Privacy Policy

Last updated: March 7, 2026

1. Introduction

Theroux Inc. (“Theroux,” “we,” “our,” or “us”) operates the theroux.io website and platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

2. Information We Collect

We collect information in the following ways:

  • Account information: When you create an account, we collect your name, email address, and profile picture through our authentication provider (Clerk).
  • Funnel data: URLs, traffic numbers, conversion rates, and average revenue per user (ARPU) that you voluntarily provide for analysis.
  • Screenshots: We capture screenshots of the URLs you submit for analysis. These are stored securely and associated with your account.
  • Payment information: Billing details are collected and processed by Stripe. We do not store credit card numbers on our servers.
  • Usage data: We automatically collect information about how you interact with our platform, including pages visited, features used, