Introduction
This Privacy Policy explains how Jumping Ahead Corp. ("we," "us," "our," or "Company") collects, uses, discloses, and protects your personal information when you use the ArchonDev website, CLI tool, and related AI-powered development governance services (collectively, the "Services").
ArchonDev is an AI-powered development governance platform providing a CLI tool for architectural enforcement and autonomous code execution. Our platform uses AI models (Anthropic, OpenAI, Google) for planning and execution of development tasks.
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy regulations.
By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.
1. Information We Collect
1.1 Information You Provide to Us
Account Registration Information:
When you create an account, we collect:
- Full name (first and last name)
- Email address
- Password (stored in encrypted form)
- Company name (optional)
- Phone number (optional)
Payment Information:
When you subscribe to our paid Services, we collect:
- Billing name and address
- Payment method information (processed securely through Stripe)
- Subscription plan details
- Transaction history
Note: We use Stripe as our payment processor. Credit card numbers and financial information are collected and processed directly by Stripe. We do not store complete credit card numbers on our servers. Please review Stripe's privacy policy.
API Keys (BYOK - Bring Your Own Key):
If you use our Free BYOK tier, we collect and securely store:
- Your AI provider API keys (Anthropic, OpenAI, Google) — encrypted at rest using AES-256
- Keys are used only to make API calls on your behalf and are never shared
Communications:
If you contact us directly, we may receive:
- Your name and contact information
- Contents of messages, attachments, or support tickets
- Feedback, survey responses, or testimonials
1.2 Information Automatically Collected
CLI Usage Data:
When you use the ArchonDev CLI, we automatically collect:
- Command execution metadata (commands run, timestamps, success/failure status)
- Token usage metrics (input/output tokens consumed per AI provider)
- Execution history (atom execution records, plan summaries)
- Architecture definitions (ARCHITECTURE.md content for governance validation)
- Device information: Operating system, CLI version
Website Usage Data:
- Device information: IP address, browser type and version, device type, operating system
- Log data: Pages visited, time and date of access, time spent on pages
- Referring sources: Websites or sources that referred you to our Services
Cookies and Tracking Technologies:
- Essential cookies: Required for the Services to function
- Analytics cookies: Help us understand usage patterns
- Preference cookies: Remember your settings
1.3 Information from Third-Party Sources
AI Model Providers:
Our Services use AI models from third parties (Anthropic, OpenAI, Google) to provide planning and execution capabilities:
- We send prompts and context to these providers for processing
- Subject to the providers' privacy policies and data processing agreements
- We use business/enterprise tier services with enhanced privacy protections where available
2. How We Use Your Information
2.1 To Provide Our Services
- Create and manage your account
- Process your subscription and payments
- Deliver architectural governance, adversarial planning, and autonomous execution features
- Track token usage for billing and quota management
- Store and retrieve your architecture definitions and execution history
- Provide customer support
2.2 To Process Payments and Manage Subscriptions
- Process subscription fees through Stripe
- Manage billing, invoicing, and payment reminders
- Handle refunds and cancellations (including our 30-day money-back guarantee)
- Prevent fraudulent transactions
2.3 To Communicate With You
- Send service-related notifications and updates
- Provide important account information
- Respond to your inquiries and support requests
- Send marketing communications (with your consent where required)
2.4 To Improve and Develop Our Services
- Analyze usage patterns to improve user experience
- Develop new features and functionality
- Test and optimize platform performance
- Create aggregate usage benchmarks (anonymized)
2.5 To Ensure Security and Prevent Fraud
- Monitor for security threats and suspicious activity
- Detect, prevent, and investigate unauthorized access
- Enforce our Terms of Service
2.6 For Legal Compliance
- Comply with applicable laws, regulations, and legal processes
- Respond to law enforcement requests and legal claims
- Maintain records for audit and tax purposes
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal basis for collecting and using your personal information includes:
Contract Performance: Processing is necessary to perform our contract with you (i.e., to provide the Services you've subscribed to).
Consent: You have given us clear consent to process your personal information for specific purposes, such as:
- Marketing communications
- Optional data collection
- Cookie usage (where consent is required)
Legitimate Interests: Processing is necessary for our legitimate business interests, including:
- Improving and developing our Services
- Security and fraud prevention
- Analytics and research
- Provided these interests are not overridden by your data protection rights
Legal Obligation: Processing is necessary to comply with applicable laws, regulations, and legal processes.
You have the right to withdraw your consent at any time and to object to processing based on legitimate interests.
5. International Data Transfers
Our Services are hosted in the United States, and our service providers may be located in various countries. If you access our Services from outside the United States, your information will be transferred to, stored, and processed in the United States.
5.1 For EEA, UK, and Swiss Users
We implement appropriate safeguards for international transfers:
- Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses for transfers from the EEA, UK, and Switzerland
- Adequacy Decisions: Where available, we rely on European Commission adequacy decisions
- Additional Safeguards: Encryption in transit and at rest, access controls, regular security assessments
By using our Services, you acknowledge and consent to the transfer of your information as described in this section.
6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy.
6.1 Specific Retention Periods
Active Accounts:
- Account information: Duration of subscription plus 90 days after cancellation
- Payment information: 7 years for accounting, tax, and legal compliance
- Usage data: 26 months or as long as your account is active
- API keys: Deleted immediately upon account deletion or upon your request
Execution History and Architecture Data:
- Execution history: Retained as long as your account is active, plus 90 days
- Architecture definitions: Retained as long as your account is active
- Token usage records: 26 months
Communications:
- Support tickets: 5 years
- Marketing email engagement: 3 years or until you unsubscribe
6.2 Deletion Process
When we no longer need your personal information, we securely delete or anonymize it. You can request deletion of your data at any time (see Section 7).
7. Your Rights and Choices
7.1 Rights Under GDPR (EEA, UK, Switzerland)
- Right to Access: Request a copy of the personal information we hold about you
- Right to Rectification: Request correction of inaccurate information
- Right to Erasure: Request deletion of your personal information
- Right to Restriction: Request that we limit how we use your information
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time
- Right to Lodge a Complaint: File a complaint with your local data protection authority
7.2 Rights Under CCPA (California Residents)
- Right to Know: Request information about data collection and sharing
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out of Sale: We do not sell your personal information
- Right to Non-Discrimination: Equal service regardless of privacy choices
- Right to Correct: Request correction of inaccurate information
7.3 How to Exercise Your Rights
Contact us at:
- Email: privacy@JumpingAhead.com
- Mail: Jumping Ahead Corp., 4281 Express Lane, Suite L7283, Sarasota, FL 34249
- Phone: (+1) 941-531-9897
7.4 Marketing and Communications
You can unsubscribe from marketing emails by clicking the "unsubscribe" link or contacting us. You cannot opt out of transactional emails.
8. Data Security
We implement comprehensive security measures to protect your personal information:
8.1 Technical Security Measures
- Encryption: TLS/SSL for data in transit, AES-256 for data at rest (including API keys)
- Access Controls: Multi-factor authentication, role-based access, principle of least privilege
- Network Security: Firewalls, DDoS protection, regular security patching
- Password Security: Passwords hashed using bcrypt, account lockout protections
8.2 Organizational Security Measures
- Regular security training for employees
- Incident response procedures
- Security assessments of third-party providers
8.3 Your Responsibility
You are responsible for maintaining the confidentiality of your password and API keys, using strong authentication, and notifying us immediately of any unauthorized access at security@JumpingAhead.com.
8.4 Data Breach Notification
In the event of a data breach, we will notify you within 72 hours (GDPR) or as required by applicable law, and report to relevant authorities as required.
9. Children's Privacy
Our Services are designed for businesses and developers and are not directed to children under the age of 18. We do not knowingly collect personal information from children under 18.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@JumpingAhead.com.
