Terms & Conditions Privacy Policy

PRIVACY POLICY

Last Updated: March 1, 2026
Your privacy matters to us. This Privacy Policy explains how Cloud Olympians collects, uses, stores, and protects your personal information when you use our Service.

1. Information We Collect

1.1 Information You Provide

Data TypePurposeRetention
Email addressAccount creation, authentication, communicationUntil account deletion
PasswordAccount security (stored as bcrypt hash, never in plaintext)Until account deletion
Questions/promptsService delivery, conversation historyUntil user deletes or account deletion
Payment informationCredit purchases (processed by third-party payment providers)Transaction records retained per legal requirements

1.2 Information Collected Automatically

Data TypePurpose
IP addressSecurity, abuse prevention
Browser type and versionService compatibility
Usage data (pages visited, features used)Service improvement
Session data (cookies)Authentication, session management
AI model usage metrics (token counts)Service operation and billing

1.3 Information We Do NOT Collect

  • Real names or physical addresses (unless voluntarily provided)
  • Phone numbers
  • Social media profiles
  • Biometric data
  • Location data (beyond IP-based country detection)

2. How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide AI-generated responses and maintain your conversation history.
  • Authentication: To verify your identity and secure your account.
  • Credit Management: To track your credit balance and process purchases.
  • Communication: To send account-related notifications (email verification, password resets, service updates).
  • Service Improvement: To analyze usage patterns and improve the user experience.
  • Security: To detect and prevent fraud, abuse, and unauthorized access.
  • Legal Compliance: To comply with applicable laws, regulations, and legal obligations.

3. AI Processing & Third-Party AI Providers

CRITICAL WARNING: When you submit a question, your text is sent to third-party AI providers for processing. Never include passwords, credit card numbers, bank details, social security numbers, phone numbers, health information, or any other sensitive personal data in your messages. We accept no responsibility for personal data you voluntarily include in conversations.
  • Your questions are transmitted to AI providers (Anthropic and/or OpenAI) for response generation.
  • AI providers may process and temporarily store your input according to their own privacy policies.
  • We do not send your email address, account details, or other personal identifiers to AI providers — only the question text and system instructions.
  • AI providers' data handling:
  • Your responsibility: You are solely responsible for the content of your messages. Any personal or sensitive information you choose to include in your questions is transmitted to AI providers at your own risk.
  • No liability for voluntary disclosure: Cloud Olympians accepts no liability for any consequences arising from personal data you choose to share in conversations, as such data is processed by third-party AI providers outside our control.

4. Personal Data You Share in Conversations

WARNING: The following types of information should NEVER be typed into any chat, council session, or battle on Cloud Olympians:
  • Passwords or login credentials for any service
  • Credit card or debit card numbers
  • Bank account details or financial information
  • Social Security Numbers (SSN) or national ID numbers
  • Phone numbers or home addresses
  • Health or medical information
  • Legal case details or confidential business information
  • Any other personally identifiable information (PII) you would not want shared with third parties

All text submitted through the Service is processed by third-party AI providers. Once your text is transmitted, it is subject to those providers' data handling policies, over which Cloud Olympians has no control.

Cloud Olympians disclaims all responsibility and liability for any personal data, sensitive information, or confidential details that users voluntarily include in their conversations. By using the Service, you acknowledge this risk and agree to exercise caution in the content of your messages.

5. Data Storage & Security

5.1 Storage

  • Your data is stored on secure servers.
  • Passwords are hashed using bcrypt and never stored in plaintext.
  • Database connections use encrypted channels where available.

5.2 Security Measures

  • Parameterized database queries to prevent SQL injection.
  • Input sanitization and output encoding to prevent XSS attacks.
  • Session-based authentication with secure cookie handling.
  • User data isolation — each user can only access their own data.
  • Admin access restricted to authorized personnel only.

5.3 Data Breach Protocol

In the event of a data breach affecting your personal information, we will:

  • Notify affected users via email within 72 hours of discovery.
  • Report the breach to relevant supervisory authorities as required by law.
  • Take immediate steps to contain and remediate the breach.
  • Provide information about the nature of the breach and recommended protective actions.

6. Data Sharing

We do not sell, rent, or trade your personal information to third parties.

