Privacy Policy
What BeginArc collects, why, and what we explicitly do not do.
What we collect
- Email address (when you sign in via magic link).
- Quiz preferences you submit.
- Journeys you generate.
- Watch / read progress that you mark here.
- Share cards you create.
- Purchase metadata from Stripe (session id, customer id, amount, currency).
- Local metrics events, only when you sync them to your account.
What we don't collect
- Payment card numbers (Stripe handles all card data — we never see it).
- Private streaming credentials.
- Your actual viewing or reading behavior on third-party platforms.
- Browsing history outside BeginArc.
How sign-in works
We use email magic-link auth via Supabase. Tokens are short-lived and not persisted by BeginArc. We never store password hashes — there are no passwords.
How payments work
Payments are processed by Stripe. BeginArc does not store any card details. Your tier unlocks only after our server verifies Stripe's webhook signature for the charge. We store the Stripe session id, payment intent id, amount, currency, and your email as confirmed by Stripe.
Public share cards
Share cards you explicitly publish are public at /s/<slug>. The published payload never contains your email, your internal user id, your raw quiz answers, your private notes, your full watch/read history, or any source URL we don't admin-approve. You can revoke a card any time.
What we never do
- Sell your watch history.
- Run third-party ad tracking on user-owned pages.
- Log raw secrets in plaintext.
- Track piracy sources or otherwise enable copyright infringement.
Your rights
- Account deletion cascades all rows scoped to your user id.
- Data export and deletion requests: privacy@beginarc.com.
Contact
- Privacy: privacy@beginarc.com
This page is operational guidance for BeginArc's MVP launch and should be reviewed by counsel before public launch. Contact legal@beginarc.com.