Privacy Policy

Your trust is the foundation of Circle. This comprehensive policy details exactly how we handle your data with transparency, security, and respect for your privacy rights.

Last Updated: June 14, 2025

Our Privacy Commitment

At Circle, we believe privacy is a fundamental right. As an AI-powered platform designed to enhance productivity and creativity, we understand the sensitive nature of the data you entrust to us. This policy serves as your comprehensive guide to understanding our data practices.

We've designed Circle with privacy-by-design principles, ensuring data protection is embedded into every aspect of our platform's architecture, from initial data collection through processing to storage and deletion. We strictly limit data use to providing and improving user-facing features.

Important Note

This policy applies to all Circle services, including our web application, API, and any future products. By using Circle, you agree to the practices described herein.

Information We Collect

Personal Information

Account Data: When you create a Circle account, we collect your name, email address, and profile information through our secure authentication partners (Supabase and Google OAuth 2.0).

Contact Information: Email addresses for account verification, password resets, important service updates, and customer support communications.

Profile Preferences: Language settings, theme preferences, notification settings, and other customization options you choose.

Billing Information: For premium features (when available), we collect payment information through secure third-party processors. We never store complete credit card numbers on our servers.

Usage and Interaction Data

AI Interaction Data: Your prompts, inputs, generated content, and conversation history with our AI systems. This data is used solely to provide personalized AI responses and improve user-facing features.

Feature Usage: Which tools you use, frequency of use, session duration, and feature preferences to optimize your experience.

Content Creation Data: Documents, projects, and creative works you generate using Circle's AI tools, including revision history and collaboration data.

Feedback and Ratings: Your ratings of AI responses, feature feedback, and improvement suggestions to enhance platform functionality.

Technical and Device Information

Device Information: Device type, operating system, browser version, screen resolution, and hardware capabilities to optimize performance.

Network Data: IP address, approximate location (city/region level), internet service provider, and connection type for security and regional compliance.

Performance Metrics: Page load times, error logs, crash reports, and system performance data to maintain service quality.

Security Logs: Login attempts, suspicious activity detection, and security event monitoring to protect your account.

Special Considerations for Users Under 18

If you're under 18, we strongly encourage parental involvement in your use of Circle. We implement additional safeguards for younger users, including enhanced privacy controls, content filtering where appropriate, and strict compliance with international youth protection laws including COPPA (US), GDPR-K (EU), PIPEDA (Canada), and other regional regulations. We may require parental consent for certain features or data processing activities.

How We Use Your Information

We use your data solely to provide and improve user-facing features of the Circle platform. We expressly prohibit using your data for targeted advertising, selling to data brokers, providing to information resellers, determining credit-worthiness, lending purposes, user advertisements, personalized advertisements, retargeted advertisements, interest-based advertisements, creating databases for non-service purposes, or training AI models.

Core Service Delivery

  • • Powering AI responses through our Groq infrastructure
  • • Personalizing your experience and recommendations
  • • Maintaining conversation context and history
  • • Providing real-time collaboration features
  • • Enabling cross-device synchronization

Platform Improvement

  • • Enhancing user-facing features based on usage patterns
  • • Conducting A/B tests for user experience optimization
  • • Identifying and fixing bugs or performance issues
  • • Developing safety and content moderation systems
  • • Improving AI response quality with explicit user consent

Security & Trust

  • • Detecting and preventing fraud and abuse
  • • Monitoring for security threats and vulnerabilities
  • • Enforcing our Terms of Service and community guidelines
  • • Investigating reported violations or suspicious activity
  • • Complying with legal obligations and law enforcement requests

Communication

  • • Sending account-related notifications and updates
  • • Providing customer support and technical assistance
  • • Sharing important service announcements
  • • Conducting user research and feedback surveys (with consent)

❌ Prohibited Uses

  • • Targeted advertising or personalized advertisements
  • • Selling data to data brokers or information resellers
  • • Using data for determining credit-worthiness or lending purposes
  • • Creating databases for non-service-related purposes
  • • Training AI models

Data Storage & Security Architecture

Enterprise-Grade Infrastructure

Circle employs military-grade security measures typically reserved for Fortune 500 companies. Our data infrastructure is built on CockroachDB, a distributed SQL database designed for mission-critical applications with built-in resilience and security.

