Privacy Policy

Architect Within is operated by Bram Amine, registered in the Netherlands. Contact: hallo@architectwithin.com. For privacy questions you can use the same address.

This policy covers the Architect Within website (architectwithin.com) and the Architect Within iOS app. The two are operated together but collect different categories of data.

The iOS app stores your activity locally on your device by default. There is no account, no login, and no continuous cloud sync. Two premium features make a single outbound server call each time you use them — these are described below.

• Saved cards, journal entries, quiz results, and onboarding state live on your device only and are removed when you delete the app.
• Shadow Reading (premium): when you tap Generate, your dominant archetype and the text of your most recent journal entries (up to twelve, trimmed to 1200 characters each) are sent over HTTPS to architectwithin.com. We forward them to our AI provider (Anthropic via OpenRouter) to produce the reading, then return the reading text to your device. We do not store your entries or the generated reading on our server. The reading is cached locally on your device so you can re-read it without regenerating.
• AI journal prompt (premium): when you tap Generate on Today's Prompt, your dominant archetype and up to five recent journal entries (trimmed to 600 characters each) are sent to architectwithin.com and forwarded to the same AI provider to produce a single new prompt. No storage on our server. The prompt is cached locally.
• Subscription purchases are handled by Apple via the App Store. We receive only the entitlement status (active subscription yes or no), verified via the StoreKit transaction signed by Apple. We do not see your name, email, payment method, or Apple ID.
• No analytics, no tracking, no crash reporting SDKs are embedded in the app.
• Server logs for the two AI endpoints: IP address, request path, and timestamp are kept for up to 30 days for abuse prevention. The request bodies (your entries) are not logged.

We use Anthropic's Claude models, accessed via OpenRouter, to generate Shadow Readings and journal prompts. When the iOS app triggers one of these features, your archetype and recent journal text are sent to OpenRouter, which forwards them to Anthropic for inference. Their terms apply to that processing: openrouter.ai/privacy and anthropic.com/legal/privacy. We do not use your data to train any model. We do not retain inputs or outputs on our server beyond the duration of the request.

The website collects more data because it offers accounts and purchases.

• Email address when you sign up for the free guide, take the Shadow Score, or create an account via magic link. Stored to send the guide and to log you in. Provider: Resend (transactional email).
• Account data if you log in: email, archetype result, journal entries, purchase history. Stored in our database. Used to render your account.
• Payment data when you buy. Handled by Stripe. We do not store card details. Stripe stores them under their own privacy policy at stripe.com/privacy.
• AI-generated content (Deep Shadow Profile, Shadow Reading) is produced via Anthropic and Google. The prompt you generate may be processed by those providers under their data terms. Inputs and outputs are stored in our database so you can read them again.
• Server logs: IP address, request path, and timestamp are kept for up to 30 days for abuse prevention. No third-party trackers, no Google Analytics, no Meta pixel.

For EU and UK users, the legal bases for processing are:

• Contract (Art. 6.1.b): account, purchase, and subscription handling.
• Consent (Art. 6.1.a): email signups for the free guide.
• Legitimate interest (Art. 6.1.f): server logs for abuse prevention.

You can request a copy of your data, ask us to delete it, or withdraw consent at any time. Email hallo@architectwithin.com and we respond within 30 days. If you are in the EU you also have the right to complain to your local data protection authority (in the Netherlands: Autoriteit Persoonsgegevens).

Architect Within is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe a minor has used the service, contact us and we will delete the data.

Account data is kept while your account is active and for 90 days after deletion. Stripe payment records are retained for 7 years as required by Dutch tax law. Server logs: 30 days.

We update this policy when something material changes. The date at the top reflects the latest revision. Past versions are available on request.