Privacy Policy
This is a practical draft for TargetCLB MVP review. It should be reviewed before any public production launch.
This privacy policy is a pre-launch draft for TargetCLB MVP readiness. It is not final legal advice and must be reviewed before public production traffic is accepted.
TargetCLB may collect account details such as email address, display name, authentication session data, profile preferences, and security information needed to operate Supabase Auth-backed accounts.
Practice attempts, selected answers, Writing responses, Speaking recordings, transcripts, feedback reports, progress records, and allowance counters are used to save learner progress, generate practice-only feedback, enforce server-side usage limits, and support account-level troubleshooting.
Speaking recordings are treated as private learner content. The current product foundation stores recordings for authenticated playback and feedback. Transcripts and speaking metrics may be generated for practice reports. Production retention, deletion, and export rules still need final review.
The current local foundation uses mock AI providers by default. Future production AI providers may process Writing responses, Speaking recordings or transcripts, generated feedback, and prompt metadata only after provider setup is explicitly enabled with server-side controls.
Future subscription providers may process payment, renewal, refund, and entitlement information. TargetCLB's backend entitlement state remains the access source of truth. Transactional email may be used for password reset, account confirmation, and support flows after production email routing is configured.
Internal admin workflows may review generated practice content, publishability status, and operational metadata. User practice submissions should not be used for public content without a separate approved policy and consent model.
TargetCLB uses cookies and browser storage for authentication sessions, theme preference, security, and normal product operation. Production analytics and monitoring are deferred and must be documented before launch.
Use support@targetclb.com for privacy questions. Inbound support routing is active for beta use; custom outbound transactional email remains pending. Do not send passwords, payment details, identity documents, or other highly sensitive information through email.