Privacy Policy
Effective date: June 1, 2026 Last updated: June 1, 2026
Note to readers of the repo: This is a starting draft, not final legal text. A qualified attorney must review before publication. It is informed by Token of Esteem's actual data practices as defined in
database-schema.mdbut is not jurisdictionally hardened or reviewed against the specific obligations of every region we operate in. Treat it as a working draft.
Token of Esteem ("we," "us") respects your privacy. This Privacy Policy explains what information we collect, how we use it, how we share it, how long we keep it, and what rights you have. It applies to the website tokenofesteem.com, the Token of Esteem API and MCP server, and the booklets we produce on your behalf.
By using the Service you accept the practices described here.
1. Information we collect
We collect only what we need to operate the Service. Specifically:
Account information. When you create an account, we collect your email address and (optionally) a display name. We collect a payment method via Stripe; we do not store full card numbers ourselves.
Brief content. When you (or your authorized AI agent) submit an order, we collect the structured brief you provide. This includes a recipient first name, a list of qualities to celebrate, a list of permitted teasing points, in-jokes, off-limits topics, and the voice and tone you choose.
Recipient information. For each order, we collect the recipient's first name and full shipping address (name, street, city, region, postal code, country, and optional phone number). Shipping addresses are encrypted at rest.
Generated content. We retain the manuscript text and cover image our system generates for your order, as a record of what was produced.
Operational data. We collect logs of your API calls and account activity, including timestamps, IP address, user agent, and the specific actions you or your agents perform. This is used for security, abuse prevention, and operational support.
Webhook configuration. If you configure webhooks to receive event notifications, we store the destination URLs and a signing secret.
2. Information we do not collect
We do not collect:
- The recipient's email address or any contact information besides the shipping address
- Information about people other than the named recipient
- Sensitive personal information (race, religion, sexual orientation, health information) — submitting such information in briefs is prohibited under our Acceptable Use Policy
- Browsing data outside our website
- Information from social media, public profiles, or third-party data brokers
3. How we use information
We use the information we collect to:
- Process and fulfill your orders, including AI-generated content production, content review, printing, and shipping
- Authenticate you and authorize agents you have configured
- Charge your payment method and prevent fraud
- Send you transactional emails (order confirmation, shipping notification, refusal notice)
- Deliver webhooks you have subscribed to
- Comply with legal obligations, including tax and financial recordkeeping
- Improve the Service in aggregate and anonymized form
We do not use brief content, manuscripts, or recipient information for marketing, advertising, or AI model training.
4. How we share information
We share information only as needed to deliver the Service:
With our payment processor (Stripe). Payment data is processed by Stripe under their Privacy Policy. We share your name, email, and the amount of the transaction. We do not store full card numbers.
With our print fulfillment partner (Lulu). To print and ship your booklet, we share the recipient's shipping information, the print-ready PDF, and the product specifications with Lulu. Lulu processes this data under their Privacy Policy.
With our AI model providers (currently Anthropic, fal.ai, Google AI, OpenAI as applicable). Briefs and manuscripts are sent to these providers as inputs to generation. The providers operate under their respective privacy and data use policies, which forbid training on our API traffic.
With our infrastructure providers. Hosting, database, storage, email delivery, monitoring, and similar service providers process information on our behalf under data processing agreements.
For legal reasons. We may disclose information when required by law, subpoena, or court order, or to investigate and respond to suspected violations of our Terms.
In a business transaction. If Token of Esteem is acquired or merges with another company, your information may transfer to the acquiring entity, subject to this Privacy Policy.
We do not sell your information. We do not share information with advertisers or data brokers.
5. AI model providers and your content
When we generate a manuscript or cover for your order, we send your brief and (for cover validation) intermediate outputs to AI model providers via their APIs. These providers (currently Anthropic, fal.ai, Google AI, OpenAI) have committed in their API terms not to train models on API-submitted data, and we configure our use of their APIs to enable any opt-out controls they provide.
The text and images produced for your order are generated specifically for you and are not retained or reused by us beyond what is required for fulfillment, audit, and dispute resolution.
6. Retention
We retain information only as long as we need it. Our retention schedule:
| Data | Retention period |
|---|---|
| Active account data | While your account is active |
| Closed account data | 7 years from closure, for financial recordkeeping |
| Brief content | 7 years, for audit and dispute resolution |
| Manuscript content | 7 years |
| Recipient shipping addresses | 7 years (encrypted), shipping name retained, full address re-encrypted for archive after 90 days |
| Cover image asset files | 30 days post-delivery |
| API logs and access logs | 90 days |
| Webhook delivery records | 90 days |
| Idempotency keys | 24 hours |
| Audit log | 7 years (compliance) |
Where shorter retention is required by law in your jurisdiction, we follow the shorter period.
