CHIDUSH
Log InJoin Waitlist

Privacy Policy

Chidush Coach (Beta)

Last updated: February 26, 2026

Beta Product Notice

Chidush Coach is currently in beta. This means our features, data practices, and this policy may evolve as we develop the product. We will notify users of material changes. Your continued use of the platform after changes constitutes acceptance of the updated policy.

1. Introduction

Chidush (“we,” “us,” or “our”) operates Chidush Coach, an AI coaching platform designed to help Jewish nonprofit professionals identify automation opportunities, build technology solutions, and develop AI literacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

By creating an account, accepting the beta agreement during onboarding, or continuing to use the platform, you acknowledge that you have read and agree to the practices described in this policy. If you do not agree, please discontinue use of the platform and contact us to request deletion of any data already collected.

2. Information We Collect

2.1 Information You Provide Directly

  • Account & Profile Information: Full name, email address, position/role, and location when you create an account or join the waitlist.
  • Organization Information: Organization name, type, size, and mission statement, provided during onboarding.
  • Professional Context: Your key responsibilities, current tools and software you use, AI experience level, biggest operational challenges, and estimated hours spent on manual work. This information is collected during onboarding to personalize your coaching experience.
  • Conversation Content: Messages you send during coaching sessions, including discovery, building, and measurement conversations with the AI coach.
  • Feedback: Ratings (thumbs up/down) and written feedback you provide about AI responses or the platform.
  • Impact Measurements: Information you voluntarily report about time saved, workflow changes, and qualitative outcomes from using solutions recommended by the coach.
  • Support Communications: Messages you send to our support team.

2.2 Information Collected Automatically

  • Authentication Data: Session tokens and authentication state managed by our database provider (Supabase) to keep you logged in.
  • Activity Timestamps: When you created your account and when you were last active on the platform.

2.3 Information We Do Not Collect

  • We do not use third-party analytics or tracking tools (no Google Analytics, no tracking pixels).
  • We do not use advertising cookies or behavioral tracking.
  • We do not collect payment or financial information (the platform is free during beta).
  • We do not collect information about your device, browser, or IP address beyond what is necessary for standard web hosting.

3. How We Use Your Information

We use your information for the following purposes:

  • Providing the Service: Your profile and professional context are used to personalize AI coaching conversations. This information is sent to our AI provider to generate relevant, tailored recommendations.
  • Improving the Platform: Conversation transcripts, feedback, and usage patterns help us understand what works well and what needs improvement. During the beta period, a small number of authorized team members (currently limited to the founder and up to two designated team members) may review conversations to evaluate AI coaching quality and accuracy. This access is logged and limited to what is necessary for product improvement.
  • Communication: Your email address is used to send you waitlist updates, beta invitations, measurement reminders, and important platform notifications.
  • Research & Insights: We may use aggregated, de-identified data to understand trends in nonprofit technology adoption and publish insights that benefit the sector. Individual users will never be identified in any published research without explicit consent.
  • Platform Security: Authentication data is used to secure your account and ensure only you can access your information.

4. AI Processing & Third-Party Services

To provide AI coaching, we share certain data with the following third-party service providers:

Anthropic (Claude AI)

Your profile information (name, role, organization details, current tools) and conversation messages are sent to Anthropic's Claude API to generate coaching responses. Anthropic processes this data according to their privacy policy. Per Anthropic's API data policy, data sent through the API is not used to train their models.

Supabase

All user data, conversations, and platform content are stored in a Supabase-hosted PostgreSQL database with row-level security, meaning each user can only access their own data. Supabase also provides our authentication system.

Resend

Your name and email address are shared with Resend to deliver transactional emails such as waitlist confirmations, beta invitations, and measurement reminders.

Vercel

The platform is hosted on Vercel, which processes web requests necessary to serve the application.

We do not sell your data to any third party. We do not share your data with advertisers, data brokers, or any parties beyond those listed above.

5. Data Security

We implement the following measures to protect your data:

  • Row-Level Security (RLS): Database-level enforcement ensures users can only access their own data. Even in the event of an application-level vulnerability, the database prevents cross-user data access.
  • Secure Authentication: Accounts are created through a secure invite-only process with time-limited, single-use tokens. Passwords are hashed and managed by Supabase Auth.
  • Encrypted Connections: All data in transit between your browser and our servers is encrypted via HTTPS/TLS.
  • Limited Access: Only authorized administrators can access platform management features, and admin access is controlled through database-level flags.

While we take reasonable measures to protect your information, no system is 100% secure. As a beta product, we are continuously improving our security practices. If you discover a security vulnerability, please contact us at shalom@chidush.org.

6. Data Breach Notification

In the event that we become aware of a security breach that results in unauthorized access to your personal data, we will notify affected users within 72 hours of confirming the breach. Notification will be sent via email to the address associated with your account. The notification will include a description of the breach, what data was affected, steps we are taking to address it, and recommended actions for you to protect yourself.

If required by applicable law, we will also notify relevant regulatory authorities within the required timeframe.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide you with the service. Specifically:

  • Account & Profile Data: Retained for the duration of your account.
  • Conversation History: Retained to provide continuity in coaching sessions and to improve the platform. You may request deletion at any time.
  • Waitlist Data: Retained until you sign up or request removal.
  • Feedback & Impact Data: Retained to improve the platform. May be kept in aggregated, de-identified form even after account deletion for research purposes.

When you delete your account, all associated data — including your profile, conversations, opportunities, feedback, and impact measurements — is permanently removed from our active database. Residual copies in encrypted backups are automatically purged within 30 days of account deletion.

8. What Happens to Your Data if Chidush Ceases Operations

If Chidush ceases operations or the Chidush Coach platform is discontinued, we will notify all active users at least 30 days in advance via email. During that period, you will have the opportunity to export or request a copy of your data. After the notification period, all user data will be permanently deleted from our systems and third-party service providers. We will not sell, transfer, or otherwise share user data as part of any wind-down or asset sale without your explicit consent.

9. Your Rights

You have the following rights regarding your personal information:

  • Access: You can request a copy of the personal data we hold about you.
  • Correction: You can request that we correct inaccurate information.
  • Deletion: You can request that we delete your account and all associated data. When your account is deleted, all related records — including conversations, feedback, opportunities, and profile information — are permanently removed from our database.
  • Portability: You can request your data in a portable format.
  • Opt-Out: You can stop using the platform at any time. You may also opt out of non-essential emails by contacting us.

To exercise any of these rights, contact us at shalom@chidush.org. We will respond to requests within 30 days.

10. Children's Privacy

Chidush Coach is designed for nonprofit professionals and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can promptly delete it.

11. Changes to This Policy

As Chidush Coach is in beta, this policy may be updated as we add features or change our data practices. We will notify you of material changes via email or through a notice on the platform. The “Last updated” date at the top of this page reflects the most recent revision.

12. Jurisdiction

This Privacy Policy is governed by the laws of the State of Georgia, United States, without regard to its conflict of law provisions. By using Chidush Coach, you consent to the jurisdiction of courts located in Georgia for any disputes related to this policy.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at:

Chidush

Email: shalom@chidush.org