Privacy policy
Last updated: March 26, 2026
Service: Alchemy of Self (“Alchemy of Self,” “we,” “us,” or “our”) — available at alchemyofself.ai and related properties.
Contact: For privacy questions or requests regarding your personal data, use the self-service data request form at /settings/privacy (sign-in required), email support@consulting.com, or use the Support form at /support.
This Privacy Policy explains what information we collect, how we use and share it, and the choices you have. By using Alchemy of Self, you agree to this policy together with our Terms of service.
1. Information we collect
Account and sign-in
- Name and email address.
- Authentication data processed through our sign-in system (for example, email-based one-time codes, session tokens, and related security data).
- Where enabled, data processed by Cloudflare Turnstile to help prevent abuse during sign-in.
Your journey and content
- Answers, selections, text, and other inputs you provide in the guided program.
- Photos or files you upload where the product allows it, stored so we can personalize your experience and outputs.
- Generated materials we create for you (for example, personalized pages or documents).
Subscriptions and access
- If you purchase or redeem access through a third party (for example Whop), we may receive identifiers, email, and subscription or access status from that provider as needed to grant or revoke access.
Support
- Information you submit through our support flow (for example, name, email, category, subject, message, and optional attachments).
Technical and usage data
- Data our hosting and application stack processes automatically, such as IP address, device or browser type, timestamps, and diagnostic or security logs.
- Session-related technical data (for example, user agent or IP) as needed to operate sessions securely.
- Vercel Analytics collects privacy-focused, aggregated usage metrics about how the site is used (not sold by Vercel to advertisers as part of that product’s standard use).
2. How we use information
We use information to:
- Provide, operate, secure, and improve Alchemy of Self.
- Authenticate you, maintain your account, and enforce access rules (including subscription status).
- Store and process your inputs and uploads to generate personalized outputs (including through AI services described below).
- Send transactional messages (for example, sign-in codes from otp@alchemyofself.ai via SendGrid).
- Handle support requests (for example, via SendGrid and, where configured, Slack for internal notifications).
- Detect abuse, fraud, and technical issues; comply with law; and enforce our terms.
We do not use your journey content or uploads to train generalized public AI models. We process them to operate the service you requested (for example, generating your materials through our Microsoft Azure OpenAI–based pipeline).
We do not sell your personal information in the conventional sense (exchanging data for money). We may share data with service providers who process it on our instructions, as described below.
3. AI and automated processing
Parts of the service use artificial intelligence (hosted via Microsoft Azure / Azure OpenAI–compatible APIs) to generate or refine content from your inputs. Outputs are for personal reflection and learning only — not medical, mental health, legal, financial, or other professional advice.
4. How we share information
We share information with service providers that need it to perform services for us, including:
| Category | Examples of providers |
|---|---|
| Application backend & database | Convex |
| Website hosting & analytics | Vercel (hosting, Vercel Analytics) |
| Sign-in & accounts | Better Auth (integrated with our backend) |
| AI inference | Microsoft Azure (OpenAI–compatible models) |
| Email delivery | SendGrid (OTP and support-related mail) |
| Access / payments | Whop (membership or checkout, as applicable) |
| Abuse prevention | Cloudflare (Turnstile, when enabled) |
| Internal tooling | Slack (optional support ticket notifications) |
These providers may only use personal data as instructed and subject to their agreements and policies. We may also disclose information if required by law, to protect rights and safety, or in connection with a business transfer (for example, merger), subject to applicable law.
5. International transfers
Our service providers may process information in multiple countries (including, depending on the provider, the United States, the European Union, and other regions). If your data is transferred across borders, we rely on safeguards our providers make available where required by law (such as standard contractual clauses or equivalent mechanisms).
6. Retention
We retain information for as long as your account is active and as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. After you stop using the service or delete your account (when available), we delete or de-identify personal data within a reasonable period unless a longer period is required by law.
7. Security
We use technical and organizational measures designed to protect personal data. No online service is completely secure; we cannot guarantee absolute security.
8. Your rights and choices
Depending on where you live, you may have rights to access, correct, delete, or export personal data, or to object to or restrict certain processing.
Self-service requests: Signed-in users can submit requests directly at /settings/privacy. From there you can:
- Export — download a JSON file of your profile, journey answers, and links to your uploaded files.
- Data access summary — ask us to confirm what personal data we hold.
- Correction — request that inaccurate or incomplete data be corrected.
- Deletion — request deletion of your account and associated personal data.
Requests are tracked and we respond within 30 days (or within the timeframe required by applicable law where longer periods apply). Deletion requests are fulfilled manually and include removal from our active database; we will also request deletion from applicable third-party processors where feasible, but cannot guarantee removal from third-party backup systems or legal-hold archives.
You can also contact us at support@consulting.com or /support.
You may also have the right to complain to a data protection authority in your region.
9. Third-party services and links
The service may link to or integrate with third parties (for example, Whop for checkout). Their collection and use of information is governed by their policies, not this one. Please review their terms and privacy notices.
10. Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version on this page and change the “Last updated” date. If changes are material, we will provide additional notice as required by law.
11. Contact
Self-service data requests (sign-in required): alchemyofself.ai/settings/privacy
Email: support@consulting.com
Support form: alchemyofself.ai/support