessions, usage, waitlist, subscriptions
Google OAuthSign-inEmail, name, profile photo
Anthropic APIAI responses and synthesisQuestion text and AI response context
OpenAI APIAI responsesQuestion text and AI response context
Google Gemini APIAI responsesQuestion text and AI response context
StripeWeb subscription checkout and billing portalCustomer, subscription, and payment-related records
RevenueCatMobile subscription managementApp user ID, purchase events, subscription status
Apple App StoreMobile subscription billingPurchase and subscription records

Each service operates under its own privacy policy and data protection practices. Third-party AI providers process your prompts and generated context to provide the requested AI responses.

6. Cookies and Local Storage

Council uses cookies and local storage that are necessary or useful for the service:

  • Supabase authentication cookies keep signed-in users logged in.
  • The council_anon_id cookie stores an anonymous ID used for free quota limits, abuse prevention, and claiming anonymous sessions after sign-in. It lasts for about two years unless you clear it sooner.
  • Local storage remembers your language preference and whether you manually changed it.

We do not currently use advertising cookies, third-party analytics cookies, tracking pixels, or session replay tools. If that changes, we will update this policy and add consent controls where required.

7. Analytics and Tracking

We do not use third-party analytics or advertising SDKs. We do not track you across other apps or websites.

8. Sharing and Public Links

If you create or share a Council result link, anyone with that link may be able to view the question and generated result shown on the shared page. Do not share result links that contain information you want to keep private.

9. Data Retention and Deletion

  • Account data and saved Council sessions are kept while your account is active, unless you delete them or request deletion.
  • Anonymous sessions and usage events are kept as needed to provide the service, enforce quota limits, prevent abuse, and maintain reliability.
  • Waitlist entries are kept until they are no longer needed for release updates, or until you ask us to delete them.
  • Subscription and billing records are kept as needed to provide paid access, resolve disputes, and meet legal, accounting, and tax obligations.
  • Support emails and privacy requests are kept as needed to respond and maintain records of the request.

To request deletion of your account or personal data, contact contact@pavelsmolin.com. We will process deletion requests within 30 days unless a longer period is required or permitted by law.

10. Your Rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to the processing of your personal data. You may also have the right to withdraw consent where processing is based on consent, and to complain to a privacy regulator or supervisory authority.

To exercise these rights, contact contact@pavelsmolin.com. We may need to verify your identity before fulfilling a request.

11. International Processing

Council and its third-party service providers may process data in countries other than the country where you live. Where required, we rely on appropriate safeguards provided by our vendors or otherwise available under applicable law.

12. Security

We use reasonable technical and organizational measures to protect personal data. However, no online service can guarantee absolute security.

13. Children's Privacy

Council is not directed at children under 13. We do not knowingly collect personal information from children under 13.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or an in-app notice. Continued use of the app after changes constitutes acceptance.

15. Contact

Privacy questions: contact@pavelsmolin.com