CD-Publishing
Gutenberg Portal

Legal

Privacy Policy

Last updated: 2026-05-14 · Template — should be reviewed by counsel before relying on it commercially.

Working draft — pending counsel review

This is a non-attorney draft, posted for transparency while we engage outside counsel. The counsel-reviewed version will replace this page and the "Last updated" date will move forward. Email info@conspiracyden.com for any privacy concern or to exercise your access / correction / deletion rights.

Who we are

CD-Publishing ("we", "us") operates the Gutenberg Portal at pubportal.conspiracyden.com and the marketing site at pub.conspiracyden.com.

What we collect

  • Account data: name, email, password hash (bcrypt), role.
  • Project data: manuscript metadata, notes, chapters, interview transcripts, marketing data, sales records, and any files you upload.
  • Google account data: if you sign in with Google, your basic profile and (if you grant Drive/Calendar scope) access tokens used to create folders, list files, and schedule events on your behalf.
  • Operational data: IP addresses, user agents, audit log of admin actions, error reports.

How we use it

  • Deliver the publishing services you contracted for.
  • Generate AI-assisted analysis (Scribe synthesis, Observatory exec summaries, marketing kits) using Google Vertex AI Gemini. Your data is sent to Google for inference; Google's terms apply for that processing.
  • Send transactional emails (password resets, invites, approval notifications) via Google Workspace SMTP.
  • Improve and secure the service (rate limiting, brute-force protection, monitoring).

Sub-processors

We rely on the following providers:

  • Google Cloud Platform — hosting (Cloud Run), database (Cloud SQL Postgres), storage (Cloud Storage), AI inference (Vertex AI), search/discovery, authentication (NextAuth + Google OAuth), email (Workspace SMTP).
  • GitHub — source code repository.

Data location

Cloud Run and Cloud SQL run in us-central1 (Iowa, USA). If you operate from the EU and require strict regional data handling, contact us.

Your rights

  • Access: log in and use /account/profile to view your data. A full machine-readable export is available at /api/account/export.
  • Correction: edit your profile or contact us for changes you can't make yourself.
  • Deletion: contact us at info@conspiracyden.com to request account deletion. We will delete or anonymize your data within 30 days, except where retention is legally required.
  • Withdraw OAuth: revoke our Google access at any time from myaccount.google.com/permissions.

Cookies

We use only essential cookies needed to keep you signed in (NextAuth session cookies). We do not use third-party tracking or advertising cookies.

Retention

Project data is kept for the duration of your engagement plus 90 days after termination. Interview audio recordings auto-expire from GCS after 90 days. Audit logs are retained for 12 months.

Contact

Email info@conspiracyden.com for any privacy concern.