Privacy Policy

1. What we collect

• Account information — name, email address, role (Creator, Viewer, Producer)
• Content you create — ideas, pitches, reviews, and comments you post
• OAuth data — if you sign in via Google or GitHub, we receive your name and email from that provider
• Usage data — pages visited, features used, general interaction patterns

2. How we use your data

• To operate and improve the Criticast platform
• To personalise your feed and AI-generated recommendations
• To send transactional emails (email verification, shortlist notifications)
• To detect and prevent abuse or fraud

We do not sell your personal data to third parties.

3. AI and your content

When you request AI insights or writing assistance, your idea content is sent to Anthropic's API (Claude) to generate the response. Anthropic's own privacy policy governs how they handle that data. We do not use your content to train our own models.

4. Data storage and security

Your data is stored on secure servers. Passwords are hashed with BCrypt and never stored in plain text. Authentication tokens are short-lived and rotated on each use. We use HTTPS for all data in transit.

5. Cookies and local storage

Criticast stores your authentication token in browser local storage to keep you signed in. We do not use third-party tracking cookies or advertising cookies.

6. Your rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Object to how we process your data

To exercise any of these rights, contact us at hello@criticast.com.

7. Changes to this policy

We may update this policy as the platform evolves. Significant changes will be communicated via email or an in-app notice.