We may share your information only in these limited circumstances:

  • AI Processing: Question text sent to AI providers for response generation (see Section 3).
  • Payment Processing: Payment details shared with payment processors to complete transactions.
  • Legal Requirements: When required by law, court order, or governmental request.
  • Service Protection: To enforce our Terms, protect our rights, or ensure user safety.
  • Business Transfer: In connection with a merger, acquisition, or sale of assets (users will be notified).

7. Cookies & Session Data

We use essential cookies for:

  • Session Management: To keep you logged in during your visit.
  • Security: To prevent cross-site request forgery and other attacks.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. We do not participate in ad networks or cross-site tracking.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

8.1 For All Users

  • Access: View your conversation history and account information through the Service.
  • Deletion: Delete individual conversations, shared links, or your entire conversation history through the History page.
  • Account Deletion: Request complete account deletion by contacting us at support@cloudolympians.com. Upon deletion, all your personal data, conversation history, shared links, and unused credits will be permanently removed, except for data we are legally required to retain (such as payment transaction records). Account deletion is irreversible.
  • Data Export: Request a copy of your personal data by contacting us.

8.2 EU/EEA Users (GDPR)

Under the General Data Protection Regulation, you additionally have the right to:

  • Rectification: Correct inaccurate personal data.
  • Restriction: Request restriction of processing of your personal data.
  • Portability: Receive your data in a structured, commonly used, machine-readable format.
  • Object: Object to processing of your personal data for specific purposes.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Complain: Lodge a complaint with your local data protection supervisory authority.

Legal Basis for Processing: We process your data based on: (a) contract performance (providing the Service), (b) legitimate interests (security, service improvement), and (c) consent (where applicable).

8.3 California Users (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected and how it is used.
  • Right to delete personal information.
  • Right to opt-out of the sale of personal information (we do not sell personal information).
  • Right to non-discrimination for exercising privacy rights.

9. Children's Privacy

The Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided personal information, we will take immediate steps to delete such information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. Data Retention

  • Account data: Retained until you request account deletion.
  • Conversation history: Retained until you delete it or request account deletion.
  • Shared links: Retained until you revoke them or request account deletion.
  • Payment records: Retained for the period required by applicable tax and financial regulations (typically 7 years).
  • Server logs: Retained for up to 90 days for security and debugging purposes.
  • Credit purchase data: Credit balances and transaction history retained until account deletion; however, purchased credits expire 6 months after purchase.
  • Referral data: Referral relationships retained for audit purposes until account deletion.

11. Chat Memory & Session Data

Understanding how your conversation data is handled during active sessions:

  • Thread Memory: Individual god chats maintain conversational context within a thread. Previous messages in the thread are sent to the AI provider with each new question to maintain context. Threads expire after 30 minutes of inactivity or after 20 messages (10 Q&A pairs).
  • Council Sessions: Each council session is a single-question interaction. No conversational history is sent to AI providers — only your current question and the god's persona instructions.
  • Battle Sessions: Each battle is a self-contained event. The AI providers receive only the battle topic and persona instructions, not any previous conversation history.
  • Stored History: All conversations (regardless of thread expiration) are stored in our database and accessible through your History page until you choose to delete them or request account deletion.
  • AI Provider Retention: Third-party AI providers may temporarily retain the text of your conversations according to their own data retention policies. Refer to Section 3 for links to their privacy policies.

12. International Data Transfers

Your data may be processed in countries outside your country of residence, including countries where AI providers (Anthropic, OpenAI) operate their services. When data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or equivalent mechanisms.

13. AI Provider Changes & Data Impact

Cloud Olympians uses third-party AI providers that may change their services, policies, or data practices over time:

  • AI providers may update their privacy policies, data retention periods, or data processing practices at any time.
  • We may switch between AI providers or add new providers to improve service quality. When we do, your subsequent conversations will be processed by the new provider(s).
  • We will update this Privacy Policy to reflect any changes in the AI providers we use.
  • We are not liable for any changes in how third-party AI providers handle data that has already been transmitted to them.
  • Historical conversation data stored in our database is not affected by AI provider changes — only future conversations are routed to the current active provider(s).

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Service. The "Last Updated" date at the top indicates when the policy was last revised. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

For privacy-related questions, data requests, or concerns:

  • Email: privacy@cloudolympians.com
  • General Support: support@cloudolympians.com

We aim to respond to all privacy-related inquiries within 30 days.