Privacy Policy

Who We Are

Selfology is operated by Aleksandr Kosenko ("we," "us," "our").

• Website: selfology.me
• Email: [email protected]
• Location: Spain / EU

Selfology provides self-discovery tools including digital products (PDF, Notion templates) and an AI-powered coaching bot.

What We Collect

When You Purchase Products

• Email address — for delivery and license tracking
• Name — if provided
• Payment information — processed by Gumroad/Stripe (we never see your card details)
• Purchase history — what you bought and when

When You Subscribe to Newsletter

• Email address — for sending updates
• Preferences — topics you're interested in

When You Use the AI Bot

• Telegram user ID — to identify your account
• Messages you send — your questions and answers
• AI-generated responses — coaching insights based on your input
• Session data — conversation history, progress tracking
• Personality insights — patterns identified through your answers

Automatically Collected (Website)

• Analytics — pages visited, time on site
• Device information — browser, operating system
• IP address — for security and fraud prevention

How We Process AI Data

What Happens With Your Conversations

• Local storage — Your conversations stored on our secure servers
• AI processing — We use Claude (Anthropic) and GPT (OpenAI) to generate responses
• Personality analysis — AI identifies patterns in your answers to personalize coaching
• Vector storage — Anonymized embeddings stored for semantic search

What We Do NOT Do

• Sell your conversations to third parties
• Use your personal data to train external AI models
• Share identifiable data with advertisers
• Read your conversations manually (unless you report a problem)

AI Provider Data Handling

Our AI providers (Anthropic, OpenAI) process your messages to generate responses. They:

• Do not use API data for training (per their enterprise policies)
• Process data under strict data processing agreements
• May retain data temporarily for abuse prevention

How We Use Your Data

• Deliver purchased products — Legal basis: Contract
• Provide AI coaching — Legal basis: Contract
• Send order confirmations — Legal basis: Contract
• Send newsletter — Legal basis: Consent
• Personalize your experience — Legal basis: Legitimate interest
• Improve our services — Legal basis: Legitimate interest
• Prevent fraud and abuse — Legal basis: Legitimate interest
• Respond to support requests — Legal basis: Legitimate interest

Third-Party Services

• Gumroad — Payments (email, name, payment info)
• ConvertKit — Email (email address)
• Telegram — Bot platform (user ID, messages)
• Anthropic (Claude) — AI responses (message content)
• OpenAI (GPT) — AI responses (message content)
• Qdrant — Vector database (anonymized embeddings)
• Vercel — Website hosting (IP, analytics)

All providers operate under data processing agreements compliant with GDPR.

Data Retention

• Purchase records — 7 years (legal requirement)
• Email subscribers — Until unsubscribe
• Bot conversations — 3 years or until deletion request
• Personality insights — 3 years or until deletion request
• Analytics — 26 months
• Support requests — 2 years

You can request deletion at any time — we will remove your data within 30 days (except where legally required to retain).

Your Rights

Under GDPR (EU) and CCPA (California):

• Access — Get a copy of all your data
• Correction — Fix inaccurate information
• Deletion — "Right to be forgotten" — erase your data
• Portability — Receive data in machine-readable format
• Restriction — Limit how we process your data
• Objection — Object to processing based on legitimate interest
• Withdraw consent — Unsubscribe or revoke permissions anytime

How to Exercise

Email [email protected] with subject "Data Request"

Include: your email and what you're requesting. Response within 30 days.

Cookies

We use minimal cookies:

• Essential — Site functionality (required)
• Preferences — Remember your settings (optional)
• Analytics — Understand usage (optional)

No advertising cookies. No cross-site tracking. Control cookies via your browser settings.

Security

• HTTPS encryption for all data in transit
• Encryption at rest for stored data
• Access controls and authentication
• Regular security reviews
• Breach notification within 72 hours

Children

Selfology is not intended for anyone under 16. We do not knowingly collect data from minors. If you believe a child has provided us data, contact us immediately.

International Transfers

Your data may be processed in:

• EU — primary
• USA — AI providers, hosting

All transfers comply with GDPR requirements (Standard Contractual Clauses).

Changes to This Policy

We may update this policy. Significant changes will be:

• Posted on this page with new date
• Communicated via email to active users