Last updated: November 9, 2025
All infra is provisioned/managed by Heroku (in US-based AWS regions), and uses their HA failover. Data is encrypted at rest using AES-256, and TLS 1.2+ in transit. The tool is ephemeral, and wipes data older than 3 months.
The codebase is continuously scanned using GitHub Dependabot to patch vulnerable libraries. Critical vulnernabilities are patched within 7 days of public disclosure.
This site uses a session ID cookie to track which difficulty you selected. No marketing cookies or analytics JS plugins of any kind.
Heroku Postgres maintains rolling database backups, and prunes old snapshots automatically over time. Backups can be restored in minutes, and are captured at least once every 24 hours.
Inactive chats are auto-deleted after 3 months. I'm not training LLMs on the data you enter. Email support@replicate.info to request immediate deletion. It won't get stuck in a Postgres backup forever.
All vendors are GDPR compliant, offer Standard Contractual Clauses (SCCs), and underwent security review prior to onboarding. This is the complete list. No additional tools (e.g., Google Analytics) are used beyond those listed here.
Stores immutable, append-only audits for admin actions (e.g., data removal) with AES-256 at rest.
Used for infrastructure telemetry and monitoring (e.g., CPU, memory, service health).
Used for application infra and encrypted storage. All workloads run in isolated containers with TLS 1.2+ enforced, and AES-256 encryption at rest. Includes managed Heroku Postgres + Redis instances.
OpenAI's API powers the real-time content generation for the chat. None of your data is persisted by OpenAI. None of it is used to train their models. The prompting is ephemeral.
Used for incident alerting and on-call scheduling. May store system-level alerts with metadata (e.g., timestamps, service names). No user-submitted content.
Used for infrastructure log aggregation and retention. Some logs may include metadata related to coaching email delivery (e.g. timestamps, team IDs).
Used for internal error tracking and debugging. Some error logs may include technical metadata (e.g., error messages, timestamps, team IDs).