This Privacy Policy describes how Igiari! ("Igiari," "we," "us," or "our") collects, uses, and shares information when you use our fallacy-scanning website and related services (the "Service"). The core scanner is free to use with a registered account; paid credit packs and subscriptions may be offered separately.
By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
1. Information We Collect
Account information
To use the scanner you sign in with your email address (magic link or one-time code). We store your email and account metadata (such as credit balance and sign-in timestamps) in our database provider, Supabase. Sign-in emails are delivered through Resend.
Text you submit
When you paste or type text into the scanner, that text is transmitted to our backend so it can be analyzed.
Technical and usage information
When you use the Service, we automatically receive certain technical information, including:
- IP address — used for security, abuse prevention, and server logs.
- Request metadata — such as timestamps, request size, and basic HTTP headers needed to operate the API.
- Server logs — our hosting providers may log standard web server data (for example, IP address, user agent, and request path) for security, debugging, and operations.
Information we do not intentionally collect
We do not intentionally collect payment card numbers through the scanner UI (payments, when offered, are processed by Stripe). Please do not submit information you are not comfortable sharing with us and with our subprocessors described below.
2. How We Use Information
We use the information described above to:
- Provide fallacy analysis by sending submitted text to an AI model operated by a third party.
- Authenticate you and maintain your account and credit balance.
- Enforce usage limits and prevent abuse.
- Maintain an in-memory cache of prior analysis results so identical submissions can be answered without repeating an API call (cache hits do not debit credits).
- Operate, secure, troubleshoot, and improve the Service.
- Comply with applicable law and respond to lawful requests.
3. How Long We Keep Information
- Submitted text: We do not maintain a long-term archive of user-submitted text. Text is processed for the scan request and transmitted to our AI provider as described below.
- Account records: Email, credit balance, and transaction history are stored in Supabase until you request deletion or we delete your account.
- Response cache: Analysis results for previously seen text may be stored in server memory keyed by a cryptographic hash of the normalized text (not the raw text itself). Cached entries are limited in number and are cleared when the server restarts or entries are evicted.
- Hosting logs: Log retention is controlled by our hosting providers and may persist for a limited period according to their policies.
4. Third-Party Services
We rely on third parties to operate the Service. Your use of the Service may involve sharing information with:
- Anthropic, PBC — submitted text is sent to Anthropic's API for AI analysis. Anthropic processes that text according to its own terms and privacy policies. Do not submit content you are prohibited from sharing with third-party AI providers.
- Render — hosts our backend API.
- Supabase — hosts authentication and account/credit data.
- Resend — delivers sign-in emails on our behalf.
- Stripe, Inc. — processes payments when you purchase credits or subscriptions (when available).
- Cloudflare — hosts our frontend and may process standard web traffic data as part of content delivery and security.
We do not sell your personal information. We do not share submitted text with third parties for their independent marketing purposes.
5. Cookies and Analytics
The Service does not use third-party advertising trackers or sell data for advertising.
We may use Cloudflare Web Analytics on the public site. When enabled, Cloudflare collects privacy-preserving, cookieless metrics (such as page views and referrers) to understand aggregate usage. Cloudflare's analytics policy applies to that processing. No analytics script runs until a site token is configured in our deployment.
Our hosting providers (Cloudflare, Render) may also process standard web traffic and server logs as part of delivering and securing the Service.
6. Your Choices and Responsibilities
You control what text you submit. You may request account deletion or privacy requests using the contact in Section 11. If you do not want text processed by us or our AI provider, do not submit it.
Sensitive information: Do not paste confidential, proprietary, medical, financial, or other sensitive personal information unless you accept the risk that it will be transmitted to third-party infrastructure for processing.
7. Legal Bases (EEA/UK Users)
If you are in the European Economic Area or the United Kingdom, we process information on the following bases:
- Performance of a contract / steps at your request — to provide the scan you request.
- Legitimate interests — to secure the Service, prevent abuse, and operate infrastructure efficiently (including caching and rate limiting).
- Legal obligation — where required by applicable law.
8. Your Privacy Rights
Depending on where you live, you may have rights to access, correct, delete, or restrict certain processing of personal information, or to object to processing and to data portability. Contact us at the address in Section 11 to exercise these rights; we will verify requests associated with your account email.
California residents may have additional rights under the CCPA/CPRA, including the right to know what categories of information are collected and the right to opt out of sale or sharing. We do not sell or share personal information for cross-context behavioral advertising.
To exercise privacy rights or ask questions about this policy, contact us using the information in Section 11.
9. Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information through the Service, contact us and we will take reasonable steps to delete it.
10. International Transfers
The Service is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored in, and processed in the United States and other countries where our service providers operate, which may have different data-protection laws than your jurisdiction.
11. Changes and Contact
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the latest version. Material changes will be posted on this page. Continued use of the Service after changes become effective constitutes acceptance of the revised policy.
For privacy-related questions or requests, contact us at [email protected] (subject line: Privacy Request).
California residents may also submit requests under the CCPA/CPRA to the same address. We will verify and respond as required by applicable law.