🌏 Asia-Pacific

Primary: Jurong West, Singapore (asia-southeast1)

🇪🇺 Europe

Secondary: St. Ghislain, Belgium (europe-west1)

🇺🇸 Americas

Tertiary: California, USA (us-west2)

🔐 Quantum-Resistant Security

1000+ Years Brute Force Resistance

Our multi-layered encryption system implements a sophisticated security architecture that would require an estimated 1000+ years to crack using current and projected future computing power.

System-Level Protection

  • • AES-256 encryption with rotating master keys
  • • Database-level encryption at rest and in transit
  • • Network isolation and zero-trust architecture
  • • Automated threat detection and response

User-Level Protection

  • • PBKDF2 key derivation with 100K iterations
  • • Unique salt generation for each user account
  • • Zero-knowledge architecture for sensitive data
  • • Multi-factor authentication support

Access Controls and Monitoring

Circle operates on a principle of minimal access. Our engineering team cannot view your raw data under normal circumstances. Access is only possible through audited procedures for:

  • Direct user support requests where you've provided explicit consent
  • Critical system debugging that cannot be resolved through anonymized logs
  • Legal compliance requirements (court orders, regulatory investigations)
  • Security incident response where user data may be compromised

All access attempts are logged, monitored, and reviewed by our security team. We maintain detailed audit trails of any data access for transparency and accountability.

Zero-Knowledge Approach

When we refer to a "zero-knowledge architecture," we mean that even Circle itself cannot easily access your sensitive data without undergoing rigorous, multi-step verification processes. This ensures your private information remains inaccessible by default, and only accessible through carefully controlled, auditable channels.

Data Sharing and Third-Party Services

❌ What We Never Do

  • • Sell your personal data to advertisers, data brokers, or any third parties
  • • Share your AI conversations or generated content for marketing or advertising
  • • Provide your data to social media platforms or tracking networks
  • • Use your data for political advertising or influence campaigns
  • • Share individually identifiable information without your explicit consent
  • • Use data for determining credit-worthiness or lending purposes
  • • Create databases for non-service-related purposes

Trusted Service Partners

We work with carefully vetted partners who help us deliver Circle's services. All partners are bound by strict data processing agreements and can only use your data for providing or improving user-facing features. By using services integrated with Google OAuth or YouTube Data API, you agree to be bound by Google's Terms of Service and YouTube's Terms of Service, respectively, in addition to our own terms:

🔐 Authentication

Supabase & Google OAuth:

Secure login, account management, and identity verification. These partners only receive the minimum data necessary for authentication, in accordance with Google's Terms of Service.

🤖 AI Processing

Groq:

High-speed AI inference for generating responses. Your conversations are processed securely and not used for purposes beyond service delivery.

🗄️ Data Storage

CockroachDB:

Distributed database infrastructure providing encryption, redundancy, and global data availability with regional compliance.

📊 Analytics

Google Analytics:

Anonymized usage analytics to improve user-facing features. Data is aggregated and cannot be traced to individual users, in accordance with Google's Terms of Service.

🎥 Content Integration

YouTube Data API:

Accessing public YouTube video metadata for AI analysis and content summaries. We only process the specific videos you request and do not access private account data, in accordance with YouTube's Terms of Service.

📧 Communications

Email Services:

Transactional emails for security alerts and essential service communications only.

Anonymized Data

We may use aggregated, anonymized, and statistically de-identified data to improve user-facing features. This data cannot be traced back to individual users and includes:

  • General usage patterns and feature adoption rates
  • Performance metrics and system optimization data
  • Regional usage statistics for infrastructure planning

Your Rights and Controls

We believe you should have complete control over your data. Circle provides comprehensive privacy rights that meet or exceed global privacy regulations including GDPR, CCPA, PIPEDA, and other regional data protection laws.

📋 Right to Access

Request a complete copy of all personal data we hold about you, including AI conversation history, account information, and usage data.

✏️ Right to Correction

Update or correct any inaccurate personal information in your account or request corrections to data we cannot edit directly.

🗑️ Right to Deletion

Request permanent deletion of your account and all associated data, with complete removal.

📦 Right to Portability

Export your data in machine-readable formats to transfer to other services, including conversation exports and project files.

⏸️ Right to Restriction

Limit how we process your data while maintaining your account, such as pausing data use for platform improvements.

