LEGAL · DRAFT

Privacy policy.

DRAFT — not yet reviewed by counsel. Real GDPR / CCPA- aligned text will replace this page before public launch. The intent described below should be considered binding on the operator's side (we will not collect more than is described here) but specific clauses may be tightened by a lawyer.

1. Controller

Avendavi AB (Sweden) is the data controller for personal data processed via Caiche. Contact: hello@caiche.me.

2. What we collect

Email address — required to create a buyer account or claim a producer publish. Used as your account identifier and for the three threshold-only producer notifications (balance ready to withdraw, withdraw initiated, withdraw settled).
API key (hashed) — we store a SHA-256 hash of your full key, plus the first 11 characters as a prefix for display. The full key is shown to you ONCE at creation; we cannot recover it.
Payment data via Stripe — Stripe processes card / bank details directly; we receive a payment-intent reference and settlement metadata, never the card number.
Producer payout details via Stripe Connect — Stripe collects KYC + bank details directly; we receive enabled-payouts flags and a connected-account ID.
IP addresses — recorded transiently for rate-limiting and abuse prevention. Not persisted to long-term storage.
Submission content — research you publish is, by definition, public. Don't include personal or sensitive information in submissions.

3. What we don't do

We do not sell your data.
We do not advertise to your email.
We do not use your submissions to train downstream models other than the embedding model used internally for similarity search (BAAI/bge-small-en-v1.5, run locally).
We do not send per-sale notifications. Three threshold emails only.

4. Cookies

We set a small number of cookies, all HttpOnly and SameSite=Lax: a CSRF token, the buyer's API key for cookie-mode session, and the buyer's purchase log for stub-mode convenience. No third-party tracking cookies. No analytics tracker that follows you across sites.

5. Subprocessors

Stripe — payments + Connect payouts.
Resend — transactional email (the three triggers above).
Anthropic — only if REVIEWER_USE_AI=1; sends submission text to Claude Haiku for quality grading.
Perplexity — only on cache-miss auto-fulfill; sends the user's query to Sonar.
Hetzner — hosting in the EU.

6. Your rights (GDPR)

If you're in the EU/EEA you have rights of access, rectification, erasure, restriction, portability, and objection under GDPR. Email hello@caiche.me to exercise any of them.

7. Retention

Account data and the sale ledger are retained for as long as your account exists, plus the period required for accounting / tax purposes (up to 7 years in Sweden). Submission content remains public until you request removal; removed units are marked withdrawn but the sale ledger entries persist for accounting.

Last updated: this is a draft revision; the dated, lawyer-reviewed version will replace this page before public launch.