Privacy Policy

Last updated: April 2026

AI Pro Playbook ("the Platform") is operated by KAZ Investments, LLC, an Ohio limited liability company ("we," "us," or "our"). This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our Platform. By using the Platform, you consent to the practices described in this policy.

1. Information We Collect

Information You Provide

Account information: name, email address, and password when you create an account.
Payment information: processed securely by Stripe. We never store your credit card number, CVV, or full card details on our servers. Stripe may store a tokenized payment method for recurring billing.
Profile information (optional): phone number, city, state or province, country, bio, company name, job title, website URL, and profile photo.
Social login data: if you sign in using Google or GitHub, we receive your name and email address from those providers. We do not access any other data from your Google or GitHub accounts.
Contact form submissions: name, email, and message content when you contact us.
User-generated content: personal notes on lessons, and any content you submit through community features (if available).

Information We Collect Automatically

Learning activity: lesson progress and completion status, quiz responses and scores, playbook enrollments and progress, saved/favorited lessons, tools, companies, industries, and playbooks.
Device and access information: IP address, browser type and version, operating system, referring URL, pages visited, and timestamps. This data is collected through server logs and is not linked to advertising profiles.
Cookies: see Section 6 below for details on our cookie usage.

Information We Do Not Collect

We do not collect biometric data, precise geolocation, health information, financial account numbers (beyond Stripe tokenization), or any data from your device beyond what is described above. We do not use your personal data to train AI models.

2. How We Use Your Information

We use your information for the following purposes:

Platform operation: to provide, operate, and maintain the AI Pro Playbook platform and its features.
Personalization: to display your profile, track your learning progress, generate certificates of completion, and personalize your experience (such as showing playbook recommendations and progress indicators).
Payments: to process subscription payments, send receipts, and manage billing.
Communication: to respond to your inquiries, send service announcements, account notifications, and security alerts.
Improvement: to improve our curriculum and platform based on aggregate, anonymized usage patterns. We analyze which lessons are completed, which features are used, and where users encounter difficulties — in aggregate, not individually.
Safety and security: to detect and prevent fraud, abuse, and security incidents.
Legal compliance: to comply with applicable laws, regulations, and legal processes.

We do not sell, trade, or rent your personal data to third parties. We do not use your data for targeted advertising. We do not share your data with data brokers.

3. Third-Party Service Providers

We use the following third-party services to operate the Platform. These providers process data on our behalf and are contractually obligated to protect your information:

Supabase — Authentication, database, and file storage (US data centers, AWS us-west-2). Stores account data, learning progress, and uploaded files (profile photos).
Stripe — Subscription and payment processing. Handles all payment card data directly; we never receive or store full card numbers. Subject to Stripe's Privacy Policy.
Vercel — Hosting, content delivery, and serverless functions (global edge network). Processes server logs including IP addresses.
YouTube — Embedded lesson videos. When you play a video, YouTube may set cookies and collect data subject to Google's Privacy Policy.
Google & GitHub — Optional social login (OAuth). We receive only your name and email address during authentication.
OpenAI — Used to generate audio narrations for lesson content. No user personal data is sent to OpenAI; only lesson text content is processed for text-to-speech generation.

We may add additional service providers in the future (such as analytics or email delivery services). This Privacy Policy will be updated accordingly, and material changes will be communicated as described in Section 12.

4. When We Share Your Information

We share your personal information only in the following circumstances:

Service providers: with the third-party services listed in Section 3, solely for the purposes of operating the Platform.
Legal requirements: when required by law, regulation, legal process, or governmental request.
Protection of rights: to enforce our Terms of Service, protect the safety of our users, or protect our rights and property.
Business transfers: in connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. We will notify you of any such transfer.
With your consent: in any other circumstance where you have given explicit consent.

