This Privacy Policy explains how the Operator of claudestore.store(the «Operator», «we») collects, uses, and protects your personal data when you use the Service. The Operator is an individual; the only official contact is Telegram @claudestorestore.
1. Data We Collect
- Account data: email address, display name, hashed password, two-factor authentication state.
- Usage data: API requests (endpoint, model, token counts, timestamps, latency), credit transactions, chat messages submitted in the in-app sandbox.
- Technical data: IP address, user-agent, approximate country (GeoIP), device type, anonymous session identifier.
- Payment metadata: order identifiers, amounts, currencies, and product identifiers received from the payment provider. We do not receive or store card numbers, CVV codes, or full bank details.
- Consent records: document version, language, IP, user-agent and timestamp of your acceptance of the legal documents.
2. Legal Bases
- Performance of contract — to provide the Service you purchased.
- Legitimate interest — fraud prevention, abuse mitigation, security monitoring, and product improvement.
- Consent — for non-essential cookies and analytics where applicable.
- Legal obligation — to comply with applicable accounting, tax, or law-enforcement requirements.
3. Where Data Is Stored
Operational data is stored on infrastructure provided by Lovable Cloud(managed Supabase / PostgreSQL, EU region). Backups and logs may transit through the same infrastructure. The Operator's gateway runs on additional cloud providers used solely for traffic routing.
4. Third-Party Processors
- DigiSeller / oplata.info — international payment provider that processes your payment, including card details and crypto invoices, under its own privacy terms.
- Tribute (for purchases in RUB) — payment intermediary subject to its own privacy terms.
- Anthropic, PBC — upstream model provider. Prompts, attachments, and completions you send through the API are forwarded to Anthropic and are subject to Anthropic's Privacy Policy.
- Yandex.Metrika (when active) — anonymous web analytics. You can opt out via your browser settings or the Yandex opt-out tool.
5. Cookies & Local Storage
We use technical cookies and localStorage entries to keep you signed in, persist anonymous session identifiers, remember your consent acceptance, and store interface preferences. We do not run third-party advertising trackers without your consent.
6. Retention
- Account data — until you request deletion of your account.
- Usage and billing logs — up to 24 months for accounting and abuse-tracking purposes, then aggregated.
- Chat sandbox attachments — automatically deleted after 7 days.
- Page-visit telemetry — automatically deleted after 90 days.
- Consent records — kept for the legally required period as evidence of acceptance.
7. Your Rights
Subject to applicable law (including the GDPR for users in the EEA), you may request access to your personal data, correction of inaccuracies, deletion, restriction, portability, and the right to object. To exercise these rights, contact the Operator via Telegram @claudestorestore.
8. Security
We use TLS in transit, encryption at rest provided by the Cloud platform, hashed passwords (bcrypt), per-user database row-level security, and 2FA. No system is perfectly secure; we encourage you to use a strong, unique password and enable 2FA.
9. Children
The Service is not directed at children under 13 (or under the age of digital consent in your jurisdiction). We do not knowingly collect their data.
10. International Transfers
Some processors may operate outside your country of residence. By using the Service, you consent to the transfer of your data to those jurisdictions where appropriate safeguards (Standard Contractual Clauses or equivalent) apply.
11. Changes
We may update this Policy. Material changes will be reflected in the document version and re-acceptance will be required at the next purchase via the consent dialog.