Last updated: May 3, 2026

Privacy Policy

This policy explains what data ianymu.com collects, how we use it, who we share it with, and what rights you have.

01 — Data We Collect

We collect only data necessary to operate this site. Specifically:

Email Address: Collected only when you register or sign in. Stored encrypted by Supabase Auth. Used to send magic link sign-in emails and essential account notifications.
Anonymous IP Address: Auto-recorded in Vercel server logs for security, rate limiting, and troubleshooting. Auto-rotated and overwritten after 30 days.
Cookies: Only essential cookies are used. See §3 Cookie Usage.
AI Chat Messages: Your messages to and from the AI assistant. Messages from signed-in users are retained long-term to provide context; anonymous chats are cleared after 30 days.
Contact Form Fields: Information you voluntarily submit: name, email, message body, and selected lane (hiring/consulting/collaboration).
Page View Telemetry: Aggregate metrics such as path and time-on-page. Contains no PII (personally identifiable information).

02 — Third-Party Processors

To deliver the site's functionality we transmit necessary data to the following third-party services. Each provider bears its own privacy responsibilities under its own policy.

Supabase (US): User authentication + Postgres database (profile / chat / contact tables).
Vercel (US): Site hosting · Functions runtime · server logs.
Sentry (US): Frontend / backend error tracking. PII scrub is enabled; sensitive fields in requests are auto-stripped.
Resend (US): Transactional email delivery (magic links, sign-in confirmations).
Google OAuth: Identity provider when you choose 'Sign in with Google'. We request only your email and basic profile — we do not read your Gmail / Drive / Calendar data.
DeepSeek (China, CAC-registered): Primary AI Chat inference provider. All users on China mainland / HK / MO / TW IPs, plus overseas Guest/Free/Recruiter/Pro tiers, use DeepSeek. Your chat messages are sent to DeepSeek servers for inference and may be logged there — do not input PII, secrets, or trade secrets in chat.
OpenAI (US, overseas Ultra tier only): OpenAI gpt-5.4 is invoked only when (1) your IP is outside China mainland / HK / MO / TW AND (2) you subscribe to the Ultra paid tier. China / HK / MO / TW IPs never reach OpenAI even on Ultra (compliance requirement).
Cloudflare: DNS resolution + CDN / WAF protection + geo headers used to route AI model selection above.

03 — Cookie Usage

We use two categories of cookies: essential (basic site function) and analytics (anonymous page-view stats — enabled only after you opt in via the Cookie Banner at the bottom). No third-party advertising or tracking cookies.

seen_welcome (30 days · essential): Marks first-time visitors so the welcome animation doesn't replay on every visit.
NEXT_LOCALE (1 year · essential): Remembers your UI language preference (zh / en) for the next visit.
sb-* (Supabase auth · essential): Sign-in session credentials. HttpOnly + Secure, managed by the Supabase client, transmitted only on authenticated requests.
admin_session / admin_csrf_token (8 hours · essential · admin only): HttpOnly cookies present only when the site owner signs into /admin; regular visitors never receive them.
chat_session_id (30 days · essential): Anonymous chat session identifier so a returning visitor can resume the same conversation in the same browser.
portal_visitor (180 days · analytics · consent required): Anonymous page-view tracking identifier. Written only after you click 'Agree' on the Cookie Banner; clicking 'Reject' actively removes any existing portal_visitor cookie.

04 — Your Rights

You hold the following rights over your data. Submit any request via the /contact form; we will respond within 30 business days.

Access & Export: Submit a request via the /contact form; we'll provide a machine-readable (JSON) copy of your data.
Account Deletion: Already implemented: sign in → visit /profile → 'Delete Account' button. Deletion takes effect immediately; chat history and profile are permanently erased and cannot be recovered. Backed by the Supabase RPC delete_own_account.
Correction: Submit a request via the /contact form, or edit editable fields directly on the /profile page.
Withdraw Consent: Submit a request via the /contact form. Subject to statutory retention duties (e.g. AML, tax records), some data cannot be deleted immediately.
Complaints & Appeals: If you disagree with how we process your data, contact us via the /contact form. Every complaint is reviewed.
How to Reach Us: Submit inquiries, complaints, or data requests via the on-site /contact form. The form is honeypot-protected and lands in Ian's unified review queue.

05 — Data Retention

Retention varies by data type:

Signed-in chat_messages: Retained long-term until you delete your account. Cleared immediately upon deletion.
Anonymous chats: Auto-cleared after 30 days.
contact_submissions: Retained indefinitely as business correspondence (hiring / consulting lead value). You may submit a 'data deletion' request via the /contact form at any time.
Error logs (Sentry / Vercel): Auto-rotated and overwritten after 90 days.
Server access logs: Auto-rotated and overwritten after 30 days.