← Back to Tekglen Compass

Privacy Policy

Last updated: March 2026

Also see: Legal & Disclaimers

Tekglen Compass ("we", "our", or "us") is operated by Tekglen. This Privacy Policy explains what personal information we collect when you use ai.tekglen.com, how we use it, who we share it with, and what rights you have over it. We keep this short and factual — no legalese padding.

1. Information We Collect

Account information. When you create an account with email and password we store your name, email address, and a one-way scrypt hash of your password. When you sign in with Google we store your name, email address, and the Google subject identifier returned by Google's Identity Services — we never see or store your Google password.

Query data. Every question you submit to Tekglen Compass is stored so we can enforce your daily usage limit, investigate abuse, and improve answer quality over time. Anonymous (not signed-in) queries are linked to a random session ID stored in your browser; they are not linked to a named individual unless you later create an account.

Feedback. If you give a thumbs-up or thumbs-down on an answer, we store the rating alongside the question and the retrieved content. We use this to identify knowledge gaps and improve the product.

Usage metadata. We record the date and pillar (e.g. Security, What's New) of each query to calculate your daily limit and to understand which parts of the product are most useful.

Browser storage. We use localStorage to store your auth token and user profile locally so you stay signed in across sessions. We do not use tracking cookies or third-party advertising cookies.

2. How We Use Your Information

• Authentication — to verify your identity on sign-in and keep your session active.
• Rate limiting — to enforce the free-tier daily query limit (currently 24 queries/day for signed-in free accounts).
• Product improvement — query text and feedback ratings are reviewed to identify missing KB content and to tune answer quality.
• Transactional email — to send you email verification, password-reset, and account-confirmation emails. We do not send marketing email without your explicit consent.
• Security — to detect and respond to abuse, fraudulent registrations, or unauthorised access.

3. Third-Party Services

Tekglen Compass is built on several third-party services. Each receives only the data necessary to perform its function.

• Neon (neon.tech) — our cloud PostgreSQL database. All account, query, and knowledge-base data is stored here. Neon is SOC 2 Type II certified. Data is hosted in AWS us-west-2 (Oregon).
• Anthropic Claude — the AI model that generates answers. Your query text is sent to Anthropic's API. Anthropic's privacy policy applies to API usage: anthropic.com/legal/privacy.
• OpenAI — used to generate vector embeddings of knowledge-base content and queries. Query text is sent to OpenAI's Embeddings API. OpenAI's privacy policy applies: openai.com/policies/privacy-policy.
• Cohere — used to rerank search results for relevance. Query text is sent to Cohere's Rerank API. Cohere's privacy policy applies: cohere.com/privacy.
• Resend (resend.com) — used to send transactional emails (verification, password reset, welcome). Your email address is shared with Resend for this purpose only.
• Google Identity Services — if you choose "Sign in with Google", Google authenticates you and returns your name, email, and a subject identifier to us. Google's privacy policy applies: policies.google.com/privacy.
• Render (render.com) — our application hosting provider. Application logs, which may contain email addresses, are retained for 7 days on Render's infrastructure.

We do not sell your data to any third party, ever.

4. Data Retention

Account records are retained for as long as your account is active. If you request deletion, we will remove your account record, email address, and associated query history within 30 days. Aggregated, non-identifiable usage statistics may be retained indefinitely.

Anonymous session queries are retained for 90 days and then purged.

Password-reset and email-verification tokens expire after 1 hour and 24 hours respectively and are cleared from the database on use or expiry.

5. Data Security

Passwords are hashed with scrypt (N=16384, r=8, p=1) — a deliberately slow algorithm designed to resist brute-force attacks. We never store plaintext passwords.

All connections to our database use TLS. API endpoints are served over HTTPS only. Auth tokens are UUIDs stored in your browser's localStorage and sent as Bearer tokens — they are not exposed in URLs or cookies.

Despite these measures, no system is perfectly secure. If you believe your account has been compromised, contact us immediately at legal@tekglen.com.

6. Your Rights

You may request to:

• Access the personal data we hold about you.
• Correct inaccurate information (e.g. your name).
• Delete your account and associated data.
• Export your query history in a machine-readable format.

To exercise any of these rights, email legal@tekglen.com from the address registered to your account. We will respond within 14 days.

7. Children's Privacy

Tekglen Compass is designed for HR and IT professionals and is not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

8. Changes to This Policy

We may update this policy as the product evolves. Material changes will be communicated by updating the "Last updated" date above and, where appropriate, by email to registered users. Continued use of Tekglen Compass after a policy update constitutes acceptance of the revised policy.

9. Contact

For privacy questions, data requests, or concerns, contact us at:
legal@tekglen.com
Tekglen · ai.tekglen.com