5. Data Security

We take reasonable measures to protect your personal information, including:

All data transmitted between your browser and our servers is encrypted using TLS (HTTPS).
Passwords are hashed and salted — we cannot read your password.
Payment processing is handled entirely by Stripe (PCI DSS Level 1 certified).
Database access is restricted through Row Level Security (RLS) policies that ensure users can only access their own data.
Administrative access to systems is limited to authorized personnel with multi-factor authentication.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. If we become aware of a security breach that affects your personal data, we will notify you and any applicable regulatory authorities as required by law.

6. Cookies and Tracking

Essential cookies only. We use only essential cookies required for authentication (session tokens managed by Supabase Auth). These cookies are necessary for the Platform to function and cannot be disabled.

No tracking or advertising cookies. We do not use cookies for advertising, retargeting, cross-site tracking, or behavioral profiling. We do not participate in any advertising networks.

Third-party cookies: YouTube may set cookies when you play embedded videos. These cookies are subject to Google's Privacy Policy and are outside our control.

Do Not Track: We honor Do Not Track (DNT) browser signals. Since we do not use tracking or advertising cookies, our Platform behavior is the same regardless of your DNT setting.

7. Data Retention

We retain your account data for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days, with the following exceptions:

Billing records and transaction history may be retained for up to 7 years as required by tax and accounting regulations.
Data required to comply with legal obligations, resolve disputes, or enforce our agreements may be retained as necessary.
Anonymized, aggregated data (which cannot be used to identify you) may be retained indefinitely for analytical purposes.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: request a copy of the personal data we hold about you.
Correction: request that we correct inaccurate or incomplete data.
Deletion: request that we delete your personal data (subject to legal retention requirements).
Portability: request your data in a structured, machine-readable format.
Restriction: request that we limit how we process your data.
Objection: object to our processing of your data in certain circumstances.
Withdrawal of consent: where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, contact us. We will respond to your request within 30 days. We will not discriminate against you for exercising your privacy rights.

9. Children's Privacy

The Platform is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to delete that information as soon as possible. If you believe a child under 13 has provided us with personal information, please contact us immediately.

Users between 13 and 18 may use the Platform with parental or guardian consent as described in our Terms of Service.

10. California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with additional rights:

Right to know: you may request details about the categories and specific pieces of personal information we collect, the purposes for collection, and the categories of third parties with whom we share it.
Right to delete: you may request deletion of your personal information, subject to certain exceptions.
Right to opt-out of sale: we do not sell your personal information to third parties. We do not share your personal information for cross-context behavioral advertising.
Right to non-discrimination: we will not discriminate against you for exercising your CCPA/CPRA rights.

To exercise your California privacy rights, contact us at our contact page. We will verify your identity before processing your request.

11. European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) provides you with additional protections.

Legal basis for processing: we process your data based on: (a) your consent (account creation, optional profile fields); (b) performance of a contract (providing the Platform services you subscribed to); (c) legitimate interests (improving the Platform, security, fraud prevention); and (d) legal obligations (tax and billing records).

International data transfers: your data is stored and processed in the United States. By using the Platform, you consent to the transfer of your data to the United States. We rely on Standard Contractual Clauses and our service providers' data protection agreements to ensure adequate protection of transferred data.

Data Protection Officer: for GDPR-related inquiries, contact us at our contact page. You also have the right to lodge a complaint with your local data protection authority.

12. Email Communications

We may send you the following types of emails:

Transactional emails (cannot be opted out): account verification, password resets, payment confirmations, subscription changes, and security alerts.
Service announcements: important updates about the Platform, changes to Terms or Privacy Policy, and new feature announcements. You may opt out of non-essential announcements.
Educational content: optional newsletters, learning tips, or course recommendations. You may opt out at any time via an unsubscribe link in any email.

We will never send you unsolicited marketing emails without your consent.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by email or via a prominent notice on the Platform at least fifteen (15) days before the changes take effect. Your continued use of the Platform after the effective date constitutes acceptance of the updated policy. We encourage you to review this page periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at our contact page or by mail at:

KAZ Investments, LLC
Attn: Privacy
9423 Montgomery Road
Cincinnati, OH 45242
United States

← Back to home