Privacy Policy.
Jasmine Sakpoba, trading as Obiter (“we”, “us”, “our”), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, process, and protect your personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are registered with the Information Commissioner’s Office (ICO) under registration number ZC127489.
Data controller: Jasmine Sakpoba, trading as Obiter, 28 Windermere Avenue, London, N3 3QY.
For data-protection requests (access, deletion, objection), contact privacy@obiter.site.
1. Legal Basis for Processing
We process your personal data based on:
- Consent: you have explicitly given us permission (e.g. marketing emails)
- Contract Performance: processing is necessary to provide the Service (e.g. storing your essays, authentication)
- Legal Obligation: we are required by law (e.g. tax records)
- Legitimate Interests: we have a legitimate business interest not overridden by your rights (e.g. fraud prevention, security, analytics)
2. What Data We Collect
2.1 Data You Provide Directly
- Account Registration: email address, hashed password, name (optional), university/institution (optional), year of study (optional)
- Your Content & Activity: essays and answers, flashcards and study notes, quiz responses and SBAQ answers, bookmarks and saved articles, study timer sessions, calendar events from connected calendar providers, search queries, support communications
- Payment Information: billing address and subscription details only — we do not store your full card details (handled by Stripe)
2.2 Data Collected Automatically
- Device & Browser: device type, operating system, browser type and version, IP address, user agent
- Usage Data: pages/screens you visit, time spent on features, search queries, button interactions (anonymised), error reports
- Cookies: session cookies, analytics cookies, and preference cookies — see Section 9
We do not actively track your precise location. Your IP address may reveal approximate country/city.
2.3 Data From Third Parties
- Supabase — database and authentication
- Anthropic, PBC — We use Anthropic's API to power the Obiter AI assistant. When you send a message to Obiter AI, the content of that message (and any document text you upload) is transmitted to Anthropic for processing. Anthropic acts as a data processor on our behalf under a Data Processing Agreement. Anthropic does not use API customer data to train its AI models. Data transmitted to Anthropic is subject to Anthropic's Privacy Policy, available at anthropic.com/privacy. Anthropic processes data in the United States; this transfer is subject to appropriate safeguards under UK GDPR including Standard Contractual Clauses.
- Stripe — payment processing
- Resend — transactional emails
- Functional Software, Inc. (Sentry) — application error and performance monitoring. We have disabled the sending of personally identifying information to Sentry (sendDefaultPii is false). Sentry processes data in the United States under Standard Contractual Clauses.
- Google LLC — when you connect Google Calendar, we receive calendar event data via the Google Calendar API
- Microsoft Corporation — when you connect Outlook Calendar, we receive calendar event data via Microsoft Graph
3. How We Use Your Data
3.1 Essential Uses
We process your data to: create and maintain your account; authenticate you; provide the Service; send transactional emails; comply with legal obligations; detect and prevent fraud; enforce our Terms of Service; and respond to law enforcement requests.
3.2 Service Improvement
We use your data to understand how you use Obiter, identify and fix bugs, improve algorithms, test new features, and personalise your experience.
3.3 Marketing (Consent Required)
We will only send you marketing emails if you explicitly opt-in. You can opt-out at any time via the unsubscribe link or in Settings. We will not sell, share, or rent your email address to third parties.
3.4 AI-Powered Features
Your conversations with Obiter AI are never used to train AI models. Neither Jasmine Sakpoba, trading as Obiter, nor our AI provider, Anthropic, use your conversation data for model training purposes. Your study questions, uploaded documents, and legal discussions remain private to you and are used solely to generate your responses.
When you use essay feedback or AI explanations, your content is sent to Anthropic's API. Obiter does not use your essays or answers to train AI models. AI feedback is generated by machine learning and may not be perfect — review it critically and always verify against authoritative sources.
