Privacy Policy

Last Updated: December 10, 2025

1. Introduction

Welcome to Historacle ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our website and with our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.historacle.ai and use our AI-powered historical conversation platform.

2. Information We Collect

We collect information that you provide directly to us, as well as information automatically collected when you use our services.

A. Personal Information

  • Account Information: When you register, we collect your name, email address, and password.
  • Google User Data: If you choose to sign in with Google, we collect your name, email address, and profile picture associated with your Google account. We use this information solely for authentication and account management purposes.
  • Location Data: We may request access to your location data to provide location-based features. You can enable or disable location services when you use our Service at any time, through your device settings.
  • Communication: If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

B. Usage Data & Cookies

We automatically collect certain information when you visit, use, or navigate the Site. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Site, and other technical information.

We use cookies and similar tracking technologies to track the activity on our Service and store certain information. For more detailed information about the cookies we use, please see our Cookie Policy.

C. Session Recordings

With your consent, we use anonymized session recordings (via PostHog) to understand how users navigate our platform. These recordings capture mouse movements, clicks, and page scrolling to help us identify usability issues and improve the product experience.

What is automatically masked:

  • Password fields and sensitive form inputs
  • Elements marked with our privacy data attribute

What is NOT captured:

  • Keystrokes in password fields
  • Credit card or payment information
  • Content from other browser tabs or applications

Session recordings are only enabled when you accept analytics via the cookie consent banner. You can opt out at any time by clearing your cookie preferences in your browser.

3. How We Use Your Information

We use the information we collect or receive:

  • To facilitate account creation and logon process.
  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage your account and registration.
  • To contact you regarding updates, security alerts, and support.
  • To improve our AI models and user experience (anonymized data only).
  • To comply with legal obligations.

4. Third-Party Services

We use third-party services to facilitate our Service, to provide the Service on our behalf, to perform Service-related services, or to assist us in analyzing how our Service is used.

  • Google Cloud Platform (GCP): We host our infrastructure on Google Cloud Run and Cloud Storage.
  • Supabase: Authentication and database provider. Stores account credentials, profile information, chat history, and session metadata.
  • OpenAI: We use OpenAI's GPT family of Large Language Models to generate historical character responses, transcribe speech (optional), and synthesize voice (optional). User messages are sent to OpenAI under their API terms; OpenAI does not use API content to train models. See OpenAI's API Data Usage Policies.
  • Pinecone: Vector database used to retrieve historically-grounded source material for character responses. Stores embeddings of public-domain texts; no user data is sent.
  • Sign in with Apple: Authentication provider for the iOS app. Apple may share your email (real or a private relay) and optionally your name. See Apple's Sign in with Apple privacy policy.
  • Sign in with Google: Optional authentication provider on web and iOS. Google may share your email, name, and profile picture. See Google's Privacy Policy.
  • PostHog: Product analytics and error tracking on both web and iOS. Captures anonymized event data (screen views, button taps, auth events) and crash reports including stack traces. On web, session recordings auto-mask sensitive input fields (passwords, email). On iOS, no session replay is used. Events are tagged by environment (staging vs production). You can opt out on web via the cookie consent banner.
  • Google Analytics: Used on the historacle.ai web platform for aggregate traffic analysis. Not used in the iOS app.

5. Google User Data

Our use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. We do not sell your Google user data to third parties.

6. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Site is at your own risk. You should only access the services within a secure environment.

7. Contact Us

If you have questions or comments about this policy, you may email us at support@editlingo.com.