🚫 Right to Object

Object to specific types of data processing, including analytics or automated decision-making.

✋ Special Rights for Minors

If you're under 18, you have additional protections:

  • • Enhanced privacy controls
  • • Right to request account deletion without parental consent in many jurisdictions
  • • Special handling of sensitive personal information
  • • Additional safeguards for AI-generated content and interactions
  • • Priority customer support for privacy-related concerns

How to Exercise Your Rights

After signing in to your Circle account, you can manage your data directly in the Settings page. There, you can:

  • Export Your Data: Download a complete copy of your personal data, including AI conversation history, account information, and generated content, in machine-readable formats.
  • Delete Your Data: Request permanent deletion of your account and all associated data, which will be completed within 30 days (subject to legal obligations).

🔗 Managing Your Google Account Access

Revoking Access to Your Google Account: You can revoke Circle's access to your Google account at any time by visiting Google Security Settings and removing "Circle" from the list of third-party apps.

Managing and Deleting Your Data: You can export or delete your account data by:

  • Going to Settings, where you can export all your data or permanently delete your account.
  • Contacting us through our contact page

Alternatively, contact us at cxsmciguy@gmail.com or through our contact page. We'll respond within 30 days and may need to verify your identity to protect your data. For faster processing, please include your account email, the specific request type, and any relevant details.

International Compliance & Data Transfers

Circle operates globally while respecting local privacy laws and regulations. We maintain compliance with major international data protection frameworks:

🇪🇺 GDPR (Europe)

Full compliance with European data protection regulations, including lawful basis documentation and privacy impact assessments.

🇺🇸 CCPA (California)

California Consumer Privacy Act compliance including disclosure of data categories and consumer rights.

🇨🇦 PIPEDA (Canada)

Personal Information Protection and Electronic Documents Act compliance for Canadian users.

🇺🇸 COPPA (Children)

Children's Online Privacy Protection Act compliance with enhanced protections for users under 13.

🇦🇺 Privacy Act (Australia)

Australian Privacy Principles compliance including notification of eligible data breaches.

🌏 Regional Laws

Compliance with applicable data protection laws in all jurisdictions where Circle operates.

Cross-Border Data Transfers

When your data is transferred internationally, we implement appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where available for destination countries
  • Additional technical and organizational measures for data protection
  • Regular assessment of data transfer risks and mitigation strategies

Data Retention and Deletion

We retain your data only as long as necessary to provide our services, comply with legal obligations, and protect our legitimate interests. Our retention practices are designed to balance functionality with privacy protection.

Active Account Data

Retention: Duration of account + 30 days

Personal information, preferences, and active projects are retained while your account is active and for 30 days after deletion to allow recovery.

AI Conversation History

Retention: 2 years or until deletion request

Conversation data is retained to maintain context and improve AI responses. You can delete individual conversations or export your history at any time.

Usage Analytics

Retention: 18 months (anonymized after 6 months)

Usage patterns and performance data are retained for service improvement, with personal identifiers removed after 6 months.

Security Logs

Retention: 1 year

Security events, access logs, and fraud prevention data are retained for security analysis and incident response.

Legal and Compliance

Retention: As required by law

Some data may be retained longer when required by legal obligations, ongoing investigations, or dispute resolution.

Backup Systems

Retention: 90 days

Backup copies are maintained for disaster recovery and are automatically purged after 90 days or upon explicit deletion requests.

Automated Deletion Process

Circle employs automated systems to ensure data is deleted according to our retention schedule. When you delete your account or specific data, our systems:

  • Immediately remove data from active systems and user-facing interfaces
  • Queue data for permanent deletion from all databases within 30 days
  • Purge backup copies according to our backup retention schedule
  • Provide confirmation of deletion completion upon request

Cookies and Tracking Technologies

Circle uses cookies and similar technologies to enhance your experience, maintain security, and analyze platform performance. We do not use cookies for advertising or tracking purposes.

