Skip to content

Privacy Policy (Draft)

DRAFT. This document is a working draft and is pending attorney review. It is not yet in effect.

Last updated: July 2, 2026 (draft)

1. Overview

This Privacy Policy explains how Tolstoi LLC (“we”, “us”) collects and uses personal information when you use the Semantic Code website and programs (the “Services”).

2. Information We Collect

  • Account data: email address, optional name.
  • Purchase data: what you bought, amount, payment status (not card numbers).
  • Learning activity: lesson views and progress inside your dashboard.
  • Technical data: IP address and browser information for security and rate limiting.

3. How We Use Information

We use your information to provide access to purchased programs, send sign-in links and payment confirmations, protect the Services from abuse, and improve the programs. We do not sell personal information.

4. Payment Processing

Payments are processed by Stripe, Inc. Your card details go directly to Stripe and never reach our servers. Stripe's handling of your data is described in Stripe's own privacy policy.

5. Emails

We send transactional emails (sign-in links, payment receipts, security notices) that are required for the Services to work. Marketing emails, if any, are optional and include an unsubscribe link.

6. Cookies and Sessions

We use a single HTTP-only session cookie to keep you signed in. We do not use third-party advertising cookies.

7. When We Share Information

We share data only with service providers needed to run the Services (payment processing, email delivery, hosting), or when required by law.

8. Data Retention and Deletion

Purchase records are kept as required for accounting and tax purposes. If you ask us to delete your account, we anonymize your personal data while keeping the financial records the law requires us to keep.

9. Your Privacy Rights

Depending on your state of residence, you may have rights to access, correct, or delete your personal information. Contact us to exercise them.

10. Security

Sign-in links are single-use and stored only as cryptographic hashes. Access to production data is restricted. No method of transmission is 100% secure, but we design the Services to minimize the data we hold.

11. Children

The Services are not directed to children under 13, and we do not knowingly collect their data.

12. Changes to This Policy

We may update this policy; the current version with its “Last updated” date is always on this page. Material changes will be announced by email.

13. Contact

Privacy questions: the contact email will be published here.