ReasonSmith

Journal of Constructive Argument

Privacy Policy

Last Updated: January 2025

1. Introduction

ReasonSmith ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

Personal Information

When you create an account or use our Service, we may collect:

  • Email address
  • Display name, handle, and profile information
  • GitHub or Google account information (if using OAuth authentication)
  • Avatar or profile photo (stored via Nhost storage)
  • Communication and notification preferences
  • Bio and social media links (Twitter, GitHub, LinkedIn, Mastodon, Bluesky, etc.)
  • User role (user, site manager, admin) and permission levels

Content and Usage Data

  • Discussions, posts, and comments you create
  • Citations and sources you reference in Chicago-style format
  • Draft content stored locally and on servers
  • Revision history and version control data
  • Good-faith scores, analysis results, and moderation history
  • Analysis credit usage and purchase history
  • Rich text formatting and editor interactions
  • Interactions with other users' content (likes, replies, etc.)
  • Anonymous posting preferences and anonymous content metadata

Technical Information

  • IP address and device information
  • Browser type, version, and user agent
  • Operating system
  • Usage patterns and analytics data via Vercel Analytics
  • Log files and error reports
  • Session data and authentication tokens
  • Cookie data and local storage information
  • Performance metrics and page load times

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account with role-based permissions
  • Process authentication via GitHub, Google, magic links, or email/password
  • Generate good-faith scores using AI analysis from Anthropic Claude and OpenAI
  • Track and manage analysis credits (monthly and purchased)
  • Auto-save drafts locally and on servers to prevent data loss
  • Moderate content and enforce Community Guidelines
  • Enable citation network visualization through Neo4j
  • Process Editor's Desk featured content approvals
  • Maintain anonymous posting while enabling moderation
  • Communicate with you about the Service via notifications
  • Analyze usage patterns and improve user experience
  • Detect and prevent fraud, abuse, or security issues
  • Comply with legal obligations

4. AI-Assisted Content Analysis

ReasonSmith uses AI technology from multiple providers to analyze content for good-faith scoring:

AI Providers

  • Anthropic Claude: Primary AI provider for post and discussion analysis
  • OpenAI: Additional AI provider for content scoring and moderation

What We Analyze

  • Tone and language for constructive discourse
  • Citation quality and source credibility
  • Logical fallacies and argument structure
  • Claims and supporting arguments
  • Potentially hostile or bad-faith language patterns
  • Scoring on a 0-1 scale with detailed rationale

Data Processing

Content submitted for AI analysis is processed in accordance with our service providers' privacy policies (Anthropic's Privacy Policy and OpenAI's Privacy Policy). We do not use your content to train third-party AI models. Analysis is performed only when you explicitly request good-faith scoring and have available credits.

5. Local Storage and Drafts

ReasonSmith uses your browser's local storage to provide auto-save functionality:

What We Store Locally

  • Draft content as you type
  • Editor preferences and formatting settings
  • Authentication session state
  • UI preferences (theme, layout options)

Local Storage Behavior

  • Data persists in your browser even after closing the tab
  • Draft content is synced to our servers when online
  • Offline edits are saved locally and synced when connection restores
  • You can clear local storage through your browser settings
  • Local data is not accessible to other websites

6. Information Sharing and Disclosure

Public Content

Published discussions, posts, and comments are publicly visible. This includes your display name, avatar, handle, and any content you choose to publish. Anonymous posts do not display your identifying information publicly but may be linked internally for moderation purposes.

Service Providers

We share information with third-party service providers who help us operate:

  • Nhost - Backend infrastructure, authentication (GitHub/Google OAuth), database hosting (PostgreSQL), and file storage for avatars and media
  • Vercel - Frontend hosting and analytics
  • Anthropic - AI-assisted content moderation and good-faith scoring via Claude API
  • OpenAI - Additional AI-assisted content moderation and scoring
  • Neo4j - Citation network graph database for relationship visualization
  • GitHub/Google - OAuth authentication services

Citation Network Data

Citations and their relationships are stored in Neo4j, a third-party graph database service. This data includes citation details, source information, and connections between discussions. Citation network data is public when associated with published content.

Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes or government requests
  • Enforce our Terms of Service
  • Protect our rights, property, or safety
  • Investigate fraud or security issues
  • De-anonymize content when legally required or for safety concerns

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our Service of any such change.

7. Data Storage and Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure authentication with OAuth 2.0 and industry-standard protocols
  • Regular security audits and updates
  • Role-based access controls and authentication requirements
  • Database encryption at rest via Nhost/PostgreSQL
  • Secure storage of payment information through third-party processors
  • HTML sanitization to prevent XSS attacks
  • Rate limiting and abuse detection

Data Location

Your data is stored across multiple service providers:

  • PostgreSQL database (Nhost) - User accounts, content, citations
  • Neo4j graph database - Citation network relationships
  • Nhost storage - Uploaded files (avatars, media)
  • Vercel edge network - Static assets and serverless functions
  • Your browser's local storage - Draft content and preferences

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

8. Analysis Credits and Purchases

When you purchase analysis credits, we collect and process:

  • Payment information (processed by third-party payment processors)
  • Purchase history and transaction records
  • Credit usage tracking (monthly and purchased credits)
  • Monthly credit reset dates

Credit usage data helps us understand platform engagement and improve our AI analysis features. This data is retained for accounting, taxation, and fraud prevention purposes.

9. Anonymous Posting

When you post anonymously:

  • Your display name and profile are not shown publicly
  • Content is still internally linked to your account for moderation
  • We can identify you in cases of Terms violations or legal obligations
  • Good-faith scores and moderation actions still apply
  • Administrators can de-anonymize content if necessary

Anonymous posting provides public anonymity but not complete anonymity from platform administrators or in cases of legal compliance.

10. Data Retention

We retain your information for as long as:

  • Your account remains active
  • Necessary to provide the Service
  • Required to comply with legal obligations
  • Needed to resolve disputes or enforce agreements
  • Draft content remains in your account (retained for recovery purposes)

Published Content

Published content may remain in public archives even after account deletion, though it will be disassociated from your personal information. Citation network relationships may persist for editorial and research integrity.

Deleted Drafts

Deleted drafts are removed from our servers within 30 days. Local storage data must be cleared manually through your browser settings.

11. Your Rights and Choices

Access and Correction

You can access and update your profile information, handle, bio, social links, and preferences through your account settings at any time.

Data Portability

You may request a copy of your data in a portable format (JSON) by contacting us at privacy@reasonsmith.com. This includes your discussions, posts, citations, and usage history.

Deletion

You may delete your account at any time through your profile settings. Upon deletion:

  • Personal information will be removed from our active systems
  • Published content may remain in archives but will be anonymized
  • Citation network relationships may persist for research integrity
  • Purchased credits will be forfeited
  • Local storage data must be cleared manually

Anonymous Posting

You can choose to post anonymously on a per-post basis. This setting does not affect your profile information or previously published identified posts.

Communication Preferences

You can manage notification preferences in your account settings, including:

  • Email notifications for replies and mentions
  • Editor's Desk approval requests
  • Good-faith analysis results
  • Platform updates and announcements

You can opt out of marketing communications while continuing to receive essential service-related emails.

12. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your session and authentication state
  • Remember your preferences and settings
  • Analyze usage patterns with Vercel Analytics
  • Improve performance and user experience
  • Track feature usage for product development

Types of Cookies

  • Essential Cookies: Required for authentication and core functionality
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how users interact with the platform

You can control cookie preferences through your browser settings, though some features may not function properly without essential cookies. Third-party services (GitHub, Google) may set their own cookies during OAuth authentication.

13. Third-Party Links and Citations

ReasonSmith may contain links to external websites, sources, and citations. We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies.

When you include citations, you may be linking to third-party sources. We do not control the content or privacy practices of cited sources.

14. Children's Privacy

ReasonSmith is not intended for users under 13 years of age. We do not knowingly collect information from children under 13. If we discover we have collected information from a child under 13, we will delete it promptly.

Parents or guardians who believe their child has provided personal information should contact us immediately at privacy@reasonsmith.com.

15. International Data Transfers

Your information may be transferred to and processed in countries outside your jurisdiction, including:

  • United States (Vercel, OpenAI, Neo4j)
  • European Union (Nhost, depending on configuration)
  • Cloud infrastructure locations used by our service providers

We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws (GDPR, CCPA, etc.).

16. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to access your personal information
  • Right to delete personal information
  • Right to equal service and price

Note: We do not sell personal information to third parties.

To exercise these rights, contact us at privacy@reasonsmith.com.

17. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Legal Basis for Processing: We process your data based on:

  • Your consent (e.g., account creation, AI analysis requests)
  • Contract performance (providing the Service)
  • Legitimate interests (improving the platform, fraud prevention)
  • Legal obligations (compliance with laws)

To exercise your GDPR rights or contact our Data Protection Officer, email privacy@reasonsmith.com.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The "Last Updated" date at the top indicates when the policy was last revised.

Material changes affecting data processing, third-party services, or your rights will be communicated at least 30 days in advance when possible.

19. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at:

Email: privacy@reasonsmith.com

Legal Inquiries: legal@reasonsmith.com

Data Protection Officer: For GDPR-related inquiries, contact our DPO at privacy@reasonsmith.com