What we collect

If you join the waitlist

When you submit the form on the homepage we store your email address, the interest category you selected, the country your request came from, your browser's user-agent string, and a hashed (not raw) version of your IP address. The hash is salted and truncated and cannot be reversed back to the original IP.

A daily summary of new signups is posted to a private Discord channel monitored only by the operator. The summary includes email and interest category; it does not include IP, user-agent, or country.

If you load a page

Every page sends one anonymous beacon to /api/track with the path you visited and the referrer that brought you. Country comes from your IP at Cloudflare's edge. Your IP itself is hashed before storage; the raw IP is not retained. We do not set any cookies for analytics. If your browser sends the Global Privacy Control signal (Sec-GPC: 1) the beacon is suppressed entirely. We also honour the older Do Not Track signal for the same purpose.

If you use the gated demo

The demo at /demo is currently restricted to a single operator email. If we expand access, sentences you submit are forwarded to the engine, an entry is added to a per-user daily rate-limit counter (keyed on a canonicalised form of your email), and the engine response is streamed back. Sentences are not stored verbatim, but the engine does record structural signatures (predicate + subject sense) of the cases where it could not commit; see the silent-case section below. Rate-limit counters expire after 36 hours.

What the engine collects to improve itself

When the engine cannot commit to a reading (verdict SILENT) it records the structural signature of the case (the verb predicate and the subject sense it was unable to disambiguate) to a private file on the operator's NAS. This is the "silent-case log" the engine uses to find recurring patterns and tune its rules. This collection is active today for the operator's own demo sessions and will apply on the same terms if access is expanded.

The silent-case log includes a source tag that identifies the demo session (e.g. demo:[email protected]) so the operator can correlate signals back to a user when investigating. Sentences are not recorded verbatim. The file is retained until the next monthly rotation; older entries are discarded. You can request your entries be deleted by emailing [email protected].

Operator logs

Two operational log streams capture user-identifying data during demo usage. The Pages Function proxy logs (Cloudflare Pages tail) emit one JSON line per demo request with the endpoint, upstream status, upstream latency, body byte count, and your authenticated email; they are retained by Cloudflare per their Workers tail policy (currently rolling, short window) and are used by the operator to triage failures and latency regressions, not aggregated, exported, or shared. The FastAPI per-request logs (uvicorn stdout, captured by journalctl on the operator's NAS) emit one line per completed demo call with your email, sentence length, verdict, and duration; they are retained per the NAS journald default (rolling) and are used for engine-performance triage.

Email entries can be redacted on request from both streams, but doing so requires manual log surgery; expect a longer turnaround for log deletion than for KV / D1 deletion.

Who we share with

Cloudflare provides the edge, storage (KV, D1), and identity layer (Access) that this site runs on. The Discord webhook receives the daily signup digest. We do not share data with advertisers, analytics vendors, or data brokers.

How long we keep it

Waitlist signups are retained until you ask us to delete them or until the product launches and signups are migrated into an account system, whichever comes first. Hashed-IP pageview rows are retained for ninety days unless we are investigating an incident. Rate-limit counters expire automatically (daily user counter: 36 hours; monthly spend counter: 40 days). Operator log streams (Cloudflare Pages tail and journald on the NAS) are retained per the underlying service defaults; both rotate on a rolling window and are not aggregated into long-term storage.

Your rights

Whatever jurisdiction you are in (GDPR, CCPA, or elsewhere), email [email protected] and we will: tell you what we hold about you, correct anything wrong, delete it on request, and answer follow-up questions in plain language. We aim to respond within seven business days.

Changes to this page

We will note the "last updated" date at the top of this page when anything changes. If a change is material (we start collecting something new, or share with a new party) we will say so in the next waitlist update email.