Privacy Policy.

• Account info: email address, plan tier, optional display name and company.
• Tool inputs: the data you paste or upload into specific modules — calendar exports for Billable Narrative, transcripts for Meeting Memory, voice samples for Content Studio, scenario inputs for Forecast.
• Usage analytics: which modules you use and how often. We never read your inputs as part of analytics — just counts and timestamps.
• Payment metadata: Stripe customer ID and subscription ID. We never see your card number.

• Your AI provider data when using BYOK: when you connect your own Anthropic, OpenAI, or Gemini key, prompts go directly to your provider. We don't intercept the completion or store a copy through a separate channel.
• Passwords: Prism uses one-time codes for sign-in. There is no password to store, lose, or leak.
• Tracking pixels in marketing emails: we don't embed open-tracking or click-tracking pixels in transactional emails (login codes, payment confirmations, welcome links).

• To provide the service you signed up for (run the modules, save your work, restore your session).
• To bill you (Pro tier) via Stripe.
• To debug issues you report (with your permission, scoped to the specific issue).
• To improve the product based on aggregate usage signals.

We don't sell your data. We don't use your data to train AI models. We don't share your data with marketing partners.

While you're an active customer, your inputs and outputs persist indefinitely so the modules can do their job (Meeting Memory needs the full transcript history; saved Forecast scenarios need to stay loaded).

Within 30 days of cancellation or account termination, all data keyed by your tenant_id is purged from our database, unless you explicitly request an export first. Export is a single email request to landon@zillyconcapital.com and ships within 7 business days as JSON.

Each Prism module stores only the data it needs. Meeting Memory has its transcripts; Voice Profile has your voice analysis; Custom Calculator has your schemas. Modules don't share data with each other automatically. A unified context layer is on our roadmap as an opt-in premium add-on for users who want cross-module intelligence — by default, scoping is on.

The technical detail lives in /docs/security.

Logged-in pages may include subtle watermarks identifying the viewing user (email plus render timestamp), invisible at normal viewing opacity. We use this to investigate unauthorized data sharing if it occurs. The watermark never appears on exported PDFs you generate for your clients — those carry only the footer marker.

Prism stands on a small stack of vetted services. Each gets the minimum data needed to do its job:

• Stripe: payments. Sees your card; we never do.
• Turso: primary database hosting. Your tenant data lives here, encrypted at rest, regional replicas for performance.
• Vercel: application hosting and edge runtime.
• Resend: transactional email delivery (login codes, welcome links, payment receipts).
• Anthropic, OpenAI, Google: AI providers, used by your chosen module path. With BYOK, you contract directly; without BYOK, Prism forwards your request to its hosted key.

• Export: request a JSON dump of every row keyed to your tenant.
• Deletion: request that we delete your account and all keyed data. Done within 7 business days.
• Opt out of analytics: request that your tenant_id be excluded from aggregate metrics. We honor this; the trade-off is your usage doesn't inform what we build next.
• Correction: fix any account info that's wrong. Most fields are editable from Settings; if it's not, email us.

All four are one email to landon@zillyconcapital.com.

Encrypted in transit (TLS) and at rest (Turso's default). API keys you store via BYOK are encrypted with a server-side secret before they hit the database, decrypted only at the moment of an outbound API call. Sign-in is one-time-code with no persistent password to compromise.

When this policy changes, the date at the top of this page changes. For material changes (new third-party processor, new data category collected, changed retention window), we email every active user at least 30 days before the change takes effect.

Questions, requests, or concerns: landon@zillyconcapital.com. Landon (founder) reads every email personally.