Privacy Policy

Last updated: June 28, 2026

1. Who is the data controller

HackwithClaude is the controller of personal data collected through hackwithclaude.com. Contact: privacy@hackwithclaude.com.

2. What we collect

• Account data: email, display name, avatar, Google OAuth ID.
• Usage data: chat messages, prompts, generated outputs, credit balance, rate-limit logs.
• Technical data: IP address, user agent, timestamps.
• Billing data: handled by Paddle — we receive transaction IDs, last 4 digits, country, and pack purchased. We never see full card details.

3. How we use it

• To deliver the Service and operate your account.
• To enforce rate limits, security, and abuse prevention.
• To provide AI completions via our inference provider.
• To process payments (via Paddle), invoices and tax compliance.
• For support, transactional emails, and product analytics.

4. Legal bases (GDPR)

• Contract: to deliver the Service you purchased.
• Legitimate interests: security, fraud prevention, analytics.
• Legal obligation: tax, accounting, abuse reports.
• Consent: optional marketing emails (you can opt out anytime).

5. Sharing & sub-processors

• Paddle.com Market Limited — Merchant of Record, payments, tax, invoicing.
• Supabase — authentication and database hosting.
• AI inference provider (router.lapakvip.com / Anthropic upstream) — to generate chat responses. Prompts are sent to the provider for completion.
• Google — only if you sign in with Google OAuth.

6. International transfers

Some sub-processors are located outside your country (e.g. United States). Transfers rely on Standard Contractual Clauses or equivalent safeguards.

7. Retention

• Account data: while your account is active and 12 months after closure.
• Chat history: until you delete it or close your account.
• Billing records: 7 years (legal/tax requirement).
• Logs: up to 90 days.

8. Your rights

Subject to applicable law (GDPR, CCPA), you can request access, rectification, erasure, restriction, portability, or objection. Email privacy@hackwithclaude.com. You can also lodge a complaint with your local data protection authority.

9. AI-specific notes

• Do not submit sensitive personal data, secrets, or third-party confidential information into prompts.
• Outputs may contain inaccurate information. We do not use your prompts to train third-party foundation models without your consent.

10. Cookies

We use strictly necessary cookies for authentication and session management. We do not use advertising cookies. Paddle's checkout may set its own cookies governed by its policy.

11. Children

The Service is not directed to children under 16. We do not knowingly collect data from children.

12. Changes

We may update this policy; material changes will be highlighted on the site or by email.