Privacy

Privacy Information

This page explains what data this site stores, what limited analytics and operational signals it records, and which third-party services are involved in delivering the current site.

Last updated March 17, 2026

Overview

This site includes an interactive chat experience, optional Google sign-in, automatic anonymous authentication for chat continuity, production analytics, and a few live integrations that pull public profile data. Some information is stored directly by the site, and some is handled by third-party providers that support hosting, authentication, model inference, analytics, and public-data lookups.

If you use the chat, your messages, assistant replies, and compact carry-over summaries may be stored so the site can continue a current conversation over time and across internal context rollovers. If you explicitly sign in with Google, basic account details may be attached to your session instead of an anonymous identity.

Do not put secrets, passwords, or highly sensitive personal information into the chat. This page describes the current technical behavior of the site as implemented today, including current limits in deletion, export, and retention controls.

Information we use

Anonymous session identifiers

If you do not sign in, the site still creates an anonymous Firebase-authenticated session so it can associate your conversation with a stable UID.

Google sign-in profile fields

If you explicitly choose Google sign-in, the site may receive your email address, display name, profile photo, and the Google-linked identity behind your Firebase account.

Chat messages, assistant replies, and carry-over summaries

The site stores the text you send, the replies generated for you, and compact carry-over summaries used to continue the current conversation when an older conversation chapter is rolled over.

Conversation state and model usage metadata

The backend stores conversation heads, turn sequencing, status transitions, tool-call events, model metadata, and usage metadata returned by the model provider.

Production analytics events

Production deployments send limited Google Analytics 4 events such as page views, prompt-chip clicks, login interactions, chat start/completion states, context-status toggles, and copy actions. Raw chat content, raw assistant replies, Firebase UID values, and Google account profile fields are not sent to Google Analytics.

Server-side operational log metadata

The backend emits structured operational logs that can include request ids, trace ids, timing, tool-call metadata, conversation token counters, rollover events, and model usage counters. These logs are meant for debugging and observability, and they do not intentionally include raw prompt or reply text.

Language preference cookie

The site uses a locale cookie to remember language preference. The current cookie name in code is PARAGLIDE_LOCALE.

Platform and request metadata

Standard infrastructure metadata such as IP address, user agent, timing, and security-related request signals may be processed by hosting and identity providers as part of serving the site.

How we use it

To authenticate visitors, including automatic anonymous chat sessions and optional Google-linked sessions, so the site can keep a single current conversation per user identity.
To store conversations, replies, carry-over summaries, internal conversation state, and model usage metadata needed for the chat feature and conversation continuity to work.
To generate chat responses and carry-over summaries through the configured model provider.
To fetch and cache public profile metrics from GitHub and Hugging Face for the site UI and tool-assisted answers.
To measure high-level product usage in production through limited GA4 events rather than raw transcript collection.
To monitor reliability and debug problems through structured backend logs and ordinary hosting-level request processing.
To remember language preference and deliver the site through the configured runtime platform.

Third-party services

Firebase Authentication

Purpose: Creates the site session and provides the identity token used to authorize chat requests.
Possible data involved: Anonymous UID, Firebase auth state, Firebase ID tokens, and linked identity metadata when applicable.
Processing scope: Can process authentication-related user data, but it is not the service used to generate chat answers.

Google Sign-In

Purpose: Lets you sign in with a Google account through the site login flow.
Possible data involved: Email address, display name, profile photo, and Google account identity data you choose to expose during sign-in.
Processing scope: Only used if you actively choose Google sign-in. It can process identity data, but not your chat prompt by itself.

Firestore

Purpose: Stores conversation records, messages, assistant outputs, event logs, carry-over summaries, and cached external profile snapshots.
Possible data involved: Anonymous or Google-linked UID, locale, message text, assistant replies, carry-over summaries, model usage metadata, tool-call events, and cached public GitHub or Hugging Face data.
Processing scope: This service stores user-submitted chat data and site-generated conversation state.

Google Gemini API

Purpose: Generates chat answers and internal carry-over summaries for multi-turn conversations.
Possible data involved: Current prompt, recent conversation context, carry-over summary text, and the site context needed to answer your question.
Processing scope: This service processes user-submitted chat data in order to produce answers.

Google Analytics

Purpose: Measures page views and a small set of high-level interaction events in production deployments.
Possible data involved: Page URLs, page titles, coarse interaction events, auth-state labels such as signed_out or anonymous, and derived response-length or latency bands.
Processing scope: Used for product analytics in production. It is not used to send raw chat transcripts, raw assistant replies, Firebase UID values, or Google account profile fields.

GitHub API

Purpose: Fetches live public profile and repository information used by the site and chat tools.
Possible data involved: Public GitHub profile metrics and public repository metadata for the configured account.
Processing scope: Used for public profile data only. It is not sent your private chat messages.

Hugging Face API

Purpose: Fetches live public model and space information used by the site and chat tools.
Possible data involved: Public Hugging Face profile, model, and Space metadata for the configured account.
Processing scope: Used for public profile data only. It is not sent your private chat messages.

Cloudflare

Purpose: Provides the runtime, delivery layer, and infrastructure-level request handling for the deployed SvelteKit application.
Possible data involved: Standard request metadata such as IP address, user agent, timing, security signals, and structured backend log fields emitted by the chat runtime.
Processing scope: Processes infrastructure-level request data as part of hosting and delivering the site, and may receive structured operational logs produced by the backend.

Google Fonts

Purpose: Serves the Space Grotesk font loaded by the global site stylesheet.
Possible data involved: Browser requests for font CSS and font files, which may include IP address, user agent, and referrer information visible to Google as the font host.
Processing scope: Only involved when the browser loads font resources. It does not receive your chat content from the site backend.

Cookies and browser state

The current codebase uses a locale cookie named PARAGLIDE_LOCALE to remember language preference. It is not an advertising or retargeting cookie.
If you use Google sign-in or anonymous auth, browser-side authentication persistence is handled through Firebase rather than a custom app-defined cookie designed for tracking.
When Google Analytics is enabled in production, Google may use its own browser storage or cookies to support page-view and event measurement.
The site does not currently use localStorage for locale persistence because the active Paraglide strategy is cookie-based.
If you press the copy button on a response, the site writes that response text to your clipboard at your request. It does not silently mirror chat text into clipboard state.
The current codebase does not implement a separate consent banner or consent-gating flow for analytics cookies.

What we do not use

The site does not currently ship advertising tags, retargeting pixels, or marketing beacons.
The site does not currently use Hotjar, FullStory, PostHog session replay, screen-recording tools, heatmap tools, or similar session-replay instrumentation.
Google Analytics is not used to send raw chat transcripts, raw assistant replies, Firebase UID values, or Google account profile fields.
The site does not use live Google Scholar API access. Scholar references on the site are static content or ordinary external links.

Updates

This privacy information is accurate as of the last updated date shown above. If the site’s data practices change, this page will be updated to reflect those changes.

The current codebase does not expose a user-facing export or deletion workflow for stored conversations, and it does not publish a fixed in-app retention window. This page therefore describes current implementation behavior rather than promising future retention or self-service data controls.

If you have questions or concerns about the site’s data practices, please reach out through the contact information provided on the site.