Privacy Policy

Effective date: April 15, 2026

This Privacy Policy explains how Orchestrate IQ, LLC ("Trazomo," "we," "us") collects, uses, discloses, and protects personal data when you use our website, learning platform, and related services (the "Services"). It is written to satisfy transparency obligations under the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), and other applicable US state privacy laws.

For how AI features specifically process your submissions, please also read our AI Disclosure. For a detailed inventory of cookies and categories, see our Cookie Policy.

1. Controller Information

Controller: Orchestrate IQ, LLC (d/b/a Trazomo)
Address: 643 N York St, Suite 70, Elmhurst, IL 60126, USA
Privacy contact: salvador@trazomo.com

We have not appointed a Data Protection Officer. For privacy requests concerning EU/UK data subjects, contact us at the address above.

2. Personal Data We Collect

  • Account and authentication data: email, password hash (managed by Supabase Auth), OAuth identity data where you sign in with Google, and session cookies.
  • Profile and onboarding data: full name, role, level of AI experience, learning goals, onboarding completion status, and account tier (free or paid).
  • Learning activity data: lesson progress, quiz attempts, scores, selected answers, reflection free-text responses, and XP (gamification) events.
  • Billing and transaction data: checkout session identifiers, transaction IDs, payment status, amount and currency, customer IDs, and the billing email used at checkout. Payment card data is never received or stored by Trazomo; it is handled by Creem (our Merchant of Record, see Section 6).
  • AI feature inputs and outputs: text you submit into AI-assisted exercises and reflections, the evaluation context and criteria we send with it, and the score and feedback returned by the AI provider.
  • Support communications: messages you send via our in-app Messenger (Featurebase, see Section 6), including any content and metadata you volunteer.
  • Technical and usage data: authentication cookies, security and performance signals at the edge, and, subject to your consent where required, analytics events (pageviews, feature usage, event properties) collected via PostHog.

3. Cookies and Similar Technologies

We use cookies and similar storage technologies to operate and secure the Services, to remember your preferences, and, where you consent, to measure usage. Cookie categories on our site:

  • Strictly necessary: authentication and session continuity (Supabase Auth), security and traffic protection (Cloudflare). These cannot be disabled.
  • Functional: in-app support Messenger (Featurebase) and user-interface preferences.
  • Analytics (consent-gated in the EU/UK): pseudonymous product and web analytics events, and, if you consent, session replays with aggressive input masking, collected via PostHog.

Where prior consent is required by law, we do not load non-essential cookies or analytics scripts until you opt in. You can manage your choices at any time through the Cookie Preferences control in the footer, which opens our consent manager (Cloudflare Zaraz). We also honor the Global Privacy Control (GPC) signal. For a full per-cookie inventory, see our Cookie Policy.

4. Why We Process Personal Data (GDPR Legal Bases)

  • Contract performance (Art. 6(1)(b)): account creation, login, course delivery, progress tracking, AI-assisted evaluation of your exercises, in-app support, and purchases.
  • Legitimate interests (Art. 6(1)(f)): platform security, abuse prevention, fraud and chargeback defense, service diagnostics, and internal administration. We balance these interests against your rights and freedoms and document the assessments we rely on.
  • Consent (Art. 6(1)(a)): non-essential cookies, analytics, and session replay where required by ePrivacy / EDPB guidance. You can withdraw consent at any time.
  • Legal obligations (Art. 6(1)(c)): tax, accounting, and compliance record-keeping.

5. AI Processing Disclosures

Certain features send text you provide to an AI model provider to generate feedback on your exercise responses. Primary providers are Cloudflare Workers AI and OpenRouter. OpenRouter is a routing gateway that forwards the request to a selected third-party foundation model at request time; models may include those from OpenAI, Anthropic, Google, Meta, and Mistral, among others. We configure OpenRouter with Zero Data Retention (ZDR) routing where supported.

Do not submit attorney-client privileged material, attorney work product, client personal data, information subject to ABA Model Rule 1.6, trade secrets, sealed or export-controlled data, or any other confidential information into AI-assisted fields. See our AI Disclosure for the full confidentiality clause, the data-flow chain, and training-retention details.

6. Service Providers and Subprocessors

We share personal data only as needed with the following processors and independent controllers:

