← Back to Multiplai

Privacy Policy

Last updated: April 15, 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and password (stored securely via Supabase Authentication).

Payment Information: Payment processing is handled by Paddle, our merchant of record. We do not store your credit card details. Paddle collects and processes payment information in accordance with their own privacy policy.

Usage Data: We collect information about your course progress, lesson completions, sandbox usage, and session activity to provide and improve the Platform.

Device Information: We generate and store a random device identifier in your browser’s local storage to enforce device limits. This identifier is not linked to your device’s hardware.

2. How We Use Your Information

We use your information to: provide and maintain your course access; track your learning progress; process payments (via Paddle); send transactional emails (welcome, purchase confirmation, course completion); enforce device limits and prevent unauthorized sharing; improve the Platform and course content; and communicate important updates about the Platform or your account.

3. AI Sandbox Data

When you use the AI sandbox, your messages are sent to Anthropic’s Claude API for processing. We do not permanently store your sandbox conversations. Anthropic may process this data in accordance with their own privacy policy and data handling practices. Do not enter sensitive personal information, trade secrets, or confidential business data into the AI sandbox.

4. Third-Party Services

We use the following third-party services:

  • - Supabase — Authentication and database hosting
  • - Paddle — Payment processing (merchant of record)
  • - Anthropic (Claude) — AI sandbox functionality
  • - Vercel — Platform hosting
  • - Resend — Transactional email delivery

Each service has its own privacy policy governing their handling of your data.

5. Data Retention

We retain your account data and course progress for as long as your account is active. If you request account deletion, we will delete your personal data within 30 days, except where we are required to retain it by law or for legitimate business purposes (e.g., transaction records).

6. Data Security

We implement industry-standard security measures including encrypted data transmission (HTTPS), secure authentication (Supabase Auth with bcrypt password hashing), row-level security on database tables, and environment-variable-based secret management. However, no method of electronic transmission or storage is 100% secure.

7. Your Rights

You have the right to: access your personal data; correct inaccurate data; request deletion of your data; export your data; and withdraw consent for marketing communications. To exercise any of these rights, contact us at the email provided on digitaloil.cc.

8. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

9. Children’s Privacy

The Platform is not intended for children under 16. We do not knowingly collect data from children under 16. If you believe we have inadvertently collected such data, contact us immediately.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes via email or a notice on the Platform.

11. Contact

For privacy-related questions or requests, contact us at the email provided on digitaloil.cc.