Privacy Policy

About Us

Magisterium AI is a tool to provide expert insight on the teachings of the Catholic Church. For more information, please visit our About page.

What Information We Gather

We may gather certain information, either personal or anonymous, based on your activities or data submitted while browsing our website, in the following formats.

Form information

If you submit a mailing list signup form, we collect your email address. If you submit a payment form, we collect necessary billing information from you. All other forms (including the general search prompt, feedback form, etc) are anonymous unless you explicitly enter personal information along with your form submission.

Search information

If you submit a search prompt, your query is sent to our servers and trusted third-party vendors to process your search query and provide a response. This data is logged and stored to help assist the search model unless you explicitly opt out. See Accessing your Data for more information.

Statistical information

Our website uses the following tools to collect statistical information about browsing behaviour and device or browser information, in order to improve the experience of our website:

To opt out of data collection, please visit our Cookie Policy page to change your consent status.

Cookie information

We collect cookies, both directly and through trusted third-parties, in order to improve the performance and user experience on our website. Please see our Cookie Policy for more information on usage and to manage your cookie settings.

Links

We sometimes provide links to third-party websites in the references listed to supplement the answer to a search query. While on these sites, these parties may collect information about you. Because we do not control the information policies or practices of these third parties, you should review their privacy policies to learn more about how they collect and use personally identifiable information.

How We Use Your Information

We may use your personal information when we have a valid reason to do so. This includes:

  • Add you to our mailing list upon form submission;
  • Process your payment (for paid plan subscribers);
  • Personalize services in order to provide a better user experience;
  • Improve our website experience.

You have the right to request that we cease to use or store your information. See Accessing your data for more information.

How We Protect Your Information

We take the greatest care in the security of your submitted information. Our website uses up-to-date Secure Socket Layers (SSL) encryption in order to protect the transmission of your data upon submission to our servers.

We do not directly retain, see or collect any credit card data of paid subscribers. At checkout, we transfer the session to a Stripe Checkout page, which provides a secure and PCI compliant framework for collecting payments without requiring us to process any credit card data directly. Stripe is certified as a PCI Level 1 Service Provider, the most stringent level of certification availalbe in the payments industry, ensuring the safety of all payment data. All subscription management is also securely managed using Stripe's secure, managed customer portal page.

For more information about Stripe's security and safety precautions, see Security at Stripe.

Where your information is stored

Depending on the type of information you have submitted, your data will either be stored securely in a database on our server; or in the database of our trusted third-party partners, if data was directly submitted by you for a particular purpose on our website. These third-party partners include:

  • MailChimp – for email mailing list subscriptions.
  • Google – for anonymous statistical information, and/or personalized data (for visitors from outside the EU).
  • Facebook – for statistical and personalization information.
  • Hotjar – for analytical and statistical information.
  • OpenAI – to process search queries.
  • Supabase – to store submitted data for model training and improvement.
  • Stripe - for subscriber payment information.

Information stored by these third-parties is protected by and subject to their privacy policy. You can find their policies at the links below:

How we handle search query data

Search queries must be processed by our server and those of our third-party provider (OpenAI) in order to generate an answer. However, you do have control over how long your search query data is stored.

By default, search query data is saved on our servers indefinitely and the data used to help improve the product.

You have two options to managing historical search query data usage:

  1. You can disable Prompt History in your "Prompt Activity" settings. This will automatically delete all chat history from our servers within 30 days.

  2. You can permantely delete chat history data by creating an account and clicking "Clear All Prompts" in your settings.

Search queries must be submitted to OpenAI to process and generate answers. Note that this search data is never processed for any purpose aside from completing the answer, and is never used to train the models. In addition, Open AI is not sent any identifiable information and therefore your queries cannot be linked to a particular user or account. See more about their API data policy here.

International Transfers

Due to the multinational locations of our servers, as well as our third-party partners, any information which you consented to provide may be transferred to a location outside of the country or region you are located in. Data will only be transferred to either: a) our servers; b) trusted third-party partners, as indicated in the above section, which we determine to have adequate transparency and security parameters in place for the protection, storage and accessibility of your data.

Mailchimp Transfers

When you sign up for our mailing list, your information is entered into our Mailchimp account. Mailchimp servers are located in the United States, so even if you are located outside of the United States, your information is transferred to and stored in US based servers, as well as third-party subprocessers who provide servers to Mailchimp. Mailchimp does ensure that their data processing adheres to strict transfer and storage security practices and follows compliance with EU Standard Contractual Clauses, as well as the EU-US Privacy Shield Framework (it is important to note this framework is now invalidated, however there is a new framework in development).

See this document for more information about Mailchimp's transfer practices, as well as the full list of Mailchimp subprocessors here.

Data breach prevention

Our servers and website infrastructure are kept up to date and secured by a Web Application Firewall (WAF) to protect against a data breach via a third party attack.

In the unlikely event of a breach where your stored data is, or may have been compromised, we will inform you within 24 hours after becoming aware of the data breach, and provide you with our action(s) taken in order to protect your data moving forward.

Note that due to a multitude of different vulnerabilities which are present during the submission of data and are outside of our control (local computer viruses, unsecured/compromised internet connections, etc.), we cannot guarantee and are not responsible for compromised data which occurs during the submission of data and as the result of such factors outside of our control. However, once the data has been submitted and is stored in our infrastructure, we ensure that the data is responsibly held and secured.

Data Controller

The data controller is the organization/entity responsible for the protection of information on and submitted to this website. The Data Controller is Longbeard. Complaints, concerns or requests can be emailed to [email protected].

How Long We Store Your Data For

Personal information submitted directly on our website through a form is stored indefinitely, or until manual deletion is requested. Data collected by Google for statistical and personalization purposes is retained for 50 months before being deleted automatically. More information about Google’s data retention policy can be found here.

Accessing Your Data

If you have submitted data on our site, you have the right to access, change or request erasion of this data at any time. Please contact us to request a file of your submitted personal data.

Logging

Unless you explicitly opt out of logging (on the Privacy tab), your submitted data will be stored in our database to enable user features (prompt history) and may be processed for model training purposes. If you opt out of logging, your search query data will not be used for model training purposes and submitted queries will be deleted within 30 days.

Our Cookie Policy

We use cookies to personalize content, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, marketing and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. In order to see the cookies we use, or to change your cookie settings, view our Cookie Policy.

Changing your cookie settings

You can adjust your cookie settings or withdraw your consent on our Cookie Policy page.

Changes To This Policy

Any changes to this Policy will be posted directly on this page. We will also inform you when we make these changes, and what changes were made below.

Previous changes to this policy:

  • July 7, 2023: Released privacy policy.
  • November 6, 2023: Updated policy to reflect introduction of paid plans and Stripe payment processing.
  • November 14, 2023: Added a dedicated section on Mailchimp transfers for additional clarity.