WHAT WE COLLECT

When you use Athena (our AI chat)

Everything you type goes to Anthropic's Claude API. That's how AI works. Your questions, our responses, the full conversation. Anthropic processes it according to their terms. We also store anonymous conversation transcripts on our servers to improve Athena's responses and understand what visitors are curious about. No personal identifiers are attached unless you provide them.

When you email yourself a conversation

If you choose to receive your conversation via email, we send you a copy and keep a record of your email address along with the conversation. This helps us follow up if you have questions and understand what topics matter to visitors.

When you contact us

Email address, name, whatever context you provide. We store this in our email system (Google Workspace). We use it to respond to you. That's it.

When you enquire about products

Name, email, company, what you're trying to solve. Same as above. Stored in email. Used to assess fit and respond.

When you become a client

Payment details (processed by Stripe, we never see your full card number), usage data (what products you use, how often, API consumption), any work you create in the tools.

What we don't collect

We don't use analytics trackers. No Google Analytics. No Facebook Pixel. No tracking cookies. We don't sell data. We don't share it with advertisers. We're not in the data business.

HOW WE USE IT

We use your data to:

• Respond to your enquiries
• Provide the services you paid for
• Improve our products based on usage patterns
• Send service updates (downtime, new features, billing issues)
• Enforce our terms (usage requirements, capacity limits)

We don't use your data to:

• Train AI models (your work stays yours)
• Market to you endlessly (we'll email about service stuff, not sales)
• Build profiles for advertising
• Sell to third parties

WHO SEES IT

Your data lives in three places:

Our team

The people who need to see it to help you. Support requests, account issues, product feedback.

Service providers

• Anthropic (Claude API for Athena and product tools)
• Google (email hosting)
• Stripe (payment processing)
• Vercel (hosting infrastructure)

These companies have their own privacy policies. We chose them because they're serious about security. But read their terms if you want to know what they do.

Nobody else

We don't sell data. We don't trade it. We don't give it to marketing platforms. If law enforcement shows up with a valid warrant, we'll comply. Otherwise, your data stays with us.

WHY ANTHROPIC

Athena runs on Claude, built by Anthropic. We chose them deliberately.

What Anthropic does with your conversations

When you chat with Athena, your messages are processed by Anthropic's API. By default, Anthropic does not train their models on API data. Your conversations aren't feeding the machine. They process your request, generate a response, and that's it.

Anthropic may retain API inputs and outputs for up to 30 days for trust and safety purposes (detecting abuse, preventing harm). After that, it's deleted. Full details in their privacy policy.

Why we chose them

Anthropic leads in AI safety research. They built Constitutional AI, a method for training models to be helpful, harmless, and honest. While others in the AI race optimise for capability alone, Anthropic optimises for capability with responsibility.

Their models are consistently ranked among the most capable while maintaining strong safety guardrails. Claude won't help with harmful requests, manipulate users, or pretend to be something it's not. That matters when we're putting it in front of our visitors.

We pay for API access. That means we're the customer, not the product. Anthropic's business model is selling AI services, not monetising user data.

More info: anthropic.com/privacy

HOW LONG WE KEEP IT

• Contact enquiries: Until we respond, then archived. Deleted after 2 years unless you become a client.
• Active client data: As long as you're a client, plus 7 years for accounting/legal requirements.
• Usage logs: 90 days for debugging, then deleted.
• Chat with Athena: Anonymous transcripts stored indefinitely for service improvement. Emailed conversations (with your email address) retained for 2 years.
• Anthropic: Their retention policies also apply to data processed by Claude.

YOUR RIGHTS (GDPR)

If you're in the EU/UK, you have rights:

• **Access:** Ask what data we have on you. We'll send it within 30 days.
• **Correction:** Wrong email? Outdated info? Tell us. We'll fix it.
• **Deletion:** Want us to delete everything? We will, except what we legally must keep.
• **Portability:** Want your data in a usable format? We'll export it.
• **Object:** Don't want us processing your data for a specific purpose? Say so.
• **Complain:** Think we're breaking the rules? Contact your data protection authority.

To exercise these rights, email: privacy@prismaticalab.com

SECURITY

We use industry-standard security:

• HTTPS everywhere (encrypted connections)
• Secure hosting infrastructure (Vercel)
• API keys rotated regularly
• Access controls (only authorised team members see client data)
• Regular security audits

Perfect security doesn't exist. If something goes wrong, we'll tell you immediately.

CHANGES TO THIS POLICY

We might update this. When we do, we'll change the date at the top. Major changes? We'll email active clients.

QUESTIONS?

Email: privacy@prismaticalab.com

Prismatica Labs Limited
Company Number: 15595850
Registered Office: 48 Pembroke Road, London, England, W8 6NU