§ Legal

Privacy Policy

Effective: 2026-06-08 · Last updated: 2026-06-08 · Operator: Davis Geometric

TL;DR — what we keep, what we don't

We collect your billing email, a SHA-256 hash of your API key, usage counters, and request timestamps. We do not store the bodies of your queries, the candidates you find, or the contents of any private corpora you ingest beyond the tenant-scoped database namespace they live in.

We don't sell your data. We don't run advertising. We don't have analytics beyond Cloudflare's built-in traffic counters. The two third parties involved are Stripe (payments) and Resend (one transactional email — your welcome key). That's the whole list.

Full details below.

§ 1 Who we are

"We" / "us" / "Davis Geometric" refers to the sole proprietorship operated by Bee Rosa Davis, the data controller for the scj-hunt service. Contact: bee_davis@alumni.brown.edu.

§ 2 What we collect

We collect only what is needed to operate the Service and bill you. Specifically:

Data	Source	Purpose	Retention
Billing email	Stripe checkout	Send your API key; account communication; password-of-last-resort for re-mint	Until 90 days after account closure
SHA-256 hash of API key	Generated by us at issuance	Authenticate your requests to the Gigi Service	Until key is revoked; then 30 days for audit
Stripe customer ID	Stripe	Map subscription state to your key	Until 90 days after account closure
Subscription tier and status	Stripe webhook	Apply correct rate limits + access controls	Until 90 days after account closure
Request counters (per-minute, per-day)	Our gateway	Enforce per-tier rate limits	60 seconds (minute counter), 24 hours (day counter)
Last-used timestamp	Our gateway	Dashboard display; detect dormant accounts	Until 90 days after account closure
Private corpora (Team tier only)	You upload via `scj-hunt ingest`	Serve your hunts against your private data	Until you delete them or your account closes
Cloudflare access logs	Cloudflare (our gateway hosting)	Operational diagnostics, abuse detection	7 days (default Cloudflare retention)

What we DO NOT collect

The plaintext of your API key after the moment of issuance — only the SHA-256 hash.
The bodies of your GQL queries. We see that you made a request and which bundle it targeted; we do not store what the query was.
The candidate output the Service returns to your TUI. That data flows through; we don't archive it.
Any browser identifiers, cookies, fingerprints, or tracking pixels. The marketing site and dashboard set one item in local storage — your API key, only if you sign in to the dashboard — and nothing else.
Telemetry from the Client binary. The Client does not phone home. Every network call is the one you initiated.

§ 3 Legal basis (GDPR / UK-GDPR)

For EU/UK residents, we process the data above on the following legal bases:

Performance of a contract — to provide the Service you have subscribed to (your email, key hash, subscription state, private corpora).
Legitimate interests — to protect the Service from abuse via rate-limit counters and Cloudflare access logs, and to enforce these Terms.
Legal obligation — billing records retained as long as required by applicable tax and commercial law.

We share data only with the following service providers, all of whom are bound by their own privacy commitments:

Stripe, Inc. — payment processing. Receives your billing details, payment method, and subscription state. Stripe's privacy policy.
Resend — transactional email delivery. Receives your email address and the body of the welcome email (which contains the plaintext key once, then is forgotten by us). Resend's privacy policy.
Cloudflare, Inc. — gateway hosting and DDoS protection. Receives request metadata (IP, user agent, request headers) per Cloudflare's standard processing. Cloudflare's privacy policy.
Fly.io — Gigi Service hosting. Stores your private corpora (Team tier) and serves the Gigi API. Fly.io's privacy policy.

We do not sell, rent, lease, or trade your data with any third party. We do not run advertising or share data with advertising networks.

§ 5 Your rights

Depending on your jurisdiction, you have one or more of the following rights. We will respond to verified requests within 30 days.

Access — request a copy of the data we hold about you.
Rectification — request that we correct inaccurate data.
Erasure — request that we delete your data. We will honor this request subject to retention requirements imposed by applicable law (e.g., tax-record retention).
Portability — receive your data in a machine-readable format.
Restriction or objection to processing.
Withdrawal of consent where processing is based on consent (none of our processing is consent-based).
Lodge a complaint with a supervisory authority (EU/UK) or the California Privacy Protection Agency (CA).

Send requests to bee_davis@alumni.brown.edu from the email address associated with the account.

§ 6 California residents (CCPA / CPRA)

We do not sell or share personal information for cross-context behavioral advertising. California residents have the rights described in § 5 and may also designate an authorized agent to submit requests on their behalf.

The categories of personal information we collect, the sources, and the disclosures are described in § 2 and § 4 of this Policy.

§ 7 Security

We take reasonable measures to protect data we hold:

API keys are stored as SHA-256 hashes; the plaintext is transmitted to you once over HTTPS and never persisted on our side.
All traffic to the gateway and the Gigi Service is HTTPS only.
The Cloudflare KV store and the Postgres database are encrypted at rest by their respective providers.
Internal-only origin endpoints validate a shared X-Origin-Token; direct traffic from the public internet to the origin is refused.
We follow least-privilege access: only Bee Rosa Davis has operator-level access to production systems.

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify you within 72 hours.

§ 8 Retention

Retention periods for each data category are listed in the table in § 2. As a general rule, we keep operational data for as long as your account is active and for 90 days thereafter, after which data is permanently deleted except where required by law (e.g., Stripe-side billing records retained for tax compliance).

§ 9 Children

The Service is not intended for individuals under 18. We do not knowingly collect data from anyone under 18. If you believe we have inadvertently collected such data, contact us and we will delete it.

§ 10 International transfers

Davis Geometric is based in the United States. Data may be processed in the United States and in any region where our service providers operate. For transfers of data from the European Economic Area, the United Kingdom, or Switzerland, we rely on the Standard Contractual Clauses adopted by the European Commission (or equivalent) and the supplementary measures described in this Policy.

§ 11 Changes to this policy

We may update this Privacy Policy from time to time. If a change is material, we will provide notice via email to your billing address and post a notice on the Service at least fourteen (14) days before the change takes effect.

§ 12 Contact

Privacy questions, data-rights requests, and complaints:

Davis Geometric
Attn: Bee Rosa Davis
bee_davis@alumni.brown.edu

For the operator

This document is a starting template. Have it reviewed by a privacy attorney before going live, especially if you expect EU/UK customers (GDPR-specific clauses), California customers (CCPA/CPRA), or anyone in a jurisdiction with strict data-protection rules (e.g., Brazil's LGPD). If you adopt any analytics or tracking tools later, update § 2 and § 4 to match.