Privacy Policy

Last updated: April 15, 2026

This Privacy Policy describes how Devello Studios (“we”, “us”, or “our”) collects, uses, and protects information when you use the Research Engine web application at researchengine.app and the DeepDive iOS application (collectively, the “Service”).

1. Information We Collect

Account Information

When you create an account, we collect your email address and display name. If you sign in via Google, GitHub, or Apple, we receive the profile information you authorize those providers to share (name, email, avatar URL). We do not receive or store your passwords from third-party providers.

Research Data

We store the missions, research findings, knowledge entries, and source URLs you create through the Service. This data is scoped to your account and is not shared with other users.

Payment Information

Payments are processed by Stripe. We do not store credit card numbers, bank account details, or other sensitive financial data on our servers. We retain your Stripe customer ID and subscription status for billing purposes.

Usage Data

We collect basic analytics such as the number of research runs, credit transactions, and aggregate feature usage. We do not use third-party tracking pixels or advertising SDKs.

2. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To authenticate your identity and secure your account
  • To process payments and manage your subscription
  • To send transactional notifications (research completion, billing receipts)
  • To debug errors and improve performance

3. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) hosted on AWS in the us-east-1 region. All connections use TLS encryption in transit. Database access is controlled via row-level security policies scoped to your user ID. Backups are retained per Supabase’s standard retention policy.

4. Third-Party Services

We use the following third-party services to operate:

  • Supabase — authentication and database hosting
  • Vercel — web application hosting
  • Anthropic — AI model inference for research synthesis
  • Stripe — payment processing
  • Inngest — background job orchestration

Each provider operates under its own privacy policy. We only share the minimum data required for each service to function (e.g., your research objective is sent to Anthropic for synthesis; your email is sent to Stripe for receipts).

5. Data Retention and Deletion

You may delete individual missions, knowledge entries, or your entire account at any time. Deleting your account removes all associated data from our active database. Backup copies may persist for up to 30 days per our hosting provider’s retention schedule.

6. Children’s Privacy

The Service is not directed at children under 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 13, we will delete it promptly.

7. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised “Last updated” date.

8. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@researchengine.app or visit the Support page.