Your data is yours.

To make Momentum AI work, we collect and store:

• Account information. Email, display name, optional timezone. Provided by you at signup.
• Onboarding answers. Your six narrative answers from the onboarding flow.
• Conversation transcripts. Every daily session, every Ask Marczell question, every on-demand request.
• Behavioral profile. A 10-dimension score grid updated after each session, plus inferred patterns (cognitive patterns, behavioral loops, repetitive language).
• Usage events. Session completions, lesson views, achievement unlocks, credit transactions.
• Billing identifiers. Subscription ID + customer ID from our payment processor (we never see or store your card number).

The behavioral profile, conversation history, and usage events are used to personalize the coach's replies, route the right lesson at the right moment, score your progress, and fire relevant notifications (streak reminders, content unlocks, billing receipts).

We do not use your conversations or profile to train external AI models. We do not sell your data to third parties. We do not serve advertising on the product.

Building Momentum AI relies on the following infrastructure providers, each of whom processes a slice of your data on our behalf under their respective security commitments:

• Supabase — primary database, authentication, file storage. Postgres encrypted at rest.
• Vercel — application hosting. No persistent user data; logs only.
• Anthropic— large-language-model inference for the daily coach, profiling, and content extraction. We use Anthropic's API with prompt caching; conversations are sent for inference but Anthropic does not retain them for training when accessed via API per their data-handling terms.
• OpenAI — embeddings for the searchable knowledge base.
• Cloudflare — DNS, edge network, video streaming for lessons.
• Resend — transactional email delivery.
• FanBasis — payment processing and subscription management. Only billing identifiers and customer email are shared; card details never touch our servers.

You can:

• Access your data — your dashboard surfaces most of it; ask us for a structured export at any time.
• Correct inaccurate data — edit your profile in-app or email us.
• Deleteyour account and all associated data — email us and we'll process within 30 days unless we're legally required to retain billing records longer.
• Export your data in a portable format (JSON).
• Cancel your subscription anytime via the billing page; cancellation stops new charges immediately.

To exercise any of these, write to support@marczellklein.com.

All traffic is encrypted in transit (TLS). Database is encrypted at rest. Access to production data is limited to authorized personnel and audit-logged. Passwords are hashed using industry standards (Supabase Auth's default bcrypt).

No system is perfectly secure. If you believe your account may have been compromised, change your password immediately and email us so we can investigate.

Momentum AI is not intended for users under 18. We do not knowingly collect data from minors. If you believe we have, email us and we will delete it.

We may update this policy as the product evolves. Material changes will be communicated by email at least 14 days before taking effect.

Privacy questions: support@marczellklein.com.