Privacy Policy

1. Information We Collect

Information You Provide Directly

• Account registration: email address, password (stored as a cryptographic hash — we never store your plain-text password), and optionally your name.
• Profile information: display name, bio, avatar image, archetype selection, pillar interest tags (which of the six sovereignty pillars you care about), and personal declarations you choose to share.
• Purchases: when you buy a course, product, or membership, payment is processed by Stripe (for card payments) or by our self-hosted BTCPay Server (for Bitcoin and Lightning payments). We receive your name, email, and transaction details. For card payments, we do not receive or store your full credit card number. For Bitcoin payments, we receive only the on-chain/Lightning transaction data needed to confirm the payment.
• Shipping address: when you purchase a physical product, we collect your shipping name, street address, city, state/province, postal code, and country. This information is stored on your order record and shared with our shipping provider (see Section 3) solely to calculate rates and deliver your package.
• Community content: posts, comments, wins, videos, and other content you submit to public community areas, including the Sovereign Feed and Sovereign Reels (short-form video feed).
• Video uploads: when you upload a video to the feed, the video file is stored on Cloudinary’s infrastructure (see Section 3). Video metadata (URL, duration) is stored in our database alongside your post.
• Sovereign Circles: when you create or join a topic-based group (“Circle”), we store your membership, role (owner, admin, or member), and any posts you make within the circle. Circle names, descriptions, and membership counts are visible to other members based on the circle’s visibility setting (public, private, or secret).
• Portfolio projects: project titles, descriptions, URLs, images, and tags you add to your portfolio showcase. These are displayed on your public profile if you enable portfolio visibility.
• Social connections: when you follow another member, we store the follow relationship (who you follow and who follows you). Follow counts are visible on public profiles. Following is one-directional and does not require the other member’s approval.
• Achievements & badges: badges you earn through platform activity (completing courses, community participation, challenges) are stored and displayed on your profile and dashboard.
• Course & path progress: which lessons you have completed and your progress through learning paths. Used to show progress indicators on your dashboard and to award achievement badges.
• Private messages: the content of direct messages you send to other members. Messages are encrypted at rest (see Section 6).
• Daily journal entries: your responses to daily sovereignty prompts. Journal answers are encrypted at rest and only visible to you.
• Sovereignty score: your self-assessed scores across the six pillars, saved as a history to track your progress over time. The 48-question Enhanced Sovereignty Score Calculator runs entirely in your browser — only the final pillar scores (1–10 each) are saved when you choose to save.
• Excitement Compass readings: your challenge description, three guided reflections, and the AI-generated compass reading. Readings are linked to your account and archetype. History is stored so you can revisit past insights.
• Preparedness checklist: which checklist items you have completed in the 90-day preparedness tracker. Stored as a list of item IDs — no personal details about your supplies or plans.
• Country reviews: star ratings and text reviews you post in the Sovereign Flight Finder. Reviews are public and displayed alongside your display name.
• Push notification subscriptions: if you enable browser push notifications, we store your device’s push endpoint and encryption keys to deliver notifications. You can disable and delete your subscription at any time from your dashboard.
• Contact form & email: name, email address, and message content when you reach out to us.
• Newsletter subscription: email address and (optionally) your archetype.

Information Collected Automatically

• IP address: recorded when you log in for security purposes — new-device detection, session tracking, and account lockout protection. IP addresses are stored alongside your active sessions and are deleted when sessions expire (7 days) or when you revoke them.
• Device information: your browser’s user-agent string is used to display friendly device names (e.g. “Mac · Brave”) in your active sessions list.
• Essential cookies: see Section 4 for the complete list of cookies we set.
• Login security alerts: when you log in from a new IP address, we send you an email notification so you can detect unauthorized access.

Tools That Collect No Data

• Sovereign Budget Calculator: runs 100% in your browser. No data is sent to any server, stored in any database, or tracked in any way. Close the tab and your numbers disappear completely.
• Data Broker Exposure Check: your checklist progress (which brokers you have checked or opted out of) is stored locally in your browser using localStorage. It never leaves your device.

Privacy-Respecting Analytics

• We use Matomo, a self-hosted, privacy-respecting analytics platform. Matomo runs on our own infrastructure — your data is never sent to Google, Facebook, or any third party.
• Analytics are configured cookieless — no tracking cookies are set, and no cookie consent banner is needed.
• IP addresses are anonymized by the Matomo server before storage.
• We do not build advertising profiles or sell your data to anyone.
• We do not use fingerprinting, beacons, or invisible tracking pixels.

2. How We Use Your Information

• To create, maintain, and secure your account.
• To process purchases and deliver digital products, courses, and memberships.
• To send transactional emails: account verification, password resets, purchase confirmations, and download links.
• To send our newsletter (only with your explicit opt-in; you may unsubscribe at any time).
• To display your profile and community contributions to other members (only information you choose to make public). You control exactly what appears on your public profile through granular visibility toggles — including your bio, archetype, sovereignty score, wins, badges, pillar interests, declaration, and feed activity.
• To calculate engagement streaks and activity statistics shown on your private dashboard. Streak data is computed on demand from your activity history (lessons completed, posts, comments, wins, challenge check-ins) and is not stored separately.
• To track course and learning path progress so you can resume where you left off and see your completion percentage.
• To award achievement badges based on your platform activity (e.g., completing a course, publishing posts, finishing challenges).
• To generate personalized learning path recommendations based on your archetype, pillar interests, sovereignty score, and progress history. Recommendations are computed on demand and not shared with third parties.
• To generate AI-powered compass readings based on your guided reflections (Excitement Compass).
• To protect the platform from abuse via rate limiting.
• To deliver browser push notifications about messages, friend requests, and events (only when you opt in).
• To respond to your inquiries when you contact us.

3. Third-Party Services

We use a limited number of third-party services, each chosen for its respect of user privacy and the necessity of its function:

We do not share, sell, rent, or trade your personal information with any party for marketing or advertising purposes. Period.

4. Cookies & Local Storage

We use a single, essential cookie:

We do not use analytics cookies, advertising cookies, or any third-party cookie-based tracking. No cookie consent banner is required because we only use strictly necessary functional cookies. Both cookies are httpOnly (inaccessible to JavaScript) and secure (HTTPS only in production).

5. Data Retention

• Account data: retained for as long as your account is active. You may request deletion at any time.
• Email verification tokens: automatically expire after 24 hours.
• Password reset tokens: automatically expire after 1 hour.
• Magic link tokens: expire after 10 minutes and can only be used once.
• Download tokens: expire after 3 days or 5 downloads, whichever comes first.
• Active sessions: expire after 7 days. You can view and revoke sessions from your dashboard at any time.
• Trusted devices: expire after 30 days. You can revoke trusted devices from your dashboard.
• Compass readings: retained as long as your account is active. You may request deletion of individual readings or all reading history.
• Preparedness checklist: retained as long as your account is active. Deleted automatically when your account is deleted.
• Country reviews: retained as long as your account is active. You may delete your own reviews.
• Follow relationships: retained as long as your account is active. You can unfollow any member at any time. All follow data is deleted when your account is deleted.
• Sovereign Circles: circle memberships and posts are retained as long as the circle exists. If you leave a circle, your membership is removed but posts you authored remain. If you delete your account, all your circle posts are deleted and your memberships are removed.
• Portfolio projects: retained as long as your account is active. You can add, edit, or delete projects at any time from your dashboard. Deleted when your account is deleted.
• Uploaded videos: video files uploaded to the feed are hosted on Cloudinary. Deleting a post removes the reference but the file may persist on Cloudinary’s CDN cache for a period.
• Shipping addresses: stored on the order record for as long as the order exists. Used for shipping rate calculation, label generation, and delivery tracking. Shipping addresses are not used for marketing or shared beyond the shipping carrier.
• Shipping tracking: tracking numbers, carrier information, and label URLs are stored on the order record. Tracking information is visible to you in your order history.
• Badges & achievements: retained as long as your account is active. Deleted when your account is deleted.
• Course & path progress: retained as long as your account is active to preserve your learning history. Deleted when your account is deleted.
• Engagement streaks: not stored as a separate record. Streaks are calculated on demand from your existing activity data (posts, comments, lessons, etc.) each time you view your dashboard.
• Push subscriptions: subscription endpoints are automatically cleaned up when they expire or when you unsubscribe. Stale subscriptions are removed when delivery fails.
• Security event logs: login attempts, account lockouts, and other security events are retained for administrative review.
• Rate-limiting data: held in server memory only and cleared within minutes. It is never written to a database.

6. Data Security

We take reasonable technical and organizational measures to protect your personal data:

• Encryption in transit: all data is transmitted over HTTPS (TLS).
• Encryption at rest: sensitive personal data — including your bio, sovereign declaration, private messages, daily journal entries, and Excitement Compass readings — is encrypted in the database using AES-256-GCM. Even if the database were compromised, this data would be unreadable without the encryption key.
• End-to-end encryption: private messages, daily journal entries, and sovereign declarations are encrypted in your browser before they leave your device using ECDH P-256 public-key cryptography. Each user has a keypair; for messages, the sender and recipient derive a shared secret via elliptic-curve Diffie-Hellman key exchange; for personal data (journals, declarations), a self-encryption key is derived from your private key. All encryption uses AES-256-GCM. The server stores ciphertext and cannot read your private content even with full database and server access. Your private key is encrypted with a password-derived key and never leaves your browser in plaintext.
• Compass readings: Excitement Compass reflections and AI-generated readings are encrypted at rest in the database (server-side AES-256-GCM). Because the server must access your reflections to generate the AI reading, these cannot be end-to-end encrypted, but they are protected at rest.
• Password hashing: passwords are hashed using scrypt with a unique salt per account. We never store your plain-text password.
• Two-factor authentication: optional TOTP-based 2FA with encrypted secret storage and one-time recovery codes.
• Passkey support: WebAuthn passkeys for passwordless, phishing-resistant login using biometrics or security keys.
• Account lockout: accounts are temporarily locked after 5 consecutive failed login attempts to prevent brute-force attacks.
• Breach detection: passwords are checked against the HaveIBeenPwned database on login and signup using a privacy-preserving k-anonymity protocol.
• New device alerts: email notifications are sent when your account is accessed from a new IP address.
• Session management: you can view all active sessions and revoke access to any device from your dashboard.
• Security headers: Content-Security-Policy, X-Frame-Options, HSTS, and other headers are enforced on every response.
• Rate limiting: applied to login, signup, password reset, 2FA verification, and search endpoints.

No system is 100% secure. If you believe your account has been compromised, you can revoke all sessions, change your password, and enable 2FA from your dashboard. For immediate help, contact us at SovereigntyAcademy@pm.me.

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data via your profile settings.
• Delete your account and associated data by contacting us.
• Unsubscribe from any marketing category at any time via the unsubscribe link in every email, the email preferences center, or by visiting /unsubscribe.
• Data portability: export a copy of the personal data you’ve provided to us, in a structured, commonly-used, machine-readable format.
• Restrict processing: ask us to pause certain uses of your data while we resolve a dispute about its accuracy, lawfulness, or continued necessity.
• Object to processing that we carry out based on legitimate interest (for example, security logging or analytics), on grounds relating to your particular situation.

To exercise any of these rights, email us at SovereigntyAcademy@pm.me. We will respond within 30 days.

Residents of the European Economic Area, United Kingdom, or Switzerland: if you believe we have mishandled your personal data, you have the right to lodge a complaint with your local data protection supervisory authority in addition to or instead of contacting us directly. We would prefer to resolve your concern first — but the right is yours to exercise either way.

8. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Effective Date” at the top and, for material changes, notify you via email or a prominent notice on the website. Your continued use of the site after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at: