Privacy Policy

This policy describes how Cestia collects, uses, and protects information from users of the platform. By using Cestia, you agree to the practices described below. This policy should be read alongside our Terms of Use.

What we collect

Account information. When you sign in via OAuth, we receive your name and email address from the identity provider. We do not receive or store your password.

Queries and results. We log the questions you submit, the estimates produced, and associated metadata (timestamps, run IDs, concept specs, analysis plans). This data is used to operate the service, improve methodology, and detect abuse.

Usage data. We collect basic usage information such as request timestamps, API key usage, and error logs. We do not use third-party analytics or advertising trackers.

Cookies. Cestia uses only essential cookies required for authentication and session management. We do not use tracking cookies or advertising cookies.

How we use your information

We use collected information to: (a) operate and maintain the service; (b) improve the accuracy and reliability of estimates; (c) monitor for abuse, errors, and security issues; (d) communicate with you about your account or material changes to these policies. We do not sell your information to third parties. Queries may be processed by third-party AI services (such as Anthropic and Groq) to interpret statistical concepts. These services are subject to their own data handling policies. We do not use your queries to train AI models.

Data retention

Query history and associated results are retained for as long as your account is active, plus a reasonable period for audit and compliance purposes. You may request deletion of your query history by contacting us. Account information is retained until account termination, after which it is deleted or anonymized within 90 days.

Data sharing

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We may share data with: (a) infrastructure and service providers necessary to operate the platform, including cloud hosting, authentication, and third-party AI providers (such as Anthropic and Groq) that process queries as part of the statistical estimation pipeline; (b) as required by law or legal process; (c) to protect the rights, safety, or property of Cestia, its users, or the public.

Data security

We implement reasonable technical and organizational measures to protect your information, including encryption in transit (TLS) and at rest. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Cross-border data handling

Cestia is hosted in the United States. If you access the service from outside the U.S., your information may be transferred to and processed in the U.S. By using Cestia, you consent to this transfer.

Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data, or to object to or restrict certain processing. To exercise any of these rights, contact us at hello@cestia.ai. We will respond within 30 days.

Children

Cestia is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email or in-product notice. Continued use after changes are posted constitutes acceptance.

Last updated: April 2026. Questions: hello@cestia.ai