Privacy Policy

Effective Date: April 16, 2026

This Privacy Policy describes how Solanthos ("Solanthos," "we," "us," or "our") collects, uses, and protects information when you use Derekh ("the Service").

1. Information We Collect

Account Information

When you create an account, we collect your email address and a securely hashed version of your password. We do not store passwords in plain text.

Conversation Data

We store the messages you send and the AI-generated responses you receive. This includes the text content of your questions and the assistant's replies, along with metadata such as timestamps and your selected Bible translation.

Usage Data

We track aggregate usage metrics including the number of messages sent, token counts (a measure of text length processed by the AI), and conversation counts. This data is used to enforce usage limits and improve the Service.

2. How We Use Your Information

• To provide and operate the Service
• To authenticate your identity and secure your account
• To enforce usage limits associated with your account tier
• To improve the Service and fix bugs
• To communicate with you about your account or changes to the Service

3. Third-Party Services

Anthropic (Claude API)

Your messages are sent to Anthropic's API to generate AI responses. Anthropic processes your prompts and returns responses in real time. Anthropic does not use data submitted through its API to train its models. Anthropic's data handling is governed by their Commercial Terms and Privacy Policy.

Supabase

We use Supabase for user authentication and database hosting. Your account information and conversation data are stored in a Supabase-hosted PostgreSQL database. Supabase's data handling is governed by their Privacy Policy.

4. Data Security

We implement security measures to protect your information, including:

• Encrypted connections (HTTPS) for all data in transit
• Secure password hashing (handled by Supabase Auth)
• Row-level security policies ensuring users can only access their own data

No method of electronic storage or transmission is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

Your account information and conversation history are retained as long as your account is active. If you request account deletion, we will delete your account data, including all conversations and messages, within a reasonable timeframe.

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request deletion of your account and associated data
• Delete individual conversations within the Service

To exercise these rights, contact us at info@derekh.app.

7. Children's Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.

8. Cookies and Local Storage

We use browser cookies and local storage solely for authentication purposes (maintaining your login session). We do not use tracking cookies or third-party analytics.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a new effective date. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

10. Contact

If you have questions about this Privacy Policy, please contact us at info@derekh.app.