DECSTER
← Back to Sign In

Privacy Policy

Last updated: October 6, 2025

1. Information We Collect

Personal Information

  • Name and email address (required for account creation)
  • Profile information you choose to provide
  • Organization membership and role information
  • Authentication data (handled securely by Auth.js)

Content Data

  • Files and documents you upload to your content library
  • Assessment responses and learning preferences
  • Chat messages and AI interactions
  • Learning progress and roadmap data

Usage Data

  • Platform usage patterns and feature interactions
  • Performance metrics and error logs
  • Device and browser information
  • IP address and general location data

2. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Decster.ai service
  • Generate personalized AI assessments and learning roadmaps
  • Enable contextual AI chat with your content
  • Manage multi-tenant organization access and permissions
  • Improve our AI models and service quality
  • Communicate with you about service updates and support
  • Ensure platform security and prevent abuse

3. Data Processing and AI

AI Processing: Your content is processed by our AI systems to generate embeddings, assessments, and personalized responses. This processing is essential to provide our core functionality.

Vector Embeddings: We convert your content into vector embeddings using OpenAI's text-embedding-3-large model for semantic search and retrieval.

Third-Party AI Services: We use Claude Sonnet (Anthropic) and OpenAI services for chat and content generation. These services process your data according to their respective privacy policies.

4. Data Storage and Security

Database: We use Supabase (PostgreSQL) with Row Level Security (RLS) to ensure strict tenant isolation. Your data is encrypted at rest and in transit.

File Storage: Uploaded files are stored in Supabase Storage with private access controls and signed URLs for secure access.

Multi-Tenant Security: All data is isolated by organization ID with strict access controls. Users can only access data within their organization.

Rate Limiting: We implement Redis-based rate limiting to prevent abuse and ensure fair usage across all users.

5. Data Sharing and Disclosure

No Sale of Data: We do not sell, trade, or rent your personal information to third parties.

Service Providers: We may share data with trusted service providers who assist in operating our platform:

  • Supabase (database and storage)
  • OpenAI (AI processing and embeddings)
  • Anthropic (Claude AI services)
  • Vercel (hosting and deployment)
  • Upstash (Redis caching)

Legal Requirements: We may disclose information if required by law or to protect our rights and the safety of our users.

6. Your Rights and Choices

You have the right to:

  • Access and review your personal data
  • Update or correct inaccurate information
  • Delete your account and associated data
  • Export your data in a portable format
  • Opt out of non-essential communications
  • Request information about data processing activities

To exercise these rights, please contact us at decsters.ai@gmail.com

7. Data Retention

Account Data: We retain your account information for as long as your account is active or as needed to provide services.

Content Data: Your uploaded content and generated assessments are retained to provide ongoing service functionality.

Usage Data: Analytics and usage data may be retained for up to 2 years for service improvement purposes.

Deletion: Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

8. International Data Transfers

Your data may be processed and stored in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses and adequacy decisions.

9. Children's Privacy

Decster.ai is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at decsters.ai@gmail.com

© 2025 Decster.ai. All rights reserved.
Main App PrivacyExtension PrivacyTerms of Service