Privacy Policy

The Service is operated by Country Mile LLC (dba Praxis Fortis Consulting), based in Indiana, United States. For any privacy question or request, contact us at joe.hoffer@praxisfortisconsulting.com.

We collect the following categories of personal information, most of which you provide directly:

• Account information: your name, email address, and password (passwords are managed by our authentication provider and stored only as a secure hash). If you sign in with Google, we receive basic profile information from Google.
• Profile information: any first and last name, job title, organization, and industry you choose to add. Your name is printed on certificates you earn.
• Content you submit: the process descriptions, steps, goals, and documents (such as SOPs) you upload or enter, the audits and improved processes generated from them, action items, and messages you send to the in-app assistant.
• Usage and billing data: records of audits and other actions you run, associated token and cost usage, your credit balance, and your purchase and subscription history.
• Payment information: payments are processed by Stripe. We do not collect or store your full card number; Stripe provides us with limited information such as a customer identifier and payment status.
• Support information: bug reports, feedback, and messages you send us.
• Technical information: a session cookie required to keep you signed in, and basic technical data such as IP address and device or browser type that is part of ordinary web requests and security logging.

• To provide, operate, and maintain the Service and your account.
• To generate audits, improved processes, and assistant responses from the content you submit.
• To process payments, manage subscriptions and credits, and prevent fraud or abuse.
• To send you transactional messages, such as confirmation that an audit is ready or that a certificate was issued.
• To secure the Service, debug problems, and maintain reliability.
• To improve the Service, using aggregated or de-identified information where possible.
• To comply with legal obligations and enforce our Terms of Service.

Where the GDPR applies, our legal bases are: performance of our contract with you, our legitimate interests in operating and improving the Service, your consent where we ask for it, and compliance with legal obligations.

To generate an audit, an improved process, or an assistant reply, the content you submit is sent to our AI provider, Anthropic, for processing. Under Anthropic’s commercial API terms, your inputs and outputs are not used to train their models. We use AI only to provide the Service you request.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only with service providers (subprocessors) that help us run the Service, under contracts that limit them to that purpose:

• Supabase — database, authentication, and file storage hosting.
• Anthropic — AI processing of your content to generate audits and assistant replies.
• Stripe — payment processing.
• Microsoft 365 — sending transactional email.
• Google — optional sign-in (only if you choose Google sign-in).
• Netlify — application hosting and content delivery.

We may also disclose information if required by law, to protect our rights or the safety of others, or in connection with a merger, acquisition, or sale of assets.

We use a single essential cookie to keep you signed in. We do not use advertising or cross-site tracking cookies. Because the cookie is strictly necessary to provide the Service, it does not require consent. If we add optional analytics in the future, we will update this policy and provide any required choices.

We keep your information for as long as your account is active and as needed to provide the Service. We retain limited billing records as required for tax and accounting purposes. When you delete your account, we permanently delete your personal information and content as described below, except where we are legally required to retain certain records.

You can review and update your profile at any time in Settings. You can permanently delete your account and all of your data at any time from Settings, or by emailing us. We do not discriminate against you for exercising any privacy right.

California residents (CCPA/CPRA). You have the right to know and access the personal information we hold about you, to request deletion, to request correction, and to opt out of the sale or sharing of personal information. We do not sell or share personal information, and we do not use sensitive personal information for purposes beyond providing the Service. You may use an authorized agent to make a request.

EU, EEA, and UK residents (GDPR). You have the right to access, rectify, erase, restrict, or object to processing of your personal information, the right to data portability, and the right to withdraw consent. You also have the right to lodge a complaint with your local data protection authority.

To exercise any right, email joe.hoffer@praxisfortisconsulting.com. We will verify your request through your account email and respond within the time required by applicable law.

We protect your information with encryption in transit (HTTPS), row-level security on our database so each account can reach only its own data, access controls on administrative tools, and storage that is encrypted at rest by our hosting provider. No method of transmission or storage is completely secure, but we work to protect your information using reasonable safeguards.

We are based in the United States and process information there. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, which may have different data protection laws than your country.

The Service is intended for business users and is not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us information, contact us and we will delete it.

We may update this Privacy Policy from time to time. We will revise the “Last updated” date above and, for material changes, take additional steps to notify you where required.

Questions or requests: joe.hoffer@praxisfortisconsulting.com, Country Mile LLC (dba Praxis Fortis Consulting), Indiana, United States.