Session Two

Privacy Policy

Last updated: 2026-04-28

Placeholder. This document is a stub. The production Privacy Policy is generated by our policy provider and will replace this page before public launch.

What we collect

  • Account info from your Google sign-in: email, name, avatar.
  • Content you upload to your projects (markdown files, images).
  • Billing data via Stripe (we do not store card numbers).
  • Usage analytics via PostHog when you have not opted out.

How we use it

To provide the service, communicate with you about your account, process payments, and improve product quality. We do not sell personal information.

Sharing

We use service providers (Auth.js OAuth providers, Stripe, AWS, PostHog) bound by contract to handle data only on our instructions.

Your choices

  • Access & export: request a JSON export of your data from Settings.
  • Deletion: delete your account from Settings; we remove your content and personal data.
  • Analytics: opt out from Settings. PostHog tracking will be disabled for your account.
  • California / state privacy rights: contact privacy@sessiontwo.com to exercise your rights under CCPA/CPRA or other applicable state privacy laws.

Children

Session Two is not directed to children under 13. We do not knowingly collect personal information from children under 13.

Regional availability

Session Two is not currently offered to residents of the European Economic Area, the United Kingdom, or Switzerland. Sign-ups from these regions are blocked.

Contact

Questions: privacy@sessiontwo.com.