10. Third-Party Services and Links
10.1 Third-Party Websites
Our Services may contain links to third-party websites. We are not responsible for their privacy practices. Review the privacy policy of every website you visit.
10.2 AI Model Providers
Our Services use AI models from Anthropic, OpenAI, and Google:
- Prompts and context are sent to these providers for processing
- Subject to the providers' privacy policies and data processing agreements
- We use enterprise agreements where available that typically prevent training on your data
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Updating the "Last updated" date at the top
- Posting the new Privacy Policy on this page
- Email notification for material changes
Your continued use of the Services after changes constitutes acceptance of the updated Privacy Policy.
12. Do Not Track Signals
Our Services do not currently respond to DNT signals because there is no industry-wide standard. You can control tracking through browser cookie settings and our cookie consent tools.
13. State-Specific Privacy Rights
13.1 California Privacy Rights
California residents have rights under CCPA/CPRA. We do not share personal information with third parties for their direct marketing purposes.
13.2 Virginia Privacy Rights (VCDPA)
Virginia residents can: confirm processing, access, delete, obtain copies of data, and opt out of targeted advertising or sale of personal data.
13.3 Colorado Privacy Rights (CPA)
Colorado residents have similar rights to Virginia residents under the Colorado Privacy Act.
13.4 Connecticut Privacy Rights (CTDPA)
Connecticut residents can: confirm processing, access, correct, delete, obtain portable copies, and opt out of targeted advertising.
13.5 Utah Privacy Rights (UCPA)
Utah residents can: know about processing, access, delete, obtain copies, and opt out of targeted advertising and sale.
13.6 Nevada Privacy Rights
Nevada residents may opt out of sale of personal information. We do not sell personal information as defined under Nevada law.
13.7 Exercising State-Specific Rights
Contact us at privacy@JumpingAhead.com or (+1) 941-531-9897. We will respond within timeframes required by applicable state law.
13.8 Appeals Process
If we decline your request, you may appeal by emailing privacy@JumpingAhead.com. We will respond within 60 days. You may also contact your state Attorney General.
14. Contact Information
General Privacy Inquiries:
Email: privacy@JumpingAhead.com
Phone: (+1) 941-531-9897
Mail: Privacy Team, Jumping Ahead Corp., 4281 Express Lane, Suite L7283, Sarasota, FL 34249
Data Protection Officer:
Email: dpo@JumpingAhead.com
Mail: Data Protection Officer, Jumping Ahead Corp., 4281 Express Lane, Suite L7283, Sarasota, FL 34249
Security Concerns:
Email: security@JumpingAhead.com
Customer Support:
Email: techsupport@JumpingAhead.com
Phone: (+1) 941-531-9897
For EU/EEA/UK Residents:
EU Representative: dpo@JumpingAhead.com
You have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en
Summary of Key Points
What information do we collect?
Account information, payment details (via Stripe), API keys (encrypted), CLI usage data, token usage metrics, architecture definitions, and execution history.
How do we use your information?
To provide architectural governance and autonomous execution services, process payments, improve our platform, communicate with you, and ensure security.
Do we share your information?
We share with service providers (Stripe, Supabase, AI providers for processing), for legal compliance, or with your consent. We never sell your data.
What about API keys?
Your API keys are encrypted at rest using AES-256. They are used only to make AI API calls on your behalf and are deleted immediately upon your request or account deletion.
What are your rights?
You can access, correct, delete, or export your data. GDPR provides additional rights like data portability and right to be forgotten. CCPA provides rights to know, delete, and opt-out of sale (we don't sell data).
How do we protect your information?
Encryption (TLS/SSL, AES-256), access controls, MFA, regular security audits, incident response procedures.
How to contact us?
Email: privacy@JumpingAhead.com | Phone: (+1) 941-531-9897
Last updated: January 19, 2025
© 2025 Jumping Ahead Corp. All rights reserved.