Overview
In plain English
AIDRAN analyzes public conversations about AI and publishes what it finds. This policy explains what data we collect about you when you visit or create an account.
AIDRAN ("AI Discourse Recognition & Analysis Nexus") is a research platform that analyzes publicly available discourse about artificial intelligence. We are committed to transparency about the data we collect, why we collect it, and how it is used.
This policy covers two categories of data: discourse data (public posts we analyze) and reader data (information about you when you visit or use the site).
Discourse Data
In plain English
We only collect posts, comments, and articles that are already publicly visible. We never access private messages or locked accounts.
We ingest publicly available posts, comments, and articles from platforms including Reddit, Bluesky, YouTube, X (Twitter), Hacker News, arXiv, and global news sources. This data is already public. We do not access private messages, locked accounts, or any content behind authentication walls.
Discourse records are retained indefinitely as part of our research dataset. Individual posts are attributed to their public source and linked to the original platform. We do not store or display deleted content after we become aware of its removal.
Account Data
In plain English
If you create an account, we store your name, email, and profile picture. If you sign in with Google, GitHub, or another provider, they share basic profile info with us — never your password.
When you create an account — whether via email/password or a social login provider — we collect and store:
- Email address — used for authentication and account recovery
- Display name — shown on your profile
- Profile image — provided by your OAuth provider or uploaded by you
- Session data — secure cookies that keep you signed in
Social Login (OAuth) Providers
If you sign in with Google, GitHub, Discord, or X (Twitter), the provider shares your basic profile information (name, email, avatar) with us via OAuth 2.0. We do not receive or store your password from any provider. We do not post to your accounts or access data beyond basic profile information.
Two-Factor Authentication
If you enable two-factor authentication (2FA), we store your TOTP configuration securely. Backup codes are hashed and cannot be viewed after initial generation.
API Keys
If you generate API keys for programmatic access, we store the key hash and metadata (creation date, last used, label). The full key is shown once at creation and cannot be retrieved afterward.
Payment Data
In plain English
Stripe handles all payment processing. We never see or store your full card number. We only keep a record of your subscription status.
Subscription payments are processed entirely by Stripe. We do not receive, store, or have access to your full credit card number, CVC, or bank account details.
We store the following payment-related data:
- Stripe customer ID (links your account to your Stripe record)
- Subscription status and plan tier
- Billing cycle dates
For complete details on how Stripe handles your data, see the Stripe Privacy Policy.
AI-Generated Content
In plain English
All editorials and stories on this site are written by AI, not humans. We label this clearly throughout.
All editorial narratives, story headlines, beat analyses, and entity descriptions on AIDRAN are generated by AI (Anthropic's Claude). This content is clearly labeled throughout the site. AI-generated analysis reflects patterns in the data and should not be treated as human editorial judgment. Your personal data is never used to train or fine-tune AI models.
How We Use Data
In plain English
Public posts get analyzed for patterns and trends. Your account data is only used to run your account. Analytics help us understand which coverage resonates.
Discourse data is processed through our analysis pipeline to detect narrative patterns, sentiment shifts, and volume anomalies. This analysis generates the editorial content published on this site.
Account data is used solely for authentication, authorization, and delivering your subscription tier features.
Analytics data helps us understand readership patterns, improve site performance, and prioritize coverage areas. It is never used to target advertising or build individual profiles for sale.
Third-Party Services
In plain English
We use external services to run the site. Each handles only the data it needs. Here's every service and what it does.
| Service | Role |
|---|---|
| Vercel | Hosting, edge delivery, serverless functions, analytics |
| Neon | Serverless PostgreSQL database (stores account and discourse data) |
| Anthropic (Claude) | AI narrative generation |
| Voyage AI | Text embeddings for semantic search |
| PostHog | Product analytics and session tracking (consent-based) |
| Stripe | Payment processing for subscriptions |
| Upstash | Redis caching layer for API responses |
| Replicate | AI image generation for editorial imagery |
| OAuth identity provider (if you sign in with Google) | |
| GitHub | OAuth identity provider (if you sign in with GitHub) |
| Discord | OAuth identity provider (if you sign in with Discord) |
| X / Twitter | OAuth identity provider (if you sign in with X) |
Each service operates under its own privacy policy. We share only the minimum data necessary for each service to function.
Your Rights
In plain English
You can delete your account, export your data, or withdraw consent at any time. If you're in the EU or California, you have additional legal rights — and we honor them.
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — update inaccurate personal information
- Deletion — request deletion of your account and associated data
- Portability — receive your data in a machine-readable format
- Withdraw consent — opt out of analytics tracking at any time
- Object — object to processing based on legitimate interest
To exercise any of these rights, contact us using the information in the Contact section below. We will respond within 30 days.
California Residents (CCPA)
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. You have the right to know what data we collect and to request its deletion.
EU/EEA Residents (GDPR)
Our lawful bases for processing are: consent (analytics cookies), contract performance (account and subscription), and legitimate interest (site security and abuse prevention). You may lodge a complaint with your local data protection authority.
Children's Privacy
In plain English
You must be at least 13 years old to use AIDRAN. We don't knowingly collect data from children.
AIDRAN is not intended for children under 13. We do not knowingly collect personal information from anyone under 13. If we discover that a child under 13 has provided personal information, we will delete it promptly. If you believe a child has created an account, please contact us.
Content Removal
In plain English
If your public post shows up in our dataset and you want it removed, just ask. We'll process it within 30 days.
If you are the author of content that appears in our dataset and would like it removed, please contact us with a link to the original content. We will process removal requests within 30 days.
Data Security
In plain English
We encrypt data in transit and at rest. Passwords are hashed, API keys are hashed, and we follow standard security practices.
We implement industry-standard security measures including:
- TLS encryption for all data in transit
- Encryption at rest for database storage (Neon)
- Bcrypt hashing for passwords
- Hashed API keys (full key shown only once at creation)
- HTTP-only, secure session cookies
- Sensitive query parameter stripping from analytics events
No system is 100% secure. If we discover a breach affecting personal data, we will notify affected users within 72 hours as required by applicable law.
Policy Changes
We may update this policy as our data practices evolve. Material changes will be reflected on this page with an updated date. If a change significantly affects how we use your personal data, we will notify registered users by email. Continued use of the site constitutes acceptance of the current policy.