Legal

Privacy Policy

Effective: 1 May 2026

1. Who We Are

Glia Guru is operated by Glia Hong Kong Holdings Co., Limited (CR 79614428), Room 5003, 5F Yau Lee Centre, 45 Hoi Yuen Road, Kwun Tong, Hong Kong. For privacy enquiries, contact: privacy@glia.digital.

2. The BYOA Architecture

Glia Guru uses a Bring Your Own Account architecture. This fundamentally shapes our privacy posture:

Your Obsidian vault stays on your local machine. Glia Guru reads it but does not upload, copy, or store your vault contents on our servers.

Your Supabase database is hosted in your own Supabase account. Glia Guru provisions the schema and syncs data, but your database credentials, data, and access controls remain under your ownership.

AI context files (CLAUDE.md, AGENTS.md, and similar) are generated locally and stored in your vault or your Supabase instance. We do not retain copies.

In short: we process your data in transit (to render the dashboard and generate context files), but we do not store it at rest on our infrastructure.

3. What We Collect

During the pre-launch phase:

  • Email address (via the waitlist form)
  • Optionally: how you currently manage projects (via a dropdown qualifier)

After launch:

  • Account email address and authentication credentials (managed via Supabase Auth in your own instance)
  • Subscription and billing data (processed by Stripe; we store only the Stripe customer ID, not payment card details)
  • Usage analytics (see Section 5)

4. What We Do Not Collect

  • The contents of your Obsidian vault
  • The contents of your Supabase database
  • Your AI context files
  • Your code, project notes, task descriptions, or any intellectual property

5. Analytics and Cookies

The marketing site (glia.guru) uses PostHog for anonymous usage analytics. PostHog is self-hosted or cloud-hosted with EU data residency. We collect: page views, referral source, browser type, and country (derived from IP, which is not stored). No advertising cookies. No third-party trackers. No fingerprinting.

The dashboard application may use functional cookies for session management (authentication state). These are strictly necessary and do not require consent.

6. Data Sharing

We do not sell, rent, or share your personal data with third parties, except:

  • Stripe, for payment processing (subject to Stripe's privacy policy)
  • PostHog, for anonymous analytics (no personally identifiable data)
  • Law enforcement, if required by applicable Hong Kong law

7. Data Retention

Waitlist emails: retained until you unsubscribe or the product launches (whichever comes first), then migrated to your account or deleted within 90 days of launch.

Account data: retained for the duration of your subscription plus 90 days after cancellation.

Analytics data: aggregated and anonymised; retained indefinitely in aggregate form.

8. Your Rights

Under the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong, you have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data (subject to legal retention requirements).

To exercise these rights, contact: privacy@glia.digital. We will respond within 40 days.

9. International Data Transfers

Your data may be processed in jurisdictions outside Hong Kong (e.g., Supabase infrastructure regions, Stripe payment processing). We ensure appropriate safeguards are in place for any such transfers.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be notified by email at least 30 days before taking effect.

11. Contact

For privacy enquiries: privacy@glia.digital

Glia Hong Kong Holdings Co., Limited
Room 5003, 5F Yau Lee Centre, 45 Hoi Yuen Road, Kwun Tong, Hong Kong