Last updated: April 16, 2026
Palaestra is a judgment training system for founders. Your decision data is the core of the product — it’s how the system learns your patterns and helps you improve. This policy explains exactly what we collect, why, and what we will never do with it.
We do not sell your data. Ever.
We do not share your data with advertisers or for cross-context behavioral advertising.
We do not use your content to train third-party foundation AI models.
Your reflections, decisions, and Ledger entries are encrypted before they leave your device. They are stored in encrypted form on our servers. We cannot read them. When you request an AI Judgment Report, your device decrypts the data temporarily and sends it to our analysis system, which processes it and discards the input. At no point is your unencrypted text stored on our servers or accessible to Palaestra staff.
We do not track your location, contacts, or any data outside the app.
Palaestra Labs is the data controller for the personal information described in this policy. You can reach our privacy team at privacy@getpalaestra.com. For legal or regulatory notices, write to legal@getpalaestra.com.
EU Representative (Article 27 GDPR). For users in the European Union and European Economic Area, our appointed Article 27 representative is [EU representative name and address]. You may contact them directly regarding the processing of your personal data.
UK Representative (Article 27 UK GDPR). For users in the United Kingdom, our appointed UK Article 27 representative is [UK representative name and address].
| Data | What It Includes | Why |
|---|---|---|
| Trial decisions | Which option you chose, how long you hesitated, whether your choice matched the historical outcome | To compute your accuracy patterns across decision domains |
| Reflections | The text you write in response to decision scenarios (encrypted client-side) | To identify recurring patterns in your decision psychology |
| Ledger entries | Real-life decisions you log, your conviction score, temperature, pressure tags, expected outcome, domain, and settlement outcome after 90 days (encrypted client-side) | To assess your conviction calibration over time |
| Decision patterns | Statistical analysis of your accuracy across domains and cognitive traps | To generate your Judgment Report and adapt your training |
| Protocol answers | Your responses to guided Decision Protocol questions (encrypted client-side) | To structure your thinking and create documented, pre-registered decisions |
| Account info | Display name, email address, identity selection | Authentication and personalization |
| Device and diagnostic | Device model, OS version, app version, anonymized crash logs | Stability monitoring and bug fixing |
| Purchase records | Subscription status, transaction identifiers from App Store / Play / RevenueCat | Billing and entitlement management |
| Website data | IP address, browser type, page views on judgment.training | Security and basic analytics (no cross-site tracking) |
We collect this information directly from you (when you create an account, complete trials, or write Ledger entries), automatically from your device (diagnostics and telemetry), and from our processors (RevenueCat, Apple, Google for subscription status).
Third-party personal information in your Ledger. Decision Ledger entries may contain the personal data of identifiable third parties (for example, co-founders, employees, candidates, or investors you name in a decision). You are responsible for having a lawful basis to enter such information. We process that information as a processor on your behalf, encrypted and inaccessible to our staff, and we will delete it when you delete the entry or your account.
If you are in the EU, EEA, or UK, we rely on the following lawful bases under GDPR Article 6 and UK GDPR for each processing purpose:
| Purpose | Lawful Basis |
|---|---|
| Providing the Service, account creation, subscription management | Contract (Art. 6(1)(b)) |
| Security, fraud prevention, diagnostic crash reporting | Legitimate interests (Art. 6(1)(f)) |
| Pattern Map profiling and adaptive curriculum | Consent (Art. 6(1)(a)) — granular opt-in; you can withdraw at any time |
| Marketing emails (The Judgment Briefing) | Consent (Art. 6(1)(a)) — you may unsubscribe at any time |
| Complying with legal obligations (tax, regulatory requests) | Legal obligation (Art. 6(1)(c)) |
| Responding to data subject requests | Legal obligation (Art. 6(1)(c)) |
Where the content of your Ledger reveals categories of data protected under GDPR Art. 9 (for example, political opinion or health inferences), we rely on your explicit consent for such processing and you may withdraw that consent by deleting the relevant entry.
Sensitive text — your reflections, Ledger entries, and protocol answers — is encrypted using AES-256-GCM before it reaches our servers. Even in a worst-case database breach, an attacker would get ciphertext, not your actual decisions and fears.
Your data is stored on Supabase (US data center) with row-level security ensuring that only your authenticated session can access your records. Authentication tokens are stored in your device’s secure enclave, not in general app storage. We maintain industry-standard administrative, technical, and physical safeguards, but no system is perfectly secure.
If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify our lead supervisory authority within 72 hours where required under GDPR Art. 33, and we will notify affected users without undue delay where required under GDPR Art. 34 or equivalent laws (including CCPA/CPRA, Singapore PDPA, Brazil LGPD, and Canadian PIPEDA).
Your data is stored on Supabase servers located in the United States. If you access Palaestra from the EU, EEA, UK, Brazil, or another jurisdiction with cross-border transfer restrictions, your personal data is transferred to the US and to subprocessors in the US and elsewhere. We rely on the following transfer mechanisms:
You may request a copy of the SCCs or equivalent safeguards by emailing privacy@getpalaestra.com.