4. Third-Party Calendar Integrations
4.1 What We Access
When you connect Google Calendar or Microsoft Outlook Calendar to Obiter, we receive read-and-write access to your calendar events. This means we can: read event title, description, start time, end time, location, and unique identifier; create new events you add inside Obiter that you choose to save to that calendar; modify events you edit inside Obiter; and delete events you delete inside Obiter. We do not access attendee email addresses, attachments, or anything outside event-level data. We only write to the calendar when you take an explicit action inside Obiter (creating, editing, or deleting an event). For iCal URL subscriptions, we fetch the publicly accessible calendar feed at the URL you provide; whatever the source publishes in that feed is what we receive — iCal subscriptions are read-only.
4.2 Why We Access It
The sole purpose is to display your existing calendar events inside Obiter's calendar view alongside your academic deadlines, study sessions, and exam dates — giving you a single planning view. This is the only purpose for which we use Google or Microsoft calendar data.
4.3 What We Do Not Do
- We only modify, create, or delete events when you explicitly trigger that action in the Obiter UI — we never write to your calendar automatically
- We do not use your calendar data for advertising, profiling, machine-learning training, or any purpose other than displaying and managing it within the Obiter app
- We do not sell or share calendar data with any third party
4.4 Storage and Retention
Calendar events you sync are stored in our database, encrypted at rest, and linked only to your Obiter account. OAuth refresh tokens are stored encrypted. You can disconnect a calendar at any time from Obiter's calendar page, which removes the OAuth token and deletes the synced events from our database. If you delete your Obiter account entirely, all calendar data is removed with it.
4.5 Google API Services User Data Policy
Obiter's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
4.6 Microsoft Graph Data
Obiter's use of Microsoft Graph data complies with Microsoft's Services Agreement and follows the same limited-use principles described above.
5. Third-Party File Storage Integrations
5.1 What We Access
When you connect Google Drive, Microsoft OneDrive, or Dropbox to Obiter, we receive: the ability to browse your file list and folders (file names, IDs, modified dates, MIME types), read the contents of files you explicitly import into Obiter, and create or update files in a folder you nominate. For Google Drive specifically, we request the drive.readonly scope (read access to your Drive so you can browse and import) and the drive.file scope (write access only to files Obiter creates or that you explicitly select). For OneDrive we request the equivalent Microsoft Graph scopes (Files.ReadWrite). For Dropbox we request the equivalent scopes to browse and import files you select.
5.2 Why We Access It
To let students import lecture notes, past papers, case briefs, and other study materials from their Drive, OneDrive, or Dropbox into Obiter's note-taking system, and to save Obiter-generated notes and essays back to their cloud storage when they choose to.
5.3 What We Do Not Do
- We only read or write files when you take an explicit action (clicking “Connect Drive”, picking a file from the browser, choosing “Save to Drive”)
- We do not scan, index, or process files outside what you explicitly import
- We do not use file contents for advertising, profiling, or machine-learning training
- We do not sell or share file contents or metadata with any third party
5.4 Storage and Retention
Files you import are stored in our database, encrypted at rest, and scoped to your account. OAuth refresh tokens are stored encrypted. You can disconnect Google Drive, OneDrive, or Dropbox at any time from Settings, which removes the OAuth token and deletes any imported file content from our database (you can choose to keep notes created from those files). If you delete your Obiter account, all imported file content is removed with it.
5.5 Google API Services User Data Policy
Obiter's use and transfer of information received from Google APIs (including Drive) adheres to the Google API Services User Data Policy, including the Limited Use requirements.
5.6 Microsoft Graph Data
Obiter's use of Microsoft Graph data (including OneDrive files) complies with Microsoft's Services Agreement and follows the same limited-use principles described above.
6. Data Retention
- Account & Personal Data: retained while your account is active; deleted within 30 days of account deletion
- User Content: retained while your account is active; deleted within 30 days of account deletion (backups up to 90 days)
- Payment Records: retained for 6 years (UK tax law)
- Server Logs: 30 days; detailed analytics 1 year; summary analytics indefinitely (anonymised)
- AI Document Uploads: extracted text retained for 30 days from upload date, then automatically deleted
6.1 AI Conversation Data
Your conversation history with Obiter AI is stored and linked to your account for as long as your account remains active. You may delete individual conversations or your entire conversation history at any time from within the app. If you delete your account, all conversation history is permanently deleted within 30 days. Obiter staff may access anonymised conversation data in limited circumstances for safety monitoring and product improvement, subject to strict internal access controls. Conversations are never reviewed by Obiter staff in a personally identifiable form except where required to investigate a breach of these Terms, a safety concern, or a legal obligation.
