1. Who We Are
Akrasia ("we," "our," or "us") is a web-based AI writing and paraphrasing engine. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at akrasia.app (the "Service").
2. Information We Collect
2.1 Account Information
When you sign in with Google, we receive and store:
- Your name (as displayed on your Google account)
- Your email address
- Your profile picture URL
We do not receive or store your Google password.
2.2 Usage Data
We automatically collect:
- Credit balance and transaction history
- Session tokens (for authentication)
- IP addresses (for rate limiting and abuse prevention only)
2.3 User-Submitted Content
Text you submit for paraphrasing is sent to third-party AI APIs (Google Gemini) for processing. We do not store your submitted text or AI-generated output on our servers after the request is complete.
2.4 What We Do NOT Collect
- Location / GPS data
- Device fingerprints
- Cookies for advertising or tracking
- Analytics from third-party trackers (no Google Analytics, no Facebook Pixel)
- Photos, contacts, or any device-level data
3. How We Use Your Information
- Authentication: To verify your identity and maintain your session.
- Credit Management: To track your credit balance and process purchases.
- Abuse Prevention & Moderation: To enforce rate limits, identify platform abuse, track account status (ACTIVE, SUSPENDED, BLOCKED), and prevent unauthorized access or evasion.
- Service Improvement: To fix bugs and improve performance (aggregated, non-personal data only).
4. Third-Party Services
We share minimal data with the following third-party services:
5. Data Retention
- Account data: Retained as long as your account is active. For suspended or blocked accounts, we retain the user's email address and account status (SUSPENDED or BLOCKED) indefinitely to enforce active bans and prevent evasion.
- Submitted text: Not stored. Processed in real-time and discarded.
- Session tokens: Automatically expire after 30 days of inactivity.
- IP rate-limit data: Stored in memory only, cleared every 5 minutes.
6. Your Rights (GDPR & CCPA)
If you are located in the European Economic Area, UK, or California, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate data.
- Delete your account and all associated data (subject to abuse prevention policies).
- Export your data in a portable format.
- Object to processing of your data.
To exercise any of these rights, contact us at akrasia.ai@proton.me. We will respond within 30 days.
Note regarding bans: We retain account status mapping (email to status) for suspended or blocked users to prevent platform abuse and enforce security. Requesting data deletion does not waive this retention, as it is required under legitimate interest to protect our platform integrity.
7. Security
We implement industry-standard security measures including:
- HTTPS/TLS encryption for all data in transit
- Strict Content Security Policy (CSP) headers
- Rate limiting on all API endpoints
- Input sanitization and payload size limits
- No storage of payment card data (handled entirely by Polar)
8. Children's Privacy
Akrasia is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete it immediately.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service. Your continued use of the Service after changes constitutes acceptance.
10. Contact Us
For privacy-related inquiries:
📧 Email: akrasia.ai@proton.me