✅ Essential Cookies

These cookies are necessary for Circle to function and cannot be disabled:

  • • Authentication and session management
  • • Security tokens and CSRF protection
  • • Load balancing and performance optimization
  • • User preferences and accessibility settings
  • • Shopping cart and transaction state (for premium features)

📊 Analytics Cookies

These help us improve user-facing features (with your consent):

  • • Page views and user journey analysis
  • • Feature usage and adoption metrics
  • • Performance monitoring and error tracking
  • • A/B testing for user experience improvements
  • • Anonymized usage patterns and trends

🎯 Personalization

These cookies help customize your Circle experience:

  • • Theme preferences and UI customization
  • • Language and region settings
  • • Recently used features and shortcuts
  • • AI model preferences and conversation context
  • • Workspace layouts and tool arrangements

❌ What We Don't Use

Circle explicitly does NOT use:

  • • Third-party advertising cookies
  • • Social media tracking pixels
  • • Cross-site tracking technologies
  • • Browser fingerprinting for identification
  • • Cookies for targeted or personalized advertising

Managing Your Cookie Preferences

You have full control over non-essential cookies. You can:

  • Adjust cookie preferences through your Circle account settings
  • Use your browser's privacy settings to block or delete cookies
  • Opt out of analytics tracking while maintaining full functionality
  • Enable "Do Not Track" browser signals (which we respect)
  • Use privacy-focused browsers or extensions without losing Circle functionality

AI and Machine Learning Data Use

As an AI-powered platform, Circle's machine learning practices are central to our service. We only use your data for AI improvement with explicit consent and strictly for enhancing user-facing features.

🤖 How Your Data Improves AI

Model Improvement

  • • Anonymized conversation patterns improve response quality (with consent)
  • • Error correction and feedback enhance accuracy (with consent)
  • • Safety feedback helps prevent harmful outputs

Privacy Protections

  • • Personal identifiers stripped before processing
  • • Differential privacy techniques applied
  • • No memorization of specific user content
  • • Regular audits for data leakage prevention

AI Data Processing Principles

🔒 Privacy by Design

AI systems are built with privacy protections from the ground up, not added as an afterthought.

⚖️ Fairness and Bias Prevention

Regular testing and mitigation strategies to prevent discriminatory AI outputs.

🔍 Transparency

Clear documentation of AI capabilities, limitations, and data use practices.

🛡️ Safety First

Multiple layers of safety checks to prevent harmful, biased, or inappropriate AI responses.

Your AI Data Controls

You maintain control over how your data is used for AI improvement:

  • Opt-out options: Disable AI improvement data use while maintaining full functionality
  • Conversation deletion: Remove specific conversations from potential use
  • Model preferences: Choose which AI models process your data
  • Feedback control: Decide whether your ratings and corrections are used for improvement
  • Export capabilities: Download your AI interaction history in multiple formats

Policy Updates and Contact Information

How We Handle Policy Changes

We're committed to keeping you informed about changes to our privacy practices. Our update process is designed to be transparent and respectful of your time:

Minor Updates

  • • Clarifications and formatting improvements
  • • Contact information updates
  • • Technical corrections
  • • Updated effective dates only

Major Changes

  • • New data collection practices
  • • Changes to data sharing policies
  • • Additional third-party integrations
  • • Modified user rights or controls

For major changes, we'll notify you at least 30 days in advance via email and prominent notices in the Circle application. You'll have the opportunity to review changes and make informed decisions about your continued use of our services.

Get in Touch

We're here to help with any privacy questions, concerns, or requests. Our team is committed to responding promptly and thoroughly to all privacy-related inquiries.

📧 Primary Contact

Email: cxsmciguy@gmail.com

Subject Line: "Privacy Policy Inquiry - [Your Request Type]"

Response Time: Within 48 hours for urgent matters, 7 days for complex requests

🌐 Online Support

Contact Form: circle.cxsmic.space/i/contact

Help Center: Coming soon with detailed privacy guides

Available 24/7 with structured request forms for faster processing

🚨 Data Breach Notification

In the unlikely event of a data security incident that affects your personal information, we will:

  • • Notify affected users within 72 hours of discovery
  • • Provide clear information about what data was potentially affected
  • • Outline immediate steps taken to secure the breach
  • • Offer recommendations for protecting your account
  • • Provide regular updates throughout the incident response process

Thank You for Trusting Circle

Your privacy and security are not just policies to us—they're fundamental values that guide every decision we make. We're honored to be part of your creative and productive journey.

This policy was last updated on June 14, 2025 and reflects our ongoing commitment to transparency and user privacy protection.