  • Supabase, Inc. — authentication and database hosting. DPA: supabase.com/legal/dpa.
  • Cloudflare, Inc. — Pages hosting, edge delivery, consent management (Zaraz), and Workers AI inference. Cloudflare does not train models on your inputs. DPA: cloudflare.com/cloudflare-customer-dpa.
  • OpenRouter, Inc. — AI model routing. Does not log prompts or completions by default and does not train on them. Some downstream model providers may retain inputs for abuse monitoring; we enable ZDR routing where supported. DPA available on request. Privacy: openrouter.ai/privacy.
  • Armitage Labs OÜ (d/b/a Creem) — Merchant of Record, payment processing, tax collection and remittance, and billing. Creem is the contractual seller of record for your purchase. Buyer Terms: creem.io/buyer-terms. Privacy: creem.io/privacy.
  • CORDNET OÜ (d/b/a Featurebase) — in-app support Messenger. EEA-hosted. Does not share customer data with third-party AI providers or use it to train AI models. DPA: help.featurebase.app.
  • PostHog, Inc. (EU Cloud) — product and web analytics; optional session replay with masking; feature flags; experiments; surveys. Primary ingest and storage in the EU (Frankfurt). DPA: posthog.com/dpa.
  • Google LLC (Google OAuth) — optional third-party sign-in. Engaged only if you choose Google sign-in.
  • Legacy AI fallbacks (engaged only when explicitly configured): OpenAI, Anthropic, Google Gemini (billed-tier API only, not free-tier AI Studio), or a self-hosted local endpoint.

7. International Data Transfers

Personal data is primarily stored and processed in the European Union (Supabase EU region where configured; PostHog EU Cloud in Frankfurt; Featurebase EEA hosting in Germany/Netherlands). Some processing necessarily occurs outside the EEA, including in the United States.

Where personal data leaves the EEA, we rely on approved transfer safeguards, including the European Commission's Standard Contractual Clauses (Implementing Decision 2021/914) and, for transfers to organizations certified under the EU-U.S. Data Privacy Framework (DPF), adequacy under that framework. For transfers to the UK, we additionally use the ICO International Data Transfer Addendum (IDTA).

PostHog-specific transfer note. PostHog Cloud EU stores core product-analytics event data in the EU; certain ancillary services may transfer data to the United States. PostHog publishes the current list of such transfers at posthog.com/blog/posthog-cloud-eu. We review that list at each material revision of this Privacy Policy and update our disclosures accordingly.

AI-provider transfer note. When you submit text into AI-assisted exercises, the submission is transmitted to Cloudflare Workers AI or to OpenRouter. Where the request is routed through OpenRouter to a downstream model, your submission may be processed outside the EEA (typically the United States). The data-flow chain and applicable safeguards are detailed in our AI Disclosure.

8. Retention

  • Account, profile, onboarding, progress, reflection, quiz, and XP data: retained while your account is active; deleted or anonymized within a reasonable period after account closure, and in any event no later than 24 months of continuous inactivity, unless a longer period is required by law.
  • AI-evaluation submissions: the score, strengths, improvements, and high-level feedback are stored with your learning history; the raw prompt text is not persisted on Trazomo servers beyond the time needed to compose and dispatch the API request, except where the submission is a saved reflection, in which case your free-text response is stored in your learning history until you delete it or your account is closed.
  • Security and authentication logs: generally 90 days, extended up to 12 months for active abuse or security investigations.
  • Billing and tax records: retained for 7 years where required by accounting or tax law.
  • Consent records: retained for 5 years after the last consent state change.
  • Analytics events (PostHog): raw events retained for up to 12 months; aggregates may be retained longer.
  • Session replay recordings (only if you consented): retained for up to 30 days, with aggressive input masking applied at capture time so that AI-evaluation inputs are not recorded.
  • Backup snapshots: rolling retention of approximately 30-35 days.

9. Your GDPR, UK GDPR, and US State Privacy Rights

Subject to applicable law, you may request access, rectification, deletion (right to erasure), restriction of processing, objection to processing, and portability of your personal data, and you may withdraw any consent you have given. California and other US state residents additionally have rights to know, delete, correct, and opt out of the sale or sharing of personal information, and we do not sell personal information.

To exercise any of these rights, email salvador@trazomo.com. We respond within 30 days (extendable by 60 days for complex requests, with notice). You also have the right to lodge a complaint with your local data protection authority or, in the US, with your state attorney general.

10. Automated Decision-Making

AI-generated scores and feedback are coaching signals for your learning. They do not produce legal or similarly significant effects concerning you. We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects within the meaning of GDPR Article 22.

11. Session Replay and Input Masking

If you consent to analytics cookies, we may record pseudonymous session replays to diagnose user-experience issues. We configure session replay to mask all text inputs by default and to block recording of AI-evaluation input fields. This is designed to prevent the capture of any free-text submissions you make to exercises, reflections, or the in-app Messenger.

12. Security

We use technical and organizational measures designed to protect personal data, including TLS in transit, access controls, managed infrastructure providers, and data-minimization practices. No method of transmission or storage is fully secure.

13. Children

The Services are not intended for children under 18, and we do not knowingly collect personal data from children under 18. If you believe a child has provided us personal data, please contact us and we will delete it.

14. Changes to this Policy

We may update this Privacy Policy. If we make material changes, we will update the effective date and provide notice where required (for example, by email or by an in-app banner).

15. Contact

For privacy requests or questions, contact:
Orchestrate IQ, LLC
643 N York St, Suite 70, Elmhurst, IL 60126, USA
salvador@trazomo.com