3V01VE

Legal

Privacy Policy

Effective June 4, 2026

What we collect

  • Account data — email address, display name, and (if you sign in with Google) the basic profile information Google returns.
  • Practice data — the practices you mark complete, the notes you save, and the mode (Beginner / Advanced) you prefer.
  • Technical data — basic request logs (IP address, browser, timestamps) used to keep the Service reliable and secure.

We do not knowingly collect data from children under 16.

How we use it

  • To operate your account and show you your own practice history.
  • To send essential account email (confirmation, password reset, security notices).
  • To diagnose bugs, prevent abuse, and improve the Service.

We do not sell your data, we do not show third-party advertising, and we do not use your private reflections to train external AI models.

How it is stored

Account and practice data are stored on managed infrastructure (Supabase, hosted on Amazon Web Services) with row-level security so that one user cannot read another user's records. Data is encrypted in transit (TLS) and at rest.

Cookies and similar technology

We use a small number of strictly-necessary cookies and local-storage entries to keep you signed in and to remember your reading mode. We do not use third-party advertising or cross-site tracking cookies.

Third parties we rely on

  • Supabase — authentication, database, and email delivery.
  • Google — only if you choose "Continue with Google" to sign in.
  • Lovable Cloud — hosting and runtime for the application.

Each is bound by its own privacy and security commitments.

Your rights

You can view, export, or delete your account and associated data at any time from the Journal, or by emailing privacy@3v01ve.com. Depending on where you live, you may also have rights under the GDPR, UK GDPR, or the CCPA, including the right to access, correct, port, or restrict processing of your personal data, and to lodge a complaint with a supervisory authority.

Retention

We keep account and practice data for as long as your account exists. When you delete your account, the associated records are removed from our active systems within 30 days and from encrypted backups within 90 days.

International transfers

Data may be processed in the United States and other countries where our infrastructure providers operate. We rely on standard contractual clauses and equivalent safeguards where applicable.

Changes

When this policy changes materially we will notify you on the site or by email. The "Effective" date above always reflects the current version.

Contact

Privacy questions: privacy@3v01ve.com.