Privacy Policy

This Privacy Policy explains how Learn Domains ("we", "us") collects, uses, shares, and protects information when you use learn.domains and app.learn.domains (the "Service"). We collect only what we need to run the Service and improve your results.

Depending on how you use the Service, we collect the following categories of data:

• Account data: your name, email, organization, and authentication identifiers managed through our auth provider.
• Billing data: subscription status, plan, and payment metadata. Card details are handled by Stripe; we do not store full card numbers.
• Website data: the domains you connect and configuration you provide about them.
• Analytics data: usage of the Service and, where you connect them, traffic and engagement metrics from your properties.
• Google Search Console data: clicks, impressions, CTR, average position, and related query/page data (read-only) for properties you authorize.
• Google Analytics (GA4) data: sessions, users, pageviews, engagement, and source data (read-only) for properties you authorize.
• Stripe revenue data: revenue, MRR, active subscriptions, and transaction metadata where you connect a Stripe account.
• Knowledge base content: documents, notes, and brand context you upload or provide.
• AI prompts and outputs: the inputs you submit to AI features and the outputs generated for your account.
• Support messages: information you send us via the contact form, email, or chatbot.
• Affiliate and referral data: referral links, clicks, signups, conversions, and payout details for program participants.
• Cookies and device data: a first-party visitor identifier, and standard log/device information.

We use the information we collect to:

• Provide, operate, secure, and improve the Service and its intelligence and recommendations.
• Process payments, manage subscriptions and credits, and prevent abuse and fraud.
• Generate AI analysis, briefs, and content drafts you request.
• Communicate with you about your account, support requests, and important Service changes.
• Measure conversion, activation, and retention to improve the product.
• Operate the affiliate and referral programs, including attribution and payouts.

We do not sell your personal information.

When you connect Google Search Console or Google Analytics, we request read-only access and use that data solely to provide and improve user-facing features of the Service for you. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We do not use Google user data for advertising, and we do not transfer it to third parties except as necessary to provide the Service, comply with law, or as part of a merger or acquisition. You can disconnect Google integrations at any time, which revokes our access going forward.

AI features send relevant inputs (which may include your prompts, website data, and knowledge base content) to third-party AI providers to generate outputs. We route requests through a model router and log token usage and estimated cost to manage performance and margins. We work to limit what is shared to what is needed for the requested output.

We rely on trusted service providers to operate the Service. These processors access data only as needed to perform services for us:

• Stripe: payments, subscriptions, and billing.
• Clerk, authentication and account management.
• Supabase, application database and storage.
• Vercel, application hosting and delivery.
• Google APIs. Search Console and Analytics data you connect.
• AI providers, large language and embedding models used to generate outputs.
• Resend, transactional and administrative email.

We use a first-party cookie to maintain a stable visitor identifier for attribution and our own deterministic A/B testing, and essential cookies for authentication and security. Our analytics are first-party; we do not embed third-party advertising trackers.

We retain personal data for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we delete or anonymize it.

We use technical and organizational measures to protect your data, including encryption of sensitive credentials, access controls, and row-level security on tenant data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Depending on your location, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can exercise many of these directly in your account settings, or by contacting us.

You can request deletion of your account and associated personal data by emailing hi@learn.domains from the email on your account, or through your account settings where available. We will process verified requests within a reasonable time, subject to legal retention requirements. Disconnecting an integration (such as Google) revokes our ongoing access to that source.

The Service is not directed to children under 18, and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact us so we can remove it.

We and our processors may process data in countries other than where you live. Where required, we use appropriate safeguards for cross-border transfers.

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you. The latest version will always be available on this page.

Questions or privacy requests? Contact us at hi@learn.domains.