SharpStackBack to home

Privacy Policy

Last updated: April 5, 2026

1. Introduction

SharpStack (“we,” “our,” or “us”) operates the platform available at sharpstack.dev (the “Service”). This Privacy Policy explains what information we collect from you, how we use it, and the rights you have regarding your personal data.

By using SharpStack, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: When you sign up, we collect your email address and display name.
  • Profile information: During onboarding, you tell us your profession, the technologies you work with, your proficiency level in each, and your learning preferences (daily reading time, reminder time, timezone, and content language).
  • Optional profile fields: You may optionally provide a LinkedIn URL to display in your profile.
  • Team information: If you inquire about Teams plans, we collect your company name, work email, team size, and any message you include in the inquiry form.
  • Feedback and communication: Any feedback, questions, or messages you send to us through contact forms or email.

2.2 Information Collected Automatically

  • Usage data: Which readings you open, which you complete, your quiz answers and scores, XP earned, current and longest streaks, and your reading history.
  • Session data: Authentication tokens, session cookies, and session duration.
  • Technical data: IP address, browser type and version, device type, operating system, and approximate geographic location (country/city level) derived from IP.
  • Referral data: If you sign up through a shareable reading link, we record which user referred you.

2.3 Information We Do Not Collect

We do not collect payment information during the beta period (the Service is free). We do not collect biometric data, health information, precise location, or any special category of sensitive personal data.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Deliver the Service: Generate personalized daily readings calibrated to your stack, proficiency, and reading time preferences.
  • Send reminders: Email you at your chosen reminder time with your daily reading link.
  • Track progress: Calculate your XP, streak, level, and reading history for the gamification features.
  • Improve content quality: Aggregate anonymized feedback (“too easy / just right / too hard”) to refine our content scoring algorithm.
  • Communicate with you: Respond to your questions, notify you about important platform updates, and occasionally share product news (you can opt out of non-essential emails at any time).
  • Security and fraud prevention: Detect suspicious activity, prevent abuse, and secure our infrastructure.
  • Comply with legal obligations: Respond to lawful requests from authorities when required by applicable law.

4. Legal Basis for Processing (GDPR / LGPD)

For users in the European Economic Area or Brazil, we process your personal data based on the following legal grounds:

  • Contract: Processing necessary to provide the Service you signed up for.
  • Legitimate interest: Improving the platform, preventing fraud, and analyzing aggregated usage patterns.
  • Consent: For optional features (LinkedIn profile display, marketing communications). You can withdraw consent at any time.
  • Legal obligation: When we are required by law to process certain data.

5. How We Share Your Information

We do not sell your personal information. We do not share your data with advertisers. We share data only in the following limited circumstances:

5.1 Service Providers

We work with trusted third-party providers who help us operate the Service:

  • Neon: PostgreSQL database hosting (your profile and reading data is stored here).
  • Vercel: Application hosting and edge infrastructure.
  • Resend: Transactional email delivery (magic links, reading reminders).
  • Anthropic: AI content generation (your profile attributes are sent to Anthropic's Claude API to generate personalized lessons; content is not used to train models).
  • Hostinger: Domain and DNS services.

Each of these providers is bound by contractual obligations to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required to do so by law, in response to valid legal processes (such as a court order or subpoena), or to protect the rights, property, or safety of SharpStack, our users, or the public.

5.3 Business Transfers

If SharpStack is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your personal data is transferred and becomes subject to a different privacy policy.

6. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will remove your personal information from our active systems within 30 days, except where we are legally required to retain certain records (such as for tax or fraud prevention purposes).

Aggregated and anonymized data (which cannot identify you individually) may be retained indefinitely for analytics and product improvement purposes.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update inaccurate or incomplete information (you can do this directly from your profile settings).
  • Deletion: Request deletion of your account and personal data.
  • Portability: Receive your data in a machine-readable format.
  • Objection: Object to certain types of processing (such as marketing).
  • Withdrawal of consent: Withdraw previously given consent at any time.
  • Complaint: Lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at contact@sharpstack.dev. We will respond within 30 days.

8. Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/HTTPS for all connections)
  • Encryption at rest for the database
  • Secure authentication via magic links (no passwords stored)
  • Regular security updates and dependency audits
  • Access controls limiting who on our team can view user data

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

9. Cookies and Tracking

We use only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics that identify individual users.

10. Children's Privacy

SharpStack is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

11. International Data Transfers

SharpStack is operated from Brazil, but our service providers may process data in the United States, European Union, or other countries. By using the Service, you consent to the transfer of your information to these jurisdictions, which may have different data protection laws than your country.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. When we make significant changes, we will notify you via email or through a notice on the platform. The “Last updated” date at the top of this page indicates when the policy was last revised.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

  • Email: contact@sharpstack.dev
  • Website: https://sharpstack.dev

Questions about this document? Email us at contact@sharpstack.dev