Privacy Policy
Effective February 10, 2026
What We Collect
When you use PlanPhD, we collect:
- Your email address (used for authentication)
- Profile information you provide during onboarding (field of study, career stage, goals, motivations, blockers)
- Conversation history with your AI advisor
- Weekly action plans and task completion records
- Artifacts you create through exercises (elevator pitch, values sort results, LinkedIn audit)
- Basic usage analytics (which features you use, when you use them)
- Feedback you submit through the beta feedback widget
How We Use Your Data
Your data is used to:
- Generate personalized weekly action plans based on your situation
- Power AI advisor conversations that reference your profile, history, and progress
- Track your progress and adapt recommendations over time
- Improve the service through anonymized, aggregated usage patterns
We do not sell your data. We do not use your data for advertising.
AI and Your Data
PlanPhD uses Anthropic's Claude API to power AI conversations and plan generation. When you chat with your advisor or generate a plan, relevant parts of your profile and conversation history are sent to Anthropic for processing.
PlanPhD does not train AI models on your data. Anthropic's data handling practices apply to content processed through their API. You can review Anthropic's policies at anthropic.com.
Data Storage
Your data is stored in a PostgreSQL database hosted by Supabase (infrastructure on AWS). All data access is protected by row-level security, meaning you can only access your own data through the application.
All connections use HTTPS encryption in transit. Authentication is handled by Supabase Auth with industry-standard session management.
Data Retention
Your data is retained for as long as your account is active. When you delete your account, all associated data is permanently removed, including your profile, conversation history, action plans, artifacts, and progress records. This deletion is immediate and irreversible.
Your Rights
You have the right to:
- Export your data — Download a complete JSON export of all your data from your profile settings page
- Delete your account — Permanently delete your account and all associated data from your profile settings page
- Access your data — View your profile, conversation history, plans, and artifacts at any time through the application
Cookies
PlanPhD uses session cookies for authentication only. We do not use third-party tracking cookies, advertising cookies, or analytics scripts from external providers.
Third-Party Services
PlanPhD uses the following third-party services:
- Supabase — Database hosting and user authentication
- Anthropic — AI processing for conversations and plan generation
- Vercel — Application hosting and delivery
We do not use advertising networks, data brokers, or social media tracking pixels.
University Licensing
If you access PlanPhD through a university license, your email domain is checked against our licensed institutions to verify your access. University administrators do not have access to your individual profile data, conversation history, or progress records.
Changes to This Policy
We may update this privacy policy as our practices evolve. Changes will be reflected on this page with an updated effective date.
Contact
Questions about this policy? Reach us at phdfyiteam@gmail.com.