Privacy Policy
Last Updated: January 1, 2025
Effective Date: January 1, 2025
This Privacy Policy applies to The Understanding Engine platform, website, and services (collectively, the "Service") operated by The Understanding Engine, LLC ("we," "us," or "our").
🔒 Our Privacy Commitment
We are committed to protecting your privacy and ensuring the security of your personal information. We will NEVER sell, rent, or share your personal data or conversation content with third parties for marketing purposes. Your conversations are confidential and remain between you and your chosen participants only.
Table of Contents
1. Information We Collect
1.1 Information You Provide
- Account Information: When you create an account, we collect your name, email address, username, and password (encrypted).
- Profile Information: Optional information you may provide, such as communication preferences or goals.
- Conversation Data: Content of your conversations, including messages, sub-issues, and action items created within the platform.
- Payment Information: If you subscribe to a paid plan, payment processing is handled by Stripe. We do not store credit card numbers or banking information.
- Communications: When you contact us for support, we collect the information you provide.
1.2 Information Collected Automatically
- Usage Data: Information about how you interact with our Service, including features used, time spent, and interaction patterns.
- Device Information: Browser type, operating system, device type, and IP address (which we anonymize).
- Log Data: Server logs that record access times, pages viewed, and technical errors.
1.3 Information We DO NOT Collect
- We do not collect biometric data
- We do not collect precise geolocation data
- We do not collect sensitive personal information (race, religion, sexual orientation, health data) unless voluntarily shared in conversations
- We do not use tracking pixels or advertising cookies
2. How We Use Your Information
2.1 Primary Uses
- Service Delivery: To provide, maintain, and improve The Understanding Engine platform
- Account Management: To create and manage your account, authenticate users, and provide customer support
- Communication: To send service-related emails (account verification, password reset, important updates)
- Safety and Security: To detect and prevent fraud, abuse, or security incidents
- Legal Compliance: To comply with legal obligations and enforce our Terms of Service
2.2 AI Processing
Our AI mediator processes conversation content to:
- Provide real-time mediation and communication suggestions
- Generate sub-issues from main topics
- Create action items and summaries
- Identify communication patterns to provide better guidance
Important: AI processing happens in real-time and we do not use your personal conversations to train our AI models. Your data is not shared with OpenAI or other AI providers for their training purposes.
2.3 Research and Analytics
With your explicit consent, we may analyze anonymized and aggregated data to:
- Improve our understanding of communication patterns
- Enhance our mediation algorithms
- Publish research on communication effectiveness (without any identifying information)
3. Data Sharing and Disclosure
We Do NOT Sell Your Data
We do not and will never sell, rent, or share your personal information or conversation content with third parties for their marketing purposes.
3.1 Limited Sharing Scenarios
We only share your information in these specific circumstances:
- With Your Consent: When you explicitly authorize us to share information
- Session Participants: Conversation content is shared only with users you invite to your sessions
- Service Providers: With trusted vendors who help us operate our Service:
- Cloud hosting (AWS) - for secure data storage
- Payment processing (Stripe) - for subscription management
- Email service (SendGrid) - for transactional emails
- AI processing (OpenAI API) - for mediation features
- Legal Requirements: If required by law, court order, or governmental request
- Protection of Rights: To protect the rights, property, or safety of The Understanding Engine, our users, or the public
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified of any change in ownership)
4. Data Security
We implement comprehensive security measures to protect your data:
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access controls and multi-factor authentication for our team
- Infrastructure Security: Secure cloud infrastructure with regular security audits
- Incident Response: Established procedures for detecting and responding to security incidents
- Regular Updates: Security patches and updates applied promptly
- Employee Training: All team members trained on data protection and privacy
While we use industry-standard security measures, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and protect your account credentials.
5. Data Retention
We retain your information only as long as necessary to provide our services and comply with legal obligations:
| Data Type | Retention Period |
|---|---|
| Account Information | Until account deletion + 30 days (for recovery purposes) |
| Conversation Data | Active sessions: Indefinitely while account is active Deleted by user: Immediately removed |
| Payment Records | As required by tax law (typically 7 years) |
| Server Logs | 90 days |
| Support Communications | 2 years after resolution |
6. Your Rights and Choices
6.1 Universal Rights
Regardless of your location, you have the right to:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Delete your account and associated data
- Data Portability: Export your conversation data in a machine-readable format
- Withdraw Consent: Opt-out of optional data uses like research
- Restrict Processing: Limit how we use your data in certain circumstances
6.2 GDPR Rights (European Union)
If you are in the European Economic Area, you additionally have the right to:
- Object to processing based on legitimate interests
- Lodge a complaint with your local supervisory authority
- Withdraw consent at any time (where processing is based on consent)
- Not be subject to automated decision-making that significantly affects you
Legal Basis for Processing: We process your data based on: (1) Contract performance (to provide our services), (2) Legal obligations, (3) Legitimate interests (security, fraud prevention), and (4) Consent (for optional features).
6.3 CCPA Rights (California)
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose
- Delete your personal information (with some exceptions)
- Opt-out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising your privacy rights
California residents may make requests by emailing privacy@theunderstandingengine.com.
6.4 How to Exercise Your Rights
To exercise any of these rights:
- Email us at privacy@theunderstandingengine.com
- Use the privacy controls in your account settings
- For deletion: Settings → Account → Delete Account
We will respond to valid requests within 30 days (or as required by applicable law).
7. International Data Transfers
The Understanding Engine is based in the United States. If you use our Service from outside the US:
- Your information will be transferred to and processed in the United States
- We use appropriate safeguards for international transfers, including Standard Contractual Clauses
- By using our Service, you consent to the transfer of your information to the US
8. Children's Privacy
The Understanding Engine is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn that we have collected information from a child under 16, we will delete that information promptly. If you believe we have information from a child under 16, please contact us immediately.
9. Cookies and Tracking
9.1 Essential Cookies
We use only essential cookies required for the Service to function:
- Session Cookies: To maintain your login session
- Security Cookies: To prevent CSRF attacks and ensure secure browsing
- Preference Cookies: To remember your settings and preferences
9.2 What We DON'T Use
- No advertising cookies
- No third-party tracking cookies
- No social media pixels
- No behavioral tracking
9.3 Managing Cookies
You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of our Service.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will update the "Last Updated" date at the top
- For material changes, we will notify you via email or prominent notice on our Service
- Your continued use after changes constitutes acceptance of the updated policy
11. Contact Information
Questions or Concerns?
If you have any questions about this Privacy Policy or our data practices, please contact us:
The Understanding Engine, LLC
Email: privacy@theunderstandingengine.com
Phone: 303-401-1648
Address: Denver, Colorado, USA
Data Protection Officer:
Dr. Neal Kraus
Email: dpo@theunderstandingengine.com
For EU residents, you may also contact your local data protection authority with any complaints.
Your Privacy is Our Priority
We built The Understanding Engine to help people communicate better while maintaining complete privacy and confidentiality. Your trust is essential to us, and we are committed to protecting your personal information and conversations with the highest standards of security and privacy.