Your privacy matters
I'm committed to protecting your personal information and being transparent about how I collect, use, and safeguard your data. This policy explains everything you need to know about data privacy at ViaProto.
Privacy is about trust. I only collect what will genuinely improve your learning experience, and I never sell your data.
- Chazona Baum, Creator of ViaProto
Privacy Policy
How ViaProto collects, uses, and protects your personal information
Last Updated: November 20, 2025
Table of Contents
- Introduction
- Information We Collect
- How We Use Your Information
- Third-Party Services
- Data Storage & Security
- Cookies & Tracking
- AI Model Providers
- Public Paths & Visibility
- Data Sharing & Disclosure
- Data Retention
- Your Privacy Rights
- GDPR Compliance
- Children's Privacy
- International Users
- Updates to This Policy
- Contact Information
1. Introduction
ViaProto ("I," "me," "my," or "the Service") is committed to protecting your privacy. This Privacy Policy explains how I collect, use, disclose, and safeguard your information when you use ViaProto.
By using ViaProto, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.
ViaProto is operated by Chazona Baum as a sole proprietorship based in the Commonwealth of Virginia, United States.
2. Information We Collect
2.1 Personal Information You Provide
When you create an account using Google OAuth or magic link, I collect:
• Email address: Used for account identification, authentication, and communication
• Name: Displayed on your profile and public paths (if shared)
• Profile picture: Your Google avatar for display in the app
2.2 Payment Information
When you subscribe to a paid plan:
• Payment details (credit card, billing address) are processed securely by Stripe, my payment processor
• I do not store or have access to your full payment card details
• Stripe provides me with a customer ID and subscription status only
2.3 Usage Data
I automatically collect certain information when you use ViaProto:
• Learning paths generated: Topics, skill levels, and AI models selected
• Path interactions: View counts, edit history, sharing settings
• Progress data: Resources marked complete, notes added (Pro/Team tiers)
• Device information: Browser type, operating system, IP address
• Log data: Access times, pages viewed, errors encountered
2.4 Cookies & Local Storage
I use cookies and local storage to:
• Maintain your login session
• Remember your preferences (e.g., selected AI model)
• Analyze site usage via analytics tools
You can disable cookies in your browser, but some features may not function properly.
3. How We Use Your Information
I use your information for the following purposes:
• Provide the Service: Generate learning paths, manage your account, process subscriptions
• Communication: Send transactional emails (account updates, password resets, subscription confirmations)
• Improve the Service: Analyze usage patterns, fix bugs, develop new features
• Compliance: Fulfill legal obligations, enforce terms of service, protect against fraud
• Marketing: Send occasional product updates or feature announcements (you can opt out)
I will never sell your personal data to third parties for marketing purposes.
4. Third-Party Services
ViaProto relies on the following third-party services, each with their own privacy policies:
• Supabase (Database & Authentication): Postgres database hosted in US/EU regions. Handles user authentication via Google OAuth. Privacy Policy
• Stripe (Payment Processing): PCI-compliant payment processor. I do not store your card details. Privacy Policy
• OpenRouter (AI Model Gateway): Routes prompts to AI providers (see Section 7). Privacy Policy
• Resend (Transactional Emails): Sends account emails and notifications. Privacy Policy
• Crisp Chat (Customer Support): Live chat widget for support inquiries. Privacy Policy
• DataFast (Analytics): Privacy-focused analytics to understand usage patterns. Privacy Policy
I carefully select service providers that prioritize data security and comply with applicable privacy laws.
5. Data Storage & Security
Storage:
• Your data is stored in Supabase-managed PostgreSQL databases
• Database servers are located in US or EU regions (configurable per deployment)
• Data is encrypted at rest and in transit (TLS/SSL)
Security Measures:
• Google OAuth for secure authentication (no passwords stored)
• Row-Level Security (RLS) policies in database to enforce access control
• Regular security updates and vulnerability monitoring
• Automated database backups
Important: No method of electronic storage is 100% secure. While I use industry-standard practices, I cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
7. AI Model Providers & Data Sharing
When you generate a learning path, your prompt (topic, skill level, preferences) is sent to AI model providers via OpenRouter.
AI Providers Include:
• Anthropic (Claude models) - Privacy Policy
• OpenAI (GPT models) - Privacy Policy
• Google (Gemini models) - Privacy Policy
• DeepSeek (DeepSeek models) - Privacy Policy
• Alibaba Cloud (Qwen models) - Privacy Policy
• Perplexity AI (Sonar models) - Privacy Policy
• Moonshot AI (Kimi models) - Privacy Policy
• Other providers available via OpenRouter (Meta, Amazon, etc.)
What Data Is Sent:
• Your learning topic and skill level
• Any custom instructions or preferences
• System prompts (e.g., "Generate a learning path for...")
