Privacy Policy

Last Updated: November 8, 2025

1. Introduction

This Privacy Policy explains how Idea Party ("we", "us", or "our") collects, uses, and protects your personal information when you use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (case-insensitive)
  • Display name
  • Encrypted password

2.2 Guest Information

When joining as a guest, we collect:

  • Guest name (provided each time you join)
  • Session data for room participation

2.3 Content and Usage Data

We collect content you create or submit through the Service:

  • Room setup information (deliverable type, audience, idea)
  • Questions and answers during Q&A sessions
  • Custom answers submitted during voting
  • Deliverables and all version history
  • Revision prompts for LLM-assisted editing

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Authenticate users and manage accounts
  • Enable real-time collaboration features
  • Process LLM requests to generate questions and deliverables
  • Store and retrieve room content and version history
  • Send password reset emails (when requested)

4. Data Sharing and Third Parties

4.1 LLM Providers

We share room content with third-party LLM providers (Anthropic Claude, OpenAI GPT-4) to generate questions, determine readiness, and create/revise deliverables. This content is processed according to the respective provider's data policies.

4.2 Cloud Storage

Deliverables are stored using Cloudflare R2 in production. Files are stored securely and accessed via signed URLs with 1-hour expiration.

4.3 Other Users

Content you create in rooms is visible to other participants in those rooms. Room invite links allow anyone with the link to join and view room content.

We do not sell your personal information to third parties.

5. Data Retention

We retain your data as follows:

  • User accounts: Indefinitely until deletion is requested
  • Rooms and content: Persist indefinitely with no automatic cleanup
  • Session data: For the duration of your session
  • Password reset tokens: 1 hour expiration, single-use only

6. Data Security

We implement security measures to protect your data:

  • Passwords are encrypted using industry-standard hashing (Bcrypt/Argon2)
  • Database connections are encrypted
  • HTTPS/SSL encryption for data in transit
  • Signed URLs with expiration for file downloads
  • CSRF protection on all forms

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Your Rights

You have the right to:

  • Access your personal information
  • Update your account information (name, email, password)
  • Request deletion of your account and associated data
  • Remove rooms from your dashboard (though rooms persist)
  • Download your deliverables in markdown format

8. Cookies and Tracking

We use session cookies to:

  • Maintain user authentication
  • Preserve session state across page loads
  • Enable Phoenix LiveView functionality

Sessions persist until logout. Changing your password logs you out on all devices.

9. Children's Privacy

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, please contact us at: [Your Contact Email]

← Back to Home