Privacy and Data Policy

1. Information We Collect

1.1 Membership Account Information

When you apply for membership, we collect: your email address, a hashed password (plaintext passwords are never stored), and your membership class.

1.2 Financial Information

Membership fee administration is handled by the Association’s financial agent, using a PCI-compliant payment processor. The Association does not store full payment card numbers. The payment processor retains billing information pursuant to its own privacy policy.

1.3 Session Content — Encrypted and Unencrypted

The text of your queries and AI-generated responses constitutes session content. The privacy protections applicable to your session content depend on the encryption state you have chosen:

• Encrypted sessions: Content is encrypted under zero-knowledge architecture. The Association and its personnel cannot access, read, or recover encrypted session content under any circumstances. Encrypted content cannot be produced in response to any request, including legal process, because it is technically inaccessible to the Association.
• Unencrypted sessions: Content is stored in a readable state accessible to authorized technical personnel for maintenance and security purposes only. Unencrypted content may be subject to compelled disclosure pursuant to valid legal process.

Session content is never used to train AI models. The Association does not sell session content to any third party under any circumstances, without exception.

1.4 Usage Data

We collect minimal technical data to operate the platform: query counts for Basic membership enforcement, timestamps, and error logs. We do not engage in behavioral advertising and do not sell usage data.

1.5 Communications

We collect email addresses for membership administration, billing notifications, deletion verification, and security communications, handled by a transactional email provider. We do not send marketing communications without explicit opt-in.

2. How We Use Information

We use collected information solely to: authenticate members and manage access; administer membership fees through the financial agent; enforce Basic membership query limits; deliver and maintain platform functionality; send required transactional communications; and comply with applicable legal obligations. We do not use member information for advertising, behavioral profiling, or sale to any third party for any purpose.

3. Zero-Knowledge Encryption

3.1 When Encryption Is Enabled

• Session content is encrypted and technically inaccessible to the Association and its personnel.
• The Association cannot read, retrieve, reconstruct, or produce encrypted session content for any reason, including legal process.
• Encrypted content is permanently inaccessible without the member’s passphrase. Loss of passphrase or account access means permanent, irrecoverable loss of encrypted content.
• No recovery pathway exists for encrypted session content.

3.2 When Encryption Is Disabled

• Session content is stored in a readable state accessible to authorized personnel.
• Unencrypted content may be retrieved upon member request for a fee, delivered only to the account email address.
• Unencrypted content may be subject to legal process.

3.3 Member Choice

The Association provides the encryption capability and leaves the decision where it belongs: with the member. Sessions are unencrypted by default. Members who wish to ensure absolute privacy of session content are responsible for enabling encryption. The Association supports both choices without judgment.

4. Data Retention

Membership account information is retained for the duration of membership. Session content retention by membership class:

• Basic members: session content deleted one month following last login, processed on the first day of the following month. No post-resignation archive period applies.
• Monthly members: session content deleted 3 months following membership expiration.
• Annual members: session content deleted 3 months following membership expiration.
• Scholar members: session content deleted 12 months following membership expiration.

Billing records are retained as required by law.

5. Member Rights

Members have the right to: request deletion of their account and all associated data (subject to the deletion safeguards in Bylaws Article 5); access account-level information we hold; request retrieval of unencrypted session content (subject to the administrative retrieval fee stated in Section 6.1 below); correct inaccurate account information; and withdraw consent for optional communications. Encrypted session content cannot be produced in response to any access request. Requests may be submitted through the contact form at gracehaven.ai/contact.

6. Data Access and Retrieval

6.1 Member-Initiated Retrieval

A member may request retrieval of their own unencrypted session content. Conditions: $100.00 fee per request, reflecting genuine administrative labor. Delivered exclusively to the email address on file. Encrypted content cannot be retrieved by any means. Requests submitted through the contact form at gracehaven.ai/contact with sufficient account verification. The Founder-Trustee may waive or reduce the fee at sole discretion.

6.2 Compelled Legal Process

The Association does not sell, share, or disclose member data to any third party voluntarily. The Association will not respond to informal requests, law enforcement inquiries without legal process, or any request not accompanied by a valid court order, subpoena, or equivalent compulsory legal instrument from a court of competent jurisdiction.

For any compelled disclosure request supported by valid legal process:

• A mandatory administrative fee of $10,000.00 applies to any legally compelled retrieval of unencrypted session content, due before work commences.
• The Association will assert all available legal objections, privileges, and protective measures before complying.
• The Association will notify the affected member of any legal process received, to the fullest extent permitted by law and not prohibited by court order.
• Encrypted session content cannot be produced. Zero-knowledge encryption renders it technically inaccessible regardless of legal authority.
• The Founder-Trustee may waive or reduce the compelled retrieval fee at sole discretion, including in matters involving serious crimes against persons.

The Association does not sell data to advertisers, marketers, data brokers, researchers, or any commercial third party. This prohibition is absolute.

7. Third-Party Service Providers

The Association uses third-party service providers to operate the platform, including providers for database and authentication services, payment processing, hosting, and transactional email. Each provider operates under its own privacy terms. The Association does not authorize any provider to sell or use member data for advertising or profiling. Payment processing is handled by a PCI-compliant payment processor through the Association’s financial agent. A current list of sub-processors is available upon request through the contact form at gracehaven.ai/contact.

8. Children

The platform is not directed to children under 13. Members between 13 and 17 require parental consent. Use the contact form at gracehaven.ai/contact if you believe a child under 13 has applied for membership.

9. Security

The Association implements: optional member-controlled zero-knowledge encrypted session storage; hashed authentication credentials; HTTPS-enforced transport; and access controls limiting personnel access to unencrypted data. Members who require absolute protection for session content are advised to enable encryption.

10. Governing Law

This Policy is governed by the laws of the State of Texas. Privacy disputes are subject to the arbitration provisions of Bylaws Article 4.

11. Changes to This Policy

Material changes will be communicated to active members at least 30 days before taking effect. Continued membership constitutes acceptance.