Privacy Policy

Last updated: May 2026

Governing Idea ("we," "our," or "us") provides an AI‑powered business writing coach designed to help users structure their thinking and communicate with clarity. We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, and the rights you have under applicable laws, including the EU General Data Protection Regulation (GDPR).

1. Information We Collect

We collect information you provide directly to us, such as your name, email address, or any text you enter into the writing coach. We also collect basic device and usage data to maintain performance, prevent abuse, and ensure security.

We do not collect or store sensitive personal information unless you intentionally provide it. We do not use your content to train external AI models, and we do not sell personal data.

2. How We Use Your Information

We use your information to provide and improve the writing coach experience, maintain security, communicate with you about updates or support, and analyze usage trends to improve product performance.

3. Lawful Basis for Processing (GDPR)

If you are located in the European Union, we process your personal data under the following lawful bases:

  • Contract: To provide the writing coach and related services.
  • Legitimate Interest: To maintain security, prevent misuse, and improve the product.
  • Consent: Only when you explicitly opt in to optional features.

4. How Your Content Is Handled

Your writing inputs are processed to generate responses. Content may be temporarily stored for session functionality but is not used to train public models and is not shared with third parties except essential service providers (e.g., hosting).

5. Cookies and Analytics

We do not use advertising or tracking cookies. If we use analytics, they are privacy‑preserving and do not require a cookie banner. You may disable cookies in your browser settings.

6. Data Sharing and Subprocessors

We may share limited information with service providers who support hosting, email delivery, or infrastructure. These subprocessors may include:

  • Vercel (hosting and infrastructure)
  • Email service provider (for account or support communication)
  • Privacy‑preserving analytics provider (if used)

A full list of our current subprocessors is available on our Subprocessors page.

We do not sell or rent personal information.

7. International Data Transfers

If you are located in the EU or UK, your data may be transferred to the United States. These transfers rely on the EU–US Data Privacy Framework where applicable, and Standard Contractual Clauses (SCCs) with our subprocessors. We take steps to ensure your data remains protected.

8. Your Rights (EU/EEA Users)

If you are located in the EU or EEA, you have the right to access, correct, delete, or export your personal data, object to processing, or withdraw consent where applicable. You may exercise these rights by contacting us through the link below.

9. Data Retention

We retain personal data only as long as necessary to provide the service, maintain security, and comply with legal obligations. You may request deletion at any time.

10. Data Security

We use reasonable administrative, technical, and physical safeguards to protect your information. No system is perfectly secure, but we work to minimize risk and follow responsible practices. In the event of a data breach involving personal data, we will notify affected users without undue delay.

11. Children's Privacy

Governing Idea is designed for working professionals and is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy as the product evolves. We will update the "Last updated" date when changes are made.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us.

14. Data Processing Addendum (DPA)

For contractual data protection terms, including our obligations as a data processor under GDPR Article 28, please review our Data Processing Addendum.