6.2 AI Document Uploads
When you upload a document to Obiter AI, we extract the text content of that document for processing. The original file is not stored on Obiter servers — only the extracted text is retained, for up to 30 days from upload. Extracted text is transmitted to Anthropic for AI processing (see Section 7). You can request deletion of uploaded document data at any time by contacting privacy@obiter.site or using the in-app data deletion tools. Do not upload documents containing sensitive personal data about third parties, as such data will be transmitted to our AI provider.
7. Data Sharing & Third Parties
7.1 Who We Share With
We share data only with service providers bound by Data Processing Agreements: Supabase (database), Anthropic (AI processing), Stripe (payments), Resend (email), Functional Software, Inc. (Sentry — application error and performance monitoring), and legal or regulatory authorities if required by law. We also receive data from Google LLC (Google Calendar API, Google Drive API), Microsoft Corporation (Microsoft Graph), and Dropbox, Inc. when you connect those services — see Sections 4 and 5 for details on how that data is used.
7.2 What We Do Not Do
- We do not sell your personal data to advertisers or data brokers
- We do not share your essays with Anthropic for model training
- We do not share your data with competitors
7.3 International Transfers
Some service providers are based outside the UK. The following processors are based in the United States and transfers are subject to Standard Contractual Clauses (SCCs): Anthropic, PBC (AI processing); Stripe, Inc. (payments); Functional Software, Inc. (Sentry — error monitoring); Dropbox, Inc. (file storage integration). Contact us for further details on the safeguards in place.
8. Your GDPR Rights
Under UK GDPR, you have the right to:
- Access: request a copy of all personal data we hold about you
- Rectification: correct inaccurate or incomplete data (update in Settings or email us)
- Erasure: request deletion of your personal data (delete your account in Settings)
- Data Portability: receive your data in a portable format (CSV/JSON) via Settings → Data & Privacy
- Object: object to certain processing, including marketing (click Unsubscribe or email us)
- Restrict Processing: request that we limit how we use your data
- Lodge a Complaint: with the ICO at ico.org.uk/make-a-complaint
To exercise any right, email privacy@obiter.site. We will respond within 30 days.
8.1 AI Conversation Data in Subject Access Requests
Your Obiter AI conversation history is personal data and is included in any Subject Access Request (SAR) you make. If you exercise your right to erasure, your AI conversation history will be deleted in addition to your other account data. You may also delete your conversation history directly in the app without submitting a formal SAR.
9. Cookies
We use:
- session_token — authentication (required, keeps you logged in)
- obiter_theme — remember your theme preference (essential)
- obiter_cookie_consent — stores your cookie consent preference (essential)
- stripe_session — payment processing (required for checkout)
If you select “Accept All” on the cookie banner, we record first-party usage analytics (such as which pages you visit and how long you spend on features) against your Obiter account on our own servers. No separate analytics cookie is set and no third-party analytics tracker is used. If you select “Essential Only”, this analytics is not collected.
You can manage cookies in your browser settings. Disabling essential cookies may limit functionality. See our full Cookie Policy.
10. Security
We implement industry-standard security: HTTPS/TLS encryption in transit, AES-256 encryption at rest for sensitive data, bcrypt password hashing, access controls with multi-factor authentication, and regular security audits. If a breach occurs, we will notify you within 72 hours as required by law.
11. Children's Privacy
Obiter is not intended for children under 16. We do not knowingly collect data from children under 16. If we discover we have done so, we will delete it immediately.
12. Changes to This Policy
We may update this Privacy Policy as needed. Material changes will be posted on this page and notified via email at least 30 days in advance.
13. Contact
Data controller: Jasmine Sakpoba, trading as Obiter, 28 Windermere Avenue, London, N3 3QY.
For privacy questions or requests: privacy@obiter.site