Privacy Policy
Last updated: February 2026
1. Information We Collect
- Account information: email address and password (stored as a secure hash, never in plain text)
- Usage data: questions you ask, domains identified, and timestamps
- Uploaded files: CSV, JSON, PDF, and other files you provide for analysis (stored with your explanation)
- Payment information: handled entirely by Razorpay. We never see or store your card numbers.
- IP addresses: collected for anonymous rate limiting only
2. How We Use Your Data
- To provide causal explanations in response to your questions
- To maintain your question history and watched questions
- To send notifications when a cause you're watching changes
- To enforce tier-based rate limits
- To improve the service using anonymized and aggregated analytics only
3. AI Processing
Your questions are sent to third-party AI providers — OpenAI, Google (Gemini), and Anthropic (Claude) — to generate explanations. We do not send your email, password, or payment information to these providers. Uploaded file data may be sent to AI providers for contextual analysis. Please review each provider's privacy policy for details on how they handle data.
4. Data Storage & Security
- Data is stored in a PostgreSQL database
- Passwords are hashed with bcrypt
- Authentication tokens are stored in HTTP-only cookies (not accessible to JavaScript)
- API keys and secrets are stored in environment variables, never in source code
- HTTPS is enforced in production
5. Data Retention
Your explanations are stored for as long as your account exists. Uploaded files are stored alongside the associated explanation. Pro and Enterprise users can export their data at any time. To delete your account and all associated data, contact support.
6. Third-Party Services
- Razorpay: payment processing
- Resend: email delivery for notifications and verification
- OpenAI, Google AI, Anthropic: AI-powered explanation generation
- Sentry: error monitoring (no personally identifiable information is sent)
Each service operates under its own privacy policy.
7. Cookies
We use HTTP-only cookies solely for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
8. Your Rights
- Access your data through the History and Profile pages
- Export your data at any time (Pro and Enterprise)
- Delete your account by contacting support
- We do not sell your data to anyone
9. Children's Privacy
CAUSE is not intended for users under 13 years of age. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this policy from time to time. Please check this page for the latest version. Major changes will be communicated via email to registered users.
11. Contact
For privacy questions, contact us at privacy@causeai.in.