If you delete your account, we retain financial records (orders, charges, refunds, invoices) as required by law but redact identifying information from non-financial records. See section 9 for your erasure rights.
7. Security
We protect information using:
- Encryption in transit (HTTPS for all web and API traffic)
- Encryption at rest (database storage, file storage)
- Column-level encryption for sensitive fields (shipping addresses, webhook signing secrets)
- Hashed storage of API tokens (we cannot recover a lost token)
- Access controls (least privilege, audit logged)
- Regular security review and patching of dependencies
No system is perfectly secure. We cannot guarantee absolute protection. We notify affected users and relevant regulators of any data breach as required by law.
8. Cookies and tracking
We use cookies and similar technologies for:
- Authentication (keeping you signed in)
- Security (CSRF protection, session integrity)
- Functional preferences (theme, language)
- Anonymous analytics (page views, performance metrics) — no third-party advertising trackers
We do not use:
- Third-party advertising cookies
- Cross-site tracking
- Fingerprinting
- Marketing analytics that profile you across sites
You can disable cookies in your browser. Authentication will not function without session cookies.
9. Your rights
Depending on where you live, you have the following rights regarding your personal information:
Access. You may request a copy of the information we hold about you.
Correction. You may correct inaccurate information through your account settings or by emailing us.
Deletion (right to be forgotten). You may request that we delete your information. We will delete what we can while retaining what we must for legal or financial recordkeeping. See section 6.
Portability. You may request a machine-readable export of your information.
Objection. You may object to certain processing.
Withdrawal of consent. Where we rely on consent, you may withdraw it.
Complaint. You may lodge a complaint with the data protection authority in your jurisdiction.
To exercise any of these rights, email support@tokenofesteem.com. We will respond within 30 days. We may need to verify your identity before fulfilling certain requests.
Erasure requests are processed with a 24-hour confirmation delay (in case the request was made in error or by an unauthorized person). The delay can be skipped on explicit confirmation.
10. California residents (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:
- The right to know what categories of personal information we collect, the sources, the purposes, and the categories of recipients
- The right to access the specific personal information we hold about you
- The right to delete your personal information, subject to legal exceptions
- The right to correct inaccurate personal information
- The right to opt out of the sale or sharing of personal information (we do not sell or share for advertising)
- The right not to be discriminated against for exercising these rights
The categories of personal information we collect are: identifiers (email, name), payment information, internet activity (logs), and customer service records.
We do not sell or share personal information for cross-context behavioral advertising.
To exercise these rights, email support@tokenofesteem.com.
11. European Economic Area, United Kingdom, and Switzerland residents (GDPR)
If you are in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation and analogous laws.
Lawful basis for processing. We process your information under the following bases:
- Contract: Processing necessary to provide the Service you have purchased.
- Legitimate interest: Processing necessary for fraud prevention, security, and Service operation.
- Legal obligation: Processing required by tax, financial, or other laws.
- Consent: Processing where you have provided consent (rare; mostly limited to optional features).
International transfers. We are based in the United States. Information you provide is transferred to and processed in the United States. Where required, we rely on Standard Contractual Clauses or other valid transfer mechanisms.
Data protection officer. We do not currently have a designated DPO under GDPR Article 37 thresholds. Privacy inquiries are handled at support@tokenofesteem.com.
Supervisory authority. You have the right to lodge a complaint with your local data protection authority.
12. Children's privacy
The Service is not directed to children under 13. We do not knowingly collect information from children under 13. If we learn that we have collected such information, we will delete it.
Briefs about recipients under 18 are subject to special content rules (only celebration content permitted; no teasing or sexual content of any kind). See our Acceptable Use Policy.
13. Recipient rights
If you are a recipient of a Token of Esteem booklet and you wish to know what information we have about you, you may contact support@tokenofesteem.com with proof of identity. The information we typically have about a recipient is:
- A first name
- A shipping address
- Any brief content the buyer submitted about you
- Whether one or more booklets have been shipped to you
Recipients may request deletion of their information. Deletion does not retroactively recall booklets that have already shipped. Future orders from buyers who attempt to ship to a deleted recipient address will be blocked unless the recipient provides separate consent.
This recipient-rights process is provided beyond what some privacy laws strictly require, because we believe people who receive gifts should be able to know what is held about them.
14. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will post the updated version at tokenofesteem.com/privacy and update the "Last updated" date. For material changes, we will notify you by email at least 30 days in advance.
Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.
15. Contact
For privacy questions, requests, or complaints:
support@tokenofesteem.com
Token of Esteem, a service of Rocket Web Inc. 12175 Visionary Way, Fishers, IN 46038