AbleStart
Strength

Privacy policy · draft

Collect less. Protect what matters.

The launch architecture separates ordinary account data from encrypted custom-plan intake and avoids sensitive analytics.

Data collected

Only information needed for account access, service delivery, support, payment records, consent, and safety workflow.

Sensitive intake

Complete custom-plan intake and clarification text is encrypted with versioned AES-256-GCM. It is excluded from logs, URLs, analytics, and normal searchable columns.

Service providers

Vercel, Neon, Vercel Blob, Stripe, Resend, and approved AI providers may process limited data only when the relevant integration is enabled.

Your controls

Account privacy controls include consent history, export requests, deletion requests, and marketing unsubscribe state.

Retention

A retention policy still requires owner and legal approval. Destructive automation remains disabled; only a dry-run report is available.