Privacy Policy

Last updated: 2026-05-25

Our promise

We do not sell or share your information.

No advertisers. No data brokers. No schools. No test-prep companies. No analytics resellers. No exceptions for marketing or profit.

The only data we ever send outside Acceptly is what's needed to help students achieve their goals — specifically, your messages and a small profile snapshot are sent to AI services (Anthropic today) so the advisors can respond with real, context-aware guidance. That's it.

If we ever change this — if we ever consider any other data sharing — we will email every registered user before it takes effect and you can delete your account first. The full breakdown below describes exactly what we collect, why, and how to ask us to delete it.

Draft. This policy is a plain-language placeholder while we finalize a lawyered version. The handling described below is what we actually do today. If you have a specific question, email Bobby@growwithaiguy.com.

What this is

Acceptly is a college planning workbench for high school juniors and seniors. This page describes what data we collect, what we do with it, and how to ask us to delete it.

What we collect

Account info: email address and a password (hashed and managed by Amazon Cognito). Email is required for sign-in and to send the notifications you've opted into.
What you enter in the workbench: your profile (name, grade, GPA, test scores, intended major, activities), your college list, your applications, your essays, your scholarships, your custom deadlines.
What you say to the AI advisors: your chat messages, kept so the advisors can reference earlier conversation. You can clear any conversation from inside the chat drawer.
Operational data: standard server logs (timestamps, IP address, browser type) retained briefly for security and debugging.

What we don't collect

Race or ethnicity, Social Security numbers, passport numbers, or full date of birth.
Information from third-party trackers or behavioral ad networks — we don't run any.
Anything we don't ask you for directly.

How we use it

To run the product: showing your workbench, generating advisor responses, sending the email reminders and weekly digests you've opted into.
To improve the product: aggregated, non-identifying analytics about which features get used (e.g., "how many users opened the inbox this week"). We never sell or share this with third parties.
To contact you: only for the email types you've enabled in your profile preferences. Unsubscribe links work one-click, no login required.

Who we share with

We share only with vendors that operate our product on our behalf:

Amazon Web Services hosts our application, database, and email infrastructure (US-East region).
Anthropic processes advisor messages so the AI can respond. Anthropic does not retain or train on this data.
Resend delivers transactional email (deadline reminders, weekly digests).

We do not sell your data, share it with advertisers, or share it with college admissions offices or test-prep companies.

How long we keep it

We keep your account and workbench data as long as your account exists. If you delete your account, your data is removed from active databases within 30 days. Backup snapshots may retain data for up to 90 additional days before automatic deletion.

How to access, export, or delete your data

Account self-service for export and deletion is coming soon. Until then, email Bobby@growwithaiguy.com with the email you signed up with and we'll handle either request within 48 hours, no questions asked.

Audience considerations

Acceptly is built for users aged roughly 14-18 — minors in the eyes of most privacy regimes. We're not subject to COPPA (which covers under-13) but we follow COPPA-style data minimization: collect only what we need, never run behavioral ads, never sell data, give a clear path to deletion. We have not completed formal reviews under California CPRA, Illinois SOPPA, Texas SCOPE Act, Colorado, or Connecticut privacy laws yet; that review is on our near-term roadmap.

Cookies and tracking

We use one cookie: the Cognito session token that keeps you logged in. We do not use third-party tracking pixels, analytics tags, or advertising cookies.

Security

Your data is encrypted in transit (HTTPS) and at rest (AWS-managed encryption). Your password is hashed and never stored in plain text. We follow standard AWS security best practices: least-privilege IAM, no public database endpoints, all secrets in encrypted parameter store.

Changes to this policy

If we change anything material about how we handle your data, we'll email registered users at least 14 days before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.

Contact

Questions, concerns, or specific requests: Bobby@growwithaiguy.com.

← Back to Acceptly