Privacy Policy
Last updated: February 2026
1. Introduction
ArchVibe ("we", "us", or "our") respects your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data when you use our website and course platform (the "Service").
2. Data We Collect
We collect the following types of information:
- Account information: Email address and hashed password (stored by Supabase Auth).
- Purchase information: Order details, tier purchased, and transaction IDs. Payment details (card numbers, billing address) are handled entirely by Paddle and never stored on our servers.
- Usage data: Pages visited and lessons accessed, used to track course progress.
3. How We Use Your Data
We use your data to:
- Provide access to your purchased course content
- Track your lesson progress
- Process refunds and handle support requests
- Send important product updates (no marketing emails unless you opt in)
4. Third-Party Services
We share data with the following services, each for a specific purpose:
| Service | Purpose | Data Shared |
|---|---|---|
| Paddle | Payment processing (Merchant of Record) | Email, purchase details, payment info |
| Supabase | Authentication, database, file storage | Email, hashed password, course progress |
| Cloudflare | Website hosting and CDN | IP address (for serving content), standard web logs |
Paddle is our Merchant of Record and processes all payment data. We never see or store your credit card number, billing address, or other payment details.
5. Cookies
We use essential cookies only. These are authentication session tokens required to keep you logged in. We do not use analytics cookies, advertising cookies, or any third-party tracking cookies.
6. Your Rights (GDPR)
If you're in the European Economic Area, you have the right to:
- Access — Request a copy of the personal data we hold about you.
- Rectification — Ask us to correct inaccurate data.
- Erasure — Ask us to delete your personal data ("right to be forgotten").
- Portability — Request your data in a portable format.
- Objection — Object to processing of your data for specific purposes.
To exercise any of these rights, email us at tamirmagnezi5500@gmail.com. We will respond within 30 days.
7. Data Retention
We retain your account and purchase data for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days, except where we're legally required to retain it (e.g., financial records for tax purposes).
8. Security
We use industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and access controls. Payments are handled entirely by Paddle, a PCI-compliant payment processor.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We'll notify you of significant changes by updating the "Last updated" date and, when possible, sending a notice to the email on your account.
10. Contact
If you have questions about this Privacy Policy or want to exercise your data rights, contact us at tamirmagnezi5500@gmail.com.