We share the minimum data necessary with the following subprocessors. Each is bound by a Data Processing Agreement that requires GDPR-grade safeguards.
| Service | What It Receives | Purpose |
|---|---|---|
| Supabase (US) | Account info, encrypted decisions and reflections | Authentication and data storage |
| RevenueCat (US) | App user ID, subscription status, transaction identifiers | Subscription and entitlement management |
| PostHog (US) | Anonymous event counts only — no personal text, no reflections, no decisions | Product analytics (privacy-first mode) |
| Sentry (US) | Anonymized crash reports, device and OS metadata | Error monitoring and diagnostics |
| Resend (US) | Your email address and message content when you submit the contact form | Transactional and contact email |
| Beehiiv (US) | Your email address if you subscribe to The Judgment Briefing newsletter | Newsletter delivery |
| Vercel (US) | IP address and standard request logs for judgment.training | Website hosting |
| Apple / Google | Platform-level account, subscription, and diagnostic signals | App distribution and sign-in |
We do not use advertising SDKs, tracking pixels, or data brokers. We will update this list and notify you before adding any new subprocessor that materially changes how your data is handled.
The judgment.training website uses a small number of strictly necessary cookies (session continuity, CSRF protection) that do not require consent under the ePrivacy Directive and EDPB Guidelines 05/2020. We do not set advertising or cross-site tracking cookies. If we add any non-essential cookies in the future, we will present a prior-opt-in consent banner with granular controls before any such cookie is set.
We retain personal data only as long as needed for the purposes set out in this policy:
| Data | Retention |
|---|---|
| Account info | Until account deletion; then fully removed within 30 days |
| Trial decisions, reflections, Ledger entries, protocol answers | Until you delete the entry or your account; then removed within 30 days |
| Purchase records | Seven (7) years after the transaction, as required by tax and commercial-records law |
| Diagnostic and crash logs | Ninety (90) days, then anonymized or deleted |
| Website access logs | Thirty (30) days |
| Marketing-consent records | Duration of subscription plus three (3) years, per CASL requirements |
| Data-subject-request records | Three (3) years for regulatory audit |
If you delete your account, all data is permanently and irreversibly removed from active systems within 30 days. Encrypted backups may persist for up to 90 additional days before rotation. We do not soft-delete or deactivate.
You can export all your data at any time. The “Download Your Data” option in the app produces a complete JSON file containing every decision, reflection, Ledger entry, and protocol answer associated with your account. You can delete your account at any time from the Profile screen.
To exercise any right below, email privacy@getpalaestra.com. We will respond within 30 days (GDPR / UK GDPR / LGPD / PIPEDA) or 45 days (CCPA / CPRA), as applicable. We will verify your identity before fulfilling a request.
Under GDPR and UK GDPR you have the right to: access your data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), objection (Art. 21), and not to be subject to solely automated decision-making that produces legal or similarly significant effects (Art. 22). You may withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with your supervisory authority — for UK users, the Information Commissioner’s Office (ico.org.uk).
To exercise California rights, email privacy@getpalaestra.com with the subject “California Privacy Request.” You may also designate an authorized agent.
Our designated Privacy Officer can be reached at privacy@getpalaestra.com. You have the right to access, correct, and withdraw consent for the processing of your personal information under PIPEDA and, for Quebec residents, under Law 25 (including the right to data portability). Our newsletter uses CASL-compliant express opt-in consent with unsubscribe in every message; we retain consent records for three years.
Our appointed Encarregado (DPO) can be reached at privacy@getpalaestra.com. Under LGPD Articles 18 and 20 you have rights analogous to GDPR, including the specific right to review of automated decisions. To exercise these rights, email with subject “LGPD Request.”
You may access and correct your personal information under Australian Privacy Principles 12 and 13, and complain to the Office of the Australian Information Commissioner (oaic.gov.au). We handle cross-border disclosures in accordance with APP 8 and remain accountable for our overseas subprocessors’ handling of your data.
Users in South Africa, Singapore, and Thailand have rights analogous to those described above, including access, correction, deletion, and objection. For breach-notification purposes, we comply with the 3-day threshold under Singapore PDPA and the equivalent requirements under POPIA and Thailand PDPA. To exercise these rights, email privacy@getpalaestra.com.
We use PostHog in privacy-first mode. Autocapture is disabled. We receive only explicitly defined events: event type, timestamp, numeric identifiers, and categorical values (like decision domain or trap tag). We never receive the text of your reflections, decisions, or protocol answers through analytics.
On iOS, our analytics implementation does not use your Identifier for Advertisers (IDFA) and does not trigger an App Tracking Transparency prompt. PostHog receives no cross-app tracking data.
Palaestra analyzes your decision history to generate your Judgment Report and adapt your training curriculum (the “Pattern Map”). This is automated profiling under GDPR Art. 4(4) and Automated Decisionmaking Technology under the CPRA. It is advisory only and does not produce legal or similarly significant effects without your active participation.
You have the right to (i) request information about the logic of the Pattern Map, (ii) request human review of any output you disagree with, (iii) express your point of view and contest the output, and (iv) opt out of the Pattern Map at any time without losing access to the rest of the Service. Brazilian users have the explicit review right under LGPD Art. 20. To exercise any of these rights, email privacy@getpalaestra.com.
Palaestra is designed for adult founders and business operators. We do not knowingly collect personal information from anyone under the age of 16, and we do not direct the Service to children. If you believe a child under 16 has provided us with personal information, contact privacy@getpalaestra.com and we will delete it promptly.
If we make material changes, we will notify you through the app or by email before the changes take effect, with a reasonable notice period where required by applicable law. Continued use of the Service after a change takes effect constitutes acceptance.
Questions about your data? Contact Palaestra Labs at privacy@getpalaestra.com.