At Commentarius, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Service.
Summary: We collect only the data necessary to provide our Service. We do not sell your personal information. Your scholarly content belongs to you.
1. Information We Collect
1.1 Information You Provide
Data Type
Purpose
Account information (username, email, password)
To create and manage your account
API keys (e.g., Claude API key)
To enable AI-powered features on your behalf
Project content (texts, lemmas, commentary)
To provide the core Service functionality
Communications with us
To respond to your inquiries and provide support
1.2 Information Collected Automatically
Usage data: Pages visited, features used, timestamps
Device information: Browser type, operating system, device type
Log data: IP address, access times, referring URLs
Cookies: Session cookies for authentication and preferences
2. How We Use Your Information
We use your information to:
Provide, maintain, and improve the Service
Process your requests and transactions
Send important notices about your account or the Service
Respond to your comments, questions, and support requests
Monitor and analyze usage patterns to improve user experience
Detect, prevent, and address technical issues and security threats
Comply with legal obligations
3. Data Sharing and Third Parties
3.1 Third-Party Services
When you use our features, your data may be processed by:
Anthropic (Claude API): When you use features like grammar analysis or vocabulary building, relevant text is sent to Anthropic's API for processing. This is governed by Anthropic's Privacy Policy.
Stripe (Payment Processing): When you make a payment, your payment information is processed directly by Stripe. We do not store your full credit card number, CVV, or other sensitive payment details on our servers. Stripe's handling of your data is governed by Stripe's Privacy Policy.
3.2 Payment Information
When you purchase a subscription or make a payment:
Payment is processed securely by Stripe, a PCI-compliant payment processor
We receive and store only: transaction ID, payment status, subscription status, and the last 4 digits of your card (for your reference)
We never have access to your full card number, CVV, or banking credentials
Billing history and invoices are available through your account settings
3.3 We Do Not Sell Your Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
3.4 When We May Share Data
We may share your information only in these circumstances:
With your consent: When you explicitly authorize sharing
For collaboration: When you share projects with other users
Service providers: With vendors who assist in operating our Service (hosting, analytics), bound by confidentiality agreements
Legal requirements: When required by law, court order, or government request
Protection: To protect our rights, safety, or property, or that of our users
4. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
Encryption of data in transit (HTTPS/TLS)
Secure password hashing
Encrypted storage of sensitive data (API keys)
Regular security reviews and updates
Access controls limiting who can access your data
However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
5. Data Retention
We retain your data as follows:
Account data: Retained while your account is active and for a reasonable period after deletion for legal and operational purposes
Project content: Retained until you delete it or your account
Usage logs: Typically retained for 90 days
Backup data: May persist in backups for up to 30 days after deletion
6. Your Rights and Choices
Depending on your location, you may have the following rights:
Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal retention requirements)
Export: Export your project data in standard formats
Essential cookies: Required for authentication and core functionality
Preference cookies: Remember your settings and preferences
We do not use advertising or tracking cookies. You can control cookies through your browser settings, though disabling essential cookies may affect Service functionality.
8. Children's Privacy
Commentarius is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.
9. International Data Transfers
Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers in compliance with applicable laws.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Posting the updated policy on our website
Updating the "Last updated" date
Sending an email notification for significant changes
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us: