Agatha ("we", "our", or "us") values your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and services ("Service").

By using Agatha, you consent to the practices described in this policy.

1. Information We Collect

a. Information You Provide

Email address, username, password (when you create an account)
Content you create or store (your writing, notes, etc.)
Messages or support requests you send us

b. Information We Collect Automatically

IP address, browser type, and device info
Usage data (e.g., pages visited, time on site)
Cookies and tracking pixels (see section 7)

2. How We Use Your Information

We use your information to:

Provide and improve the Service
Track writing activity and maintain user streaks
Communicate with you about your account or updates
Analyze usage patterns to improve product performance
Measure the effectiveness of marketing and advertising
Comply with legal obligations

We do not sell your personal data.

3. Legal Bases (for EU users)

If you are in the EU/EEA, we process your personal data on the basis of:

Consent (e.g., signing up for the Service or accepting cookies)
Contract (to deliver the Service to you)
Legitimate interest (e.g., product analytics, fraud prevention)
Legal obligation (e.g., to comply with tax or law enforcement requests)

4. Data Sharing

We may share your personal data with trusted third-party service providers, including:

MongoDB Atlas: Our cloud database provider. User data is securely stored in Bahrain.
Amplitude: Used to analyze usage patterns and improve product functionality. May collect session replays with all text content masked for privacy protection.
Google Ads: For conversion tracking and audience targeting.
Meta (Facebook) and TikTok: For ad campaign measurement, attribution, and retargeting.
Google Tag Manager: For tracking user interactions and analytics through the Google Analytics platform.
Mailchimp: For email marketing and communication. Receives email addresses and user names.
Reddit: For advertising and retargeting through cookies and tracking pixels.
Infrastructure and security providers: For hosting, backups, and performance monitoring.

We do not sell or share your writing or personal data with third parties for their own marketing purposes.

5. Data Retention

We retain your data as long as your account is active or as needed to provide the Service. You may request deletion at any time by emailing [email protected].

6. Your Rights

Depending on your jurisdiction, you have rights to:

Access, correct, or delete your personal data
Object to or restrict processing
Withdraw consent at any time (where applicable)
Request a copy of your data in a portable format

To exercise any of these rights, please contact [email protected].

7. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience and measure performance. These include:

Authentication cookies: To keep you logged in
Analytics cookies: via Amplitude and Google Tag Manager
Advertising pixels:

• Google Ads (Google LLC)

• Meta Pixel (Meta Platforms Inc.)

• TikTok Pixel (TikTok Inc.)

• Reddit Pixel (Reddit Inc.)

These technologies may collect data such as your device type, IP address, pages visited, and actions taken. You can manage or disable cookies in your browser settings.

8. Data Security

We implement appropriate technical and organizational safeguards to protect your information, including encryption, access control, and secure hosting. However, no system is 100% secure, and we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your home jurisdiction, including:

Bahrain (MongoDB Atlas database)
United States and globally (Amplitude, Google Tag Manager)

Where required, we rely on Standard Contractual Clauses (SCCs) or other safeguards to ensure these transfers comply with applicable laws (e.g., GDPR).

10. Children's Privacy

Agatha is not intended for children under 13. We do not knowingly collect personal data from children. If we learn that a child under 13 has provided personal information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. If significant changes are made, we will notify users via email or in-app notice. Continued use of the Service constitutes your acceptance of the updated policy.

12. Data Processors

We work with the following data processors to provide and support our Service:

Provider	Purpose	Data Location
MongoDB Atlas	Cloud database storage	Bahrain
Amplitude	Product analytics and session replays (text masked)	United States / Global
Google Ads	Marketing and attribution	United States / Global
Google Tag Manager	Analytics and user behavior tracking	United States / Global
TikTok	Marketing and attribution	United States / Global
Mailchimp	Email marketing and communication	United States / Global
Reddit	Advertising and retargeting	United States / Global

13. Contact Us

For questions, concerns, or requests regarding this Privacy Policy, please contact:

📧 [email protected]

← Back to Agatha