Privacy Policy

JUCEY ("JUCEY", "we") is the data controller for the personal data we collect via https://jucey.app and the JUCEY application. For GDPR purposes you can reach us at privacy@jucey.app.

Account data (you provide it)

• Name, email, profile image (via Clerk).
• Authentication credentials are managed by Clerk; we never see your password.
• Onboarding answers (platform focus, goals, inspirations).
• Connected social handles (LinkedIn, X) you paste during onboarding.

Content you create

• Saved clips from the browser extension.
• Voice and text notes (audio is transcribed via Whisper, then stored as text).
• Generated drafts and your approve/reject decisions.
• Voice profile derived from your scraped public posts.

Browser extension signals

• Anonymous engagement signals (default ON): author handle, hashtags, dwell time, and whether you engaged — never the post URL, post body, or your identity. 7-day raw retention.
• Engagement learning (default ON, per-user only): when you like / repost / comment / bookmark a post on LinkedIn or X, we capture the post body, author, hashtags, and your written reply, scoped to your account only. Never pooled. 90-day retention.
• Trend pool (default OFF, opt-in): public post metadata (URL, author, hashtags, engagement counts) of posts you scroll past, pooled with other users — never the post body, never tied to your identity. 28-day retention.
• Full per-toggle disclosure lives at /privacy/extension.

Usage data (collected automatically)

• IP address, user agent, device session metadata (for security and rate limiting).
• Page views and feature usage events (PostHog, optional).
• Error and performance traces (Sentry, optional).

Billing data (handled by Stripe)

• Stripe customer + subscription IDs.
• Billing country (for tax).
• We never see or store full payment-card details — Stripe is PCI DSS Level 1 certified.

• Provide the Service: generate drafts, score juiciness, train your voice profile, run Daily Juice.
• Personalization: the longer you use JUCEY, the better the voice profile gets — that's the product.
• Security & abuse prevention: rate limiting, anomaly detection, audit trails.
• Billing: subscription management via Stripe.
• Transactional email: welcome, waitlist confirmation, payment-failed alerts, data-export delivery. We do not send marketing email without consent.
• Compliance: respond to legal requests where required by law.

We do not use your content to train any public AI model. When we call OpenAI, Anthropic, or other LLM providers, we use their API endpoints with training opt-out enabled.

• Contract: processing necessary to deliver the Service you subscribed to.
• Legitimate interest: security, fraud prevention, product improvement.
• Consent: optional analytics and any future marketing emails.
• Legal obligation: tax records, law-enforcement requests.

JUCEY uses the following sub-processors. Each has its own published privacy policy and security posture; data flows are limited to what each one needs to function.

• Account data is retained while your account is active.
• If you delete your account, we hard-delete every row tied to your userId in a single transaction (clips, drafts, notes, voice profile, embeddings, extension tokens, device sessions).
• Billing records are retained for 7 years where required by tax law (Stripe is the system of record).
• Webhook event logs (no PII; Stripe/Clerk event IDs only) are retained for 90 days for retry-dedup.

Under GDPR, CCPA, UK GDPR, and similar laws, you have the right to:

• Access: request a copy of the data we hold about you.
• Export (data portability): download your data via the self-serve POST /api/account/export endpoint, accessible from Settings.
• Correct: update inaccurate data via Settings or by emailing us.
• Delete (right to erasure): self-serve via Settings → Delete Account, which calls POST /api/account/delete.
• Object / restrict: object to processing or restrict it; email us.
• Lodge a complaint: with your local data-protection authority. EU users may also contact ours (TBD; we will publish the DPO contact when one is engaged).
• Opt out of sale (CCPA): we do not sell personal information; nothing to opt out of.

To exercise any right, email privacy@jucey.app. We respond within 30 days (45 for complex requests, with notice).

Our infrastructure runs on Railway in the United States. Several sub-processors process data in the US and EU. For transfers out of the EEA we rely on the European Commission's Standard Contractual Clauses with each sub-processor.

We use a minimal set of strictly-necessary cookies (Clerk session, CSRF). PostHog analytics cookies are set only if you opt in. We do not use advertising cookies or third-party trackers.

JUCEY is not directed to anyone under 18 (or the local age of majority). We do not knowingly collect data from children. If you believe a child has created an account, email us and we will delete it.

See /security for the full controls list — TLS 1.3, encrypted-at-rest storage, per-tenant row-level isolation, rate limiting, abuse detection, SSRF blocklist with DNS-rebind defense, signature-verified webhooks. Report vulnerabilities to security@jucey.app.

We'll announce material changes by email and in-app at least 14 days before they take effect. The "Effective" date at the top of this page reflects the latest revision.

Privacy questions: privacy@jucey.app · Security: security@jucey.app