Legal

Privacy Policy

Last updated: January 21, 2026

Our Privacy Commitments

  • *Your reflections belong to you. Always.
  • *We never sell your personal data.
  • *Your content is never used to train external AI.
  • *Export your data anytime in standard formats.

At Camino Institute ("Camino," "we," "us," or "our"), your privacy is foundational to everything we build. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and services (collectively, the "Services").

1Information We Collect

Personal Information You Provide

  • * Account Information: Name, email address, password (securely hashed)
  • * Profile Information: Optional profile details and preferences
  • * Payment Information: Billing details processed securely through Stripe
  • * Communications: Information from support contacts and surveys

Reflection and Content Data

  • * Journal Entries: Reflections, thoughts, and responses you write
  • * AI-Generated Insights: Patterns and insights generated from your reflections
  • * Program Progress: Your journey through our programs

Automatically Collected Information

  • * Device Information: Browser type, operating system, IP address
  • * Usage Data: Pages viewed, features used, navigation patterns
  • * Cookies: See our Cookie Policy

2How We Use Your Information

To Provide and Improve Our Services

  • * Deliver personalized reflection prompts and AI-generated insights
  • * Process transactions and manage your subscription
  • * Provide customer support
  • * Analyze usage patterns to improve our Services

To Communicate With You

  • * Send transactional emails (account confirmation, receipts)
  • * Provide service-related announcements
  • * Send promotional communications (with your consent)

3Data Ownership and Your Rights

Your reflections belong to you. Always.

Camino provides the infrastructure to store and process your content securely, but you maintain complete ownership of everything you create.

Your Data Rights

  • * Right to Access: Request a copy of all personal data we hold
  • * Right to Rectification: Correct inaccurate personal data
  • * Right to Erasure: Request deletion of your personal data
  • * Right to Data Portability: Export in JSON, PDF, or Markdown
  • * Right to Restrict Processing: Limit how we use your data
  • * Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, contact us at infocaminoinstitute@gmail.com. We will respond within 30 days.

4AI Processing and Machine Learning

Our AI-powered features analyze your reflections to generate personalized insights. Here's how we handle this responsibly:

  • * Purpose-Limited: AI analysis is performed solely to provide you with insights
  • * No Third-Party Training: Your reflections are never used to train external AI models
  • * Privacy-Preserving: We minimize personal data processed by AI systems
  • * Opt-Out Available: Disable AI insights in your account settings

5Data Sharing and Disclosure

We do not sell your personal data. Ever.

Service Providers

We share information with trusted third parties who assist us:

  • * Supabase: Backend infrastructure and database hosting
  • * Stripe: Payment processing
  • * Resend: Email delivery
  • * Google (Gemini): AI insight generation (reflection content only)
  • * Vercel: Website hosting
  • * PostHog: Privacy-focused analytics

Legal Requirements

We may disclose information if required by law or to protect our rights and safety.

6Data Security

We implement comprehensive security measures:

  • * Encryption in Transit: TLS 1.3 for all data transmission
  • * Encryption at Rest: AES-256 for stored data
  • * Access Controls: Strict role-based access
  • * Security Monitoring: Continuous threat detection
  • * Regular Audits: Periodic security assessments

7Data Retention

  • * Account Data: Retained while active + 30 days after deletion
  • * Reflection Content: Deleted within 30 days of account deletion
  • * Payment Records: 7 years for tax compliance
  • * Anonymized Analytics: May be retained indefinitely

8International Data Transfers

Camino is based in the United States. If you access our Services from outside the US, your information may be transferred to and processed in the United States. We ensure appropriate safeguards including Standard Contractual Clauses.

9Children's Privacy

Our Services are not intended for individuals under 18. We do not knowingly collect information from children. If you believe we have, contact us at infocaminoinstitute@gmail.com.

10California Privacy Rights (CCPA)

California residents have additional rights:

  • * Right to know what personal information we collect and disclose
  • * Right to request deletion of your personal information
  • * Right to opt-out of the sale of personal information (we don't sell)
  • * Right to non-discrimination for exercising privacy rights

11European Privacy Rights (GDPR)

If you're in the EEA or UK, you have rights under GDPR:

  • * Legal Basis: We process data based on consent, contract, legitimate interests, or legal obligations
  • * Data Protection Officer: Contact at infocaminoinstitute@gmail.com
  • * Supervisory Authority: Right to lodge a complaint with your local authority

12Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and providing additional notice for significant changes.

13Contact Us

If you have questions about this Privacy Policy or our data practices:

Camino Institute

Email: infocaminoinstitute@gmail.com

← Back to HomeTerms of Service →Cookie Policy →