Privacy Policy

This policy explains what personal data Second Vision (operated by Hidden Builders) collects, how we use it, and the choices you have. It applies to the Second Vision web and mobile apps.

Depending on how you use the Service, we collect:

• Account data: your phone number, email address, or Google account identifier, and basic profile details you provide.
• Gameplay and assessment data: game sessions, scores, assessment responses, and the insights derived from them.
• Peer feedback data: invitations you send (including reviewer names and email addresses you provide) and the responses reviewers submit.
• AI coach data: messages you exchange with the AI coach and related context, used to generate responses.
• Payment data: purchase history and transaction references. Card and payment details are processed by Razorpay or Dodo Payments and are not stored by us.
• Technical data: anonymous, aggregated usage analytics (page views and product events) via Vercel Analytics, which does not use cookies or track you across sites.

We use your data to:

• Provide the Service: run games and assessments, compute insights, deliver peer feedback, and operate the AI coach.
• Verify your identity: your phone number is used to send one-time verification codes for login. We do not use your phone number for marketing messages.
• Process purchases and maintain your token balance.
• Keep the Service secure, including audit logging of sensitive operations.
• Understand aggregate product usage through anonymous analytics.

Sensitive personal data is encrypted at rest using AES-256-GCM. This includes phone numbers, reviewer names and email addresses attached to feedback invitations, and the content of your AI coach conversations and reflections. Data is transmitted over encrypted (HTTPS) connections.

No method of storage or transmission is completely secure, but we apply industry-standard safeguards and limit access to personal data.

The web app stores your authentication tokens and basic profile data in your browser’s local storage so you stay signed in.

We set a small number of first-party cookies prefixed "exp_" that remember which version of a page you were shown when we test copy variations (A/B experiments). These cookies contain only the variant letter, last up to 90 days, and are not used to identify you or track you across other sites.

Our analytics provider (Vercel Analytics) is cookieless and collects anonymous, aggregated usage data only.

We do not sell your personal data. We share data only with the service providers needed to operate the Service:

• Twilio — sends SMS verification codes to your phone number.
• Google — if you sign in with Google (OAuth).
• Razorpay and Dodo Payments — payment processing.
• AI model providers (Google Gemini) — process your AI coach messages to generate responses.
• Infrastructure and hosting providers that store and serve the Service.

Feedback you receive is shown to you in aggregated or attributed form depending on the feature. If you invite someone to review you, the information you provide about them (name, contact detail) is used to deliver and manage that invitation.

You can export all of your data as a JSON file at any time from Settings → Account ("Export my data").

You can permanently delete your account and all associated data from Settings → Account. Deletion requires explicit confirmation and is irreversible.

Depending on where you live, you may have additional rights (access, correction, portability, objection). To exercise them, contact us at the address below.

We keep your data while your account is active. When you delete your account, your personal data is deleted. Retention periods for backups, logs, and legally required records: [TODO legal review — define concrete retention periods].

The Service is not directed at children. Minimum age and parental-consent handling: [TODO legal review — align with terms and applicable law (e.g., COPPA/GDPR-K)].

Our service providers may process data in countries other than where you live. Transfer mechanisms and governing law: [TODO legal review].

We may update this policy from time to time. If we make material changes, we will take reasonable steps to notify you.

Questions or privacy requests: hello@hiddenbuilders.com.