CoThinkAICoThinkAI

Privacy Policy

Last updated: April 15, 2026

Introduction

Welcome to CoThinkAI, operated by Redstone Foundry LLC ("we," "us," or "our"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our collaborative AI chat platform at cothinkai.app.

Information We Collect

We may collect, use, store, and transfer different kinds of personal data about you:

  • Identity Data: name, display name, or similar identifier
  • Contact Data: email address and phone number
  • Profile Data: display name, avatar color, and account preferences
  • Conversation Data: messages sent in chat rooms, pinned truths, and conversation summaries
  • Technical Data: IP address, browser type, device information, and usage data
  • Billing Data: subscription plan, payment method (processed by Stripe), and billing history

How We Use Your Information

We use your personal data for the following purposes:

  • To provide and maintain our collaborative AI chat service
  • To create and manage your account
  • To enable real-time communication between room members
  • To send your messages to AI model providers for response generation
  • To generate conversation summaries for context management
  • To process subscriptions and billing through Stripe
  • To send you important updates and notifications
  • To improve our platform and user experience
  • To prevent fraud and ensure platform security
  • To comply with legal obligations

AI and Your Data

When you send a message in a CoThinkAI room, your message (along with conversation context) is sent to third-party AI model providers to generate responses. Important things to know:

  • We do not train AI models on your data. Your conversations are used solely for generating responses.
  • AI providers process your messages according to their own data policies. We use providers that do not train on API inputs.
  • Conversation summaries are generated and stored to manage context efficiently, not for any other purpose.
  • Pinned truths (hearted messages) are stored and included in AI context only within their respective rooms.

Information Sharing

We do not sell your personal data. We may share your information in the following circumstances:

  • With Room Members: Your messages and display name are visible to other members of rooms you join.
  • AI Model Providers: Message content is sent to AI providers (via OpenRouter) to generate responses.
  • Payment Processor: Billing information is processed by Stripe. We do not store your payment card details.
  • Hosting and Infrastructure: We use Vercel for hosting and Supabase for data storage.
  • Legal Requirements: We may disclose information if required by law or to protect our rights.

Data Security

We implement appropriate security measures to protect your personal data. This includes encrypted data transmission (HTTPS), row-level security on our database, secure authentication via Supabase Auth, and regular security reviews. However, no method of transmission over the Internet is 100% secure.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Object to processing of your data
  • Request transfer of your data
  • Withdraw consent at any time

To exercise these rights, please contact us at privacy@cothinkai.app.

Cookies and Tracking

We use cookies and similar technologies to maintain your authentication session and store preferences. For more details, see our Cookie Policy.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our service. Conversation data is stored permanently so you can always access your message history. When you delete your account, we will remove your personal data, profile information, and room memberships. Room messages you authored may be retained in anonymized form.

Third-Party Services

We use the following third-party services:

  • Supabase — authentication, database, and real-time messaging
  • Vercel — hosting and deployment
  • Stripe — payment processing
  • OpenRouter — AI model routing (connects to OpenAI, Anthropic, Google, xAI, DeepSeek)

Each of these services has its own privacy policy, which we encourage you to review.

Children's Privacy

CoThinkAI is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

GDPR Compliance (EU Users)

If you are a resident of the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR).

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract: Processing necessary to provide our service
  • Consent: You have given explicit consent for specific activities
  • Legitimate Interests: Fraud prevention, security, and service improvement
  • Legal Obligation: Processing required to comply with applicable laws

Your GDPR Rights

Under GDPR, you additionally have the right to:

  • Request restriction of processing
  • Receive your data in a structured, machine-readable format (data portability)
  • Lodge a complaint with your local data protection authority

We will respond to GDPR requests within one month. Contact us at privacy@cothinkai.app.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the service constitutes acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy, please contact us:

  • Email: privacy@cothinkai.app