Privacy Policy
This policy explains what Zajuga collects, why, who we share it with, and how you control it. The short version lives at our Data Promise; this is the long version.
1. Who we are
Zajuga LLC ("Zajuga," "we," "us") operates zajuga.com, the COCI platform, Reset Mode, the marketplace, and related services. Contact: hello@zajuga.com.
2. What we collect
We collect three kinds of information:
- Account information you give us when you sign up — name, email, password (hashed), and any optional profile fields (age range, season-of-life, goals, preferences).
- Service activity — the messages, voice memos, and reflections you send to COCI, Reset Mode, or Coach O; the buttons you click; the pages you visit; basic device and browser metadata; and approximate location derived from IP for fraud prevention and regional compliance.
- Payment information when you subscribe — handled by Stripe. We do not store full card numbers; we keep a tokenized reference plus the last four digits and brand for receipts.
We do not collect children's data. The Service is for adults 18+.
3. How we use it
- To run the Service: respond to you, store your reflections, return your history, recommend coaches.
- To improve the Service: study aggregate patterns of use so we make better tools. We do not train any third-party AI model on your individual content (see section 5).
- To keep the Service safe: detect abuse, fraud, and crisis signals.
- To communicate with you: account emails, product updates, and (if you opt in) newsletter.
- To comply with the law and enforce our Terms.
4. Crisis events
If our system flags a moment that may indicate someone is in danger, we log the pattern (timestamp, type of signal, response taken) so we can keep improving how Zajuga responds in those moments. That log is stored anonymously — no name, email, or account ID — and is not linked back to your account record. See the Data Promise.
5. Third parties we use
We use a small set of vetted third-party services to run Zajuga. Each only sees what it needs to do its job.
| Service | Purpose | What they receive |
|---|---|---|
| Anthropic (Claude) | AI replies in COCI, Reset Mode, Coach O | Your message text in real time. Anthropic's API does not train its models on this content per its commercial terms. |
| OpenAI (Whisper) | Voice memo transcription | Your audio file at transcription time. Discarded after processing under OpenAI's API data policy (no training). |
| Stripe | Payment processing | Cardholder name, card details, billing address, transaction amount. |
| Supabase | Authentication and database | Account record, hashed password, your saved messages, drafts, and preferences. Encrypted at rest. |
| Netlify | Web hosting and serverless functions | Standard request logs (IP, URL, user-agent) for ~30 days. |
| Mailchimp | Newsletter delivery | Email address and engagement metadata, only if you opt in. |
We do not sell, rent, or trade your personal information. We do not share data with advertisers or data brokers. We may share information when required by valid legal process, or to protect rights and safety, but we will narrow scope and notify you when we lawfully can.
6. Cookies and similar tech
We use a small number of essential cookies (or local storage equivalents) to keep you signed in and to remember your preferences. We use first-party analytics to count page views in aggregate. We do not run third-party advertising trackers.
You can clear cookies and local storage in your browser at any time. Doing so will sign you out.
7. Your rights
Wherever you live, you can:
- Access the personal information we hold about you.
- Correct information that is wrong.
- Delete your account and all associated content. One click in settings, or email us. We act within 30 days.
- Export a copy of your content in a portable format.
- Object to certain processing or withdraw consent for newsletter communications.
- Complain to your local data protection authority if you believe we've handled your data unlawfully.
If you're in California, the CCPA/CPRA gives you the rights above plus the right not to be discriminated against for exercising them. If you're in the EEA or UK, the GDPR/UK GDPR provides equivalent rights. To exercise any right, email hello@zajuga.com.
8. Data retention
We keep your account data for as long as your account is active. When you delete your account, we delete your content from our production database within 30 days and from backups within 90 days. The only data we retain after deletion is what tax law requires us to keep on payment receipts (typically 7 years), and crisis-event aggregates that were never linked to you in the first place.
9. Security
We use industry-standard safeguards: TLS in transit, encryption at rest at the database layer, scoped access controls, single-sign-on for the team, and audit logs on sensitive operations. No system is perfectly secure, and we won't pretend otherwise. If a breach affects you, we will notify you promptly and tell you what to do.
10. International transfers
We are based in the United States. If you use the Service from outside the US, your information will be transferred to and processed in the US and other countries where our service providers operate. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.
11. Children
Zajuga is not intended for anyone under 18. We do not knowingly collect personal information from children. If you believe a child has given us information, email us and we'll delete it.
12. Changes to this policy
We may update this policy as the product changes or laws shift. If a change is material, we'll notify you by email or in-product before it takes effect. The "last updated" date below always shows the current version.
13. Contact
Questions, requests, or complaints: hello@zajuga.com. Mailing address available on request.
Last updated: April 25, 2026