PRIVACY NOTICE & TERMS OF SERVICE
Last updated: 12 August 2025
Anthropic does not use customer API inputs or outputs to train their
models. Retention described below applies, but data is not used for model
training.
1. WHO I AM
I, Mykhailo Tkachenko, operate this CAD‑assistant plugin as an individual
sole proprietor. Until I register a separate legal entity, I am the data
controller for any personal data processed under the General Data
Protection Regulation (GDPR).
2. WHAT DATA I PROCESS & WHY
- Prompt text + metadata — generate AI replies;
discarded immediately.
- Authentication (e‑mail address) — sign‑in & rate
limiting.
- Product‑analytics metrics — to understand adoption
and demonstrate traction to pre‑seed investors. These include:
- Weekly download counts and week‑over‑week growth rate.
- Retention % via Customer Retention Rate (CRR).
- Engagement: Daily Active Users (DAU) / Weekly Active Users (WAU)
and average session length.
- Basic profile data required in the sign‑up form (all fields must
be completed): e‑mail, full name, worksite location, job type,
position.
We aggregate and anonymise these metrics before sharing them
externally; no individual‑level information is disclosed to
investors.
No CAD geometry, files or full chat transcripts
are stored.
3. HOW PROCESSING WORKS
- Your prompt travels over HTTPS to my Render backend.
- Backend forwards it over HTTPS to Anthropic’s Sonnet 4 API.
- Anthropic retains the input/output ≤ 30 days, then deletes them.
Anthropic does not use API data to train models.
- Prompts are erased from server memory once the reply streams back to
you.
Analytics events are stored in a database hosted on Render (pseudonymised
user‑ID) and rolled up into weekly, aggregated reports.
4. RETENTION
- Prompts/responses — zero‑retention on my side;
Anthropic ≤ 30 days.
- Raw analytics events — 12 months, then deleted;
aggregated reports kept indefinitely (non‑identifiable).
- Auth records — kept while your account is active +
90 days.
5. SECURITY MEASURES
- TLS 1.2+ encryption in transit; Let’s Encrypt certs managed by Render.
- Encryption at rest (AES‑256) for databases and backups.
6. YOUR RIGHTS
You may access, correct, erase, export your personal data, or withdraw
consent at any time. E‑mail m@borzo.engineering; I respond
within 30 days.
7. INTERNATIONAL TRANSFERS
Data is processed in the EU (Render Frankfurt) and in the US (Anthropic)
under EU Standard Contractual Clauses and Anthropic’s participation in the
EU–US Data Privacy Framework.
8. NO WARRANTY / LIMITATION OF LIABILITY
The plugin is provided “AS IS,” without warranties of any kind. To the
maximum extent permitted by law, I shall not be liable for indirect or
consequential damages arising from use of the plugin.
9. CHANGES
Material changes will appear in‑plugin and on my website at least 14 days
before taking effect.
10. CONTACT
Mykhailo Tkachenko
E‑mail: m@borzo.engineering