What Is NOT Sent:
• Your name or email address
• Payment information
• Other learning paths you've created
Important: I do not control how AI providers process your prompts. Each provider has their own data retention and usage policies. By using ViaProto, you acknowledge that your prompts will be sent to the AI provider you select. You can choose which model to use for each path generation.
8. Public Paths & User Visibility
Free Tier:
All learning paths generated on the Free tier are public by default. This means:
• Your path is visible to all ViaProto users
• Your name (from your Google profile) is displayed as the creator
• Your path may appear in search results and the public browse page
Pro & Team Tiers:
Paths are private by default, but you can optionally share them publicly.
What Is Visible in Public Paths:
• Your name (as shown in your profile)
• Path title, topic, skill level, and estimated hours
• Curated resources (titles, links, descriptions)
What Is NOT Visible:
• Your email address
• Progress tracking data
• Personal notes
• Private paths
You are responsible for ensuring that public paths do not contain personal or sensitive information beyond what is automatically included.
9. Data Sharing & Disclosure
I do not sell, rent, or trade your personal information to third parties for their marketing purposes.
I May Share Your Data:
• With Service Providers: As described in Section 4, to operate the Service (Supabase, Stripe, Resend, etc.)
• With AI Providers: As described in Section 7, when you generate learning paths
• For Legal Compliance: If required by law, subpoena, or legal process
• To Protect Rights: To protect my rights, safety, or property, or that of users
• Business Transfers: In the event of a merger, acquisition, or sale of assets (users would be notified)
Public Information:
Any information you choose to share publicly (e.g., public learning paths) can be viewed and potentially copied by other users. Think carefully before sharing.
10. Data Retention
Active Accounts:
I retain your account data for as long as your account is active.
Account Deletion:
• You may request account deletion at any time by contacting privacy@viapro.to
• Upon deletion, your personal information (name, email, avatar) will be removed within 30 days
• Learning paths you created will either be:
◦ Deleted entirely (if private)
◦ Anonymized (if public, to preserve community resources)
Backup Retention:
• Database backups may retain your data for up to 90 days after deletion for disaster recovery purposes
• After 90 days, backups containing your data are permanently deleted
Legal Obligations:
I may retain certain data if required by law (e.g., for tax records, fraud prevention).
11. Your Privacy Rights
Depending on your location, you may have the following rights:
• Access: Request a copy of the personal data I hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your account and personal data
• Portability: Request a machine-readable copy of your data (e.g., your learning paths as JSON)
• Opt-Out: Unsubscribe from marketing emails (transactional emails cannot be disabled)
• Object: Object to certain data processing activities
How to Exercise Your Rights:
Email me at privacy@viapro.to with your request. I will respond within 30 days.
Note: Data export and deletion requests are currently handled manually. I will fulfill your request as quickly as possible, but please allow up to 30 days for processing.
12. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
Legal Basis for Processing:
• Contract Performance: Processing necessary to provide the Service (account management, path generation)
• Legitimate Interest: Improving the Service, fraud prevention, analytics
• Consent: Marketing emails (you can opt out at any time)
Data Transfers:
I use Supabase databases, which can be hosted in EU regions. However, some third-party services (e.g., Stripe, OpenRouter) may transfer data to the US or other countries. These transfers are protected by:
• Standard Contractual Clauses (SCCs)
• Adequate safeguards per GDPR Article 46
Right to Lodge a Complaint:
If you believe your data is being misused, you have the right to lodge a complaint with your local data protection authority (DPA).
13. Children's Privacy
ViaProto is not intended for users under the age of 18. I do not knowingly collect personal information from children under 18.
If I discover that a child under 18 has provided personal information, I will delete it immediately. If you believe your child has provided information to ViaProto, please contact me at privacy@viapro.to.
14. International Users
ViaProto is operated from the United States. If you access the Service from outside the US, your information may be transferred to, stored, and processed in the US or other countries.
By using ViaProto, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.
For EU users, see Section 12 (GDPR Compliance) for information about data transfer safeguards.
15. Updates to This Privacy Policy
I may update this Privacy Policy from time to time to reflect changes in my practices, technology, or legal requirements.
When I Update This Policy:
• The "Last Updated" date at the top will be revised
• For significant changes, I will notify you via email
• Your continued use of the Service after updates constitutes acceptance
I encourage you to review this Privacy Policy periodically to stay informed about how I protect your information.
16. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or how I handle your data, please contact me:
Privacy Inquiries: privacy@viapro.to
General Support: support@viapro.to
Security Issues: security@viapro.to
Website: viapro.to
I aim to respond to all privacy inquiries within 30 days.
ViaProto is operated by Chazona Baum
Last Updated: November 20, 2025