Privacy Policy for BrainFrys

Last Updated: April 23, 2025

At BrainFrys (“we,” “us,” or “our”), we are committed to protecting your privacy while you engage with our interactive coding platform at https://brainfrys.com, including our AI coding assistant, Maayavi, and discussion board, AxonHub (collectively, the “Services”). This Privacy Policy explains how we collect, use, store, share, and protect your personal information. If you do not agree with this Privacy Policy, please do not use our Services.

For questions or concerns, contact us at [email protected].

1. Information We Collect

We collect information you voluntarily provide and automatically generated data when you use our Services:

Personal Information You Provide

• Account Information: Email addresses and usernames when you register or log in.
• User Content: Code you write, inputs to Maayavi, and posts or questions shared on AxonHub.
• Communications: Information you share when contacting us or participating in surveys or contests.
• Payment Information: In the future, we plan to collect payment details via third-party processors (e.g., Stripe) for subscription plans, but this is not yet active.

Automatically Collected Information

• Location Data: IP addresses or region data to prevent password sharing and manage user sessions.
• Usage Data: Interactions with our Services, such as pages visited, coding challenges completed, and AxonHub activity, collected via Google Analytics.
• Device Information: Browser type, operating system, and device identifiers.
• Cookies: Essential cookies for login sessions and analytics cookies for tracking user behavior via Google Analytics and Cloudflare.

Sensitive Information: We do not collect sensitive personal information, such as racial or ethnic origins, religious beliefs, or health data.

Third-Party Data: We do not collect personal information about you from third parties.

2. How We Use Your Information

We use your information to:

• Provide and personalize our Services, including account management, coding challenges, Maayavi’s code analysis and generation, and AxonHub discussions.
• Improve our Services through analytics (e.g., Google Analytics) and user feedback.
• Communicate with you, such as responding to inquiries or sending service updates and, with your consent, marketing materials.
• Ensure security, prevent password sharing, and troubleshoot issues using location data and device information.
• Process payments in the future via third-party providers like Stripe (not yet active).
• Comply with legal obligations, such as responding to lawful requests.

We do not use your data, including code or AxonHub posts, to train Maayavi or any other models. Your interactions with Maayavi (e.g., code inputs) are used solely to provide real-time assistance and are not stored as chat logs.

We process your information only when we have a valid legal basis, such as your consent, to fulfill a contract, to comply with the law, or to pursue legitimate interests (e.g., improving our Services).

3. Legal Bases for Processing (EU/UK Residents)

For users in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we rely on the following legal bases under GDPR or UK GDPR:

• Consent: For processing based on your explicit agreement, such as receiving marketing emails or using analytics cookies. You may withdraw consent at any time (see Section 7).
• Contract: To deliver our Services, such as providing access to coding challenges, Maayavi, or AxonHub.
• Legitimate Interests: For improving our Services, ensuring security, or analyzing usage, provided it does not override your rights.
• Legal Obligation: To comply with laws, such as responding to regulatory requests.
• Vital Interests: To protect your safety or that of others in emergencies.

4. Sharing Your Information

We do not sell or share your personal information for commercial purposes, such as targeted advertising. We may share your information in these cases:

• Service Providers: With trusted vendors who assist in operating our Services, including:
  • AWS: For hosting BrainFrys and Maayavi.
  • Supabase: For database management and email verification.
  • Cloudflare: For domain management and region tracking.
  • Google Analytics: For usage analytics.
  • Stripe: For future payment processing (not yet active).
  All providers are bound by strict confidentiality agreements.
• Business Transfers: During a merger, acquisition, or sale of assets, where your information may be transferred.
• Legal Requirements: To comply with legal obligations, such as court orders or subpoenas.
• Publicly Shared Content: Content you post on AxonHub (e.g., code, questions) may be visible to other users or the public, depending on your settings.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain login sessions (essential cookies).
• Analyze usage trends via Google Analytics and Cloudflare (analytics cookies).
• Prevent password sharing and manage sessions using location data.

You can manage cookies through your browser settings or opt out of non-essential cookies via our cookie consent tool (if implemented). We respect Global Privacy Control (GPC) signals for opting out of tracking where required by law.

6. How Long We Keep Your Information

We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy or as required by law:

• Email addresses and account information are kept for the duration of your membership (paid or unpaid).
• User code and AxonHub posts are retained to provide ongoing access to your content, unless you request deletion.
• Maayavi interactions are not stored as chat logs.
• Analytics data (e.g., Google Analytics, Cloudflare) is retained for approximately 12 months, then anonymized or deleted.
• Location data for session management is retained only for active sessions or as needed for security.

When no longer needed, we securely delete or anonymize your information, except for data in backup archives, which is isolated until deletion is possible.

7. How We Protect Your Information

We use industry-standard technical and organizational measures, such as encryption, access controls, and secure servers (via AWS and Supabase), to protect your personal information. Your code and AxonHub posts are stored privately unless you choose to share them publicly.

No online system is 100% secure, and we cannot guarantee protection against hackers or unauthorized access. If a breach occurs, we will notify you and relevant authorities as required by law. You are responsible for securing your account credentials and accessing our Services in a safe environment.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: View the personal information we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Deletion: Request deletion of your data, subject to legal exceptions.
• Restriction: Limit processing in certain cases.
• Data Portability: Receive your data in a machine-readable format.
• Object: Oppose processing for legitimate interests or marketing.
• Withdraw Consent: Revoke consent without affecting prior processing.

U.S. Residents: If you live in California, Colorado, Virginia, or other states with privacy laws, you may have rights to access, delete, or opt out of data sales or profiling. We do not sell data or engage in automated profiling, so no opt-out is needed.

To exercise your rights, email [email protected] or submit a data subject access request via our website. We verify requests using Supabase’s email verification system (e.g., confirming the request comes from your registered email). We will respond within legal timeframes (e.g., 30 days for GDPR, 45 days for CCPA).

If you’re in the EEA, UK, or Switzerland and believe we’re unlawfully processing your data, you can complain to your local data protection authority (e.g., ICO in the UK or EDPB for the EU).

9. Children’s Privacy

Our Services are not intended for users under 16 (or 13 in the U.S. under COPPA). We do not knowingly collect personal information from children. If we learn we’ve collected such data, we will delete it. Contact us at [email protected] if you believe a child has provided us with information.

10. International Data Transfers

Our Services are hosted in the United States (via AWS). If you access BrainFrys from outside the U.S., your information may be transferred to and processed in the U.S. For EEA, UK, or Switzerland users, we use safeguards like Standard Contractual Clauses to ensure GDPR-compliant international transfers.

11. Do-Not-Track Features

We do not respond to Do-Not-Track (DNT) signals due to the lack of a uniform standard. We comply with Global Privacy Control (GPC) signals for U.S. residents where required by law.

12. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted at https://brainfrys.com/privacy-policy with a revised “Last Updated” date. For material changes, we’ll notify you via email or a website notice. Please review this policy periodically.

13. Contact Us

For questions or concerns, contact us at:

Email: [email protected]

Once we establish a P.O. Box, we can update this policy to include it.

14. How to Review, Update, or Delete Your Data

To review, update, or delete your personal information, log in to your account settings, email [email protected], or submit a data subject access request via our website. We’ll verify your identity using Supabase’s email verification and process your request in accordance with applicable laws, which may limit certain rights (e.g., retaining data for legal compliance).