Back to Co-You

Legal

Privacy Policy

Effective date: April 20, 2026

Co-You is an owned brand of SummitPath Strategies, LLC. These terms govern how SummitPath Strategies, LLC collects, uses, stores, and delivers services through Co-You.

This Privacy Policy explains how SummitPath Strategies, LLC ("SummitPath," "we," "our," or "us") collects, uses, stores, and shares information when you use Co-You, including the assessment, extraction, generated configuration files, and related purchase or access flows.

1. What We Collect

Depending on how you use Co-You, we may collect:

  • account and contact information, including your first name and email address
  • access and purchase records, including cohort code use, promo code use, and Stripe checkout metadata
  • assessment answers, extraction answers, depth follow-up responses, and the AI-generated files created from those responses
  • technical and usage information, including device, browser, approximate location, IP-derived metadata, page flow, session progress, and performance diagnostics
  • analytics and advertising optimization data, including cookies and similar identifiers used to understand visitor behavior, funnel dropoff, returning users, and advertising attribution

2. How We Use Information

We use information to:

  • operate, secure, and improve Co-You
  • authenticate users and control access to paid or cohort features
  • generate and store your configuration files and related outputs
  • process payments and send transactional emails
  • understand product performance, conversion bottlenecks, and usage patterns
  • communicate product, service, and marketing updates to users who provide an email address
  • improve future versions of Co-You using aggregated or de-identified response patterns, output quality signals, and system performance data

3. AI and Model Improvement

Your prompts, answers, and outputs may be processed by third-party AI providers in order to generate your results. We may also analyze aggregated or de-identified response and output data to improve future iterations of Co-You.

We do not intentionally use directly identifying personal information from your account to train internal models. Our goal is to learn from patterns, not from identifiable personal dossiers.

Co-You currently uses Anthropic's Claude API for inference. Anthropic states that API-submitted data is not used to train Anthropic's public models by default.

4. Where Your Data Is Stored and Processed

Co-You relies on third-party infrastructure. Your information may be stored, transmitted, or processed on systems operated by:

  • Supabase, for database, authentication, and application storage
  • Anthropic, for AI inference and structured output generation
  • Stripe, for payment processing and checkout operations
  • Resend, for transactional email delivery
  • Railway, for hosting, application runtime, and operational infrastructure

These providers may process data on servers outside your home country, including in the United States. If you access Co-You from outside the United States, you understand that your data may be transferred to and processed in the United States and other countries where our vendors operate.

5. Security

We use commercially reasonable measures to protect the information we control, including encrypted connections in transit, access controls, row-level access restrictions in our database, and vendor-managed security controls. However, no storage or transmission method is completely secure, and we cannot guarantee absolute security.

If we become aware of a security incident affecting personal information, we will provide notice as required by applicable law and as reasonably practicable under the circumstances.

6. Data Retention

Unless a longer retention period is required by law, we retain account, session, output, and access records for up to 24 months after collection or last activity. We may retain limited records longer where reasonably necessary for fraud prevention, dispute resolution, tax, accounting, or legal compliance.

7. Your Rights and Choices

Depending on where you live, you may have rights to request access, correction, deletion, or a copy of the personal information we maintain about you. You may also request that we stop using your information for certain marketing communications.

To make a privacy request, email support@coyou.ai. We may need to verify your identity before completing certain requests.

8. Cookies, Analytics, and Advertising

We may use cookies, analytics tools, and similar technologies to recognize returning visitors, understand how far users progress through the site, improve product and advertising performance, and support attribution from marketing platforms. If we materially expand our use of cookies or analytics tools, we may update this Privacy Policy and any applicable consent flows.

9. Marketing Communications

By providing your email address, you understand that we may send both transactional and marketing communications related to Co-You or related SummitPath offerings. You may opt out of marketing emails using the unsubscribe instructions included in those messages. Transactional or service-critical messages may still be sent when necessary.

10. Children

Co-You is not intended for children under 18, and we do not knowingly collect personal information from children under 18.

11. Cohort and Aggregated Insight Disclosure

We do not intend to expose one user's private answers or generated files to another user in a cohort. If we share cohort-level or program-level insights, those insights may be aggregated or de-identified trends derived from participant activity.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date above. Material changes may also be disclosed through the service or by email where appropriate.

13. Contact

If you have questions about this Privacy Policy or how Co-You handles information, contact SummitPath Strategies, LLC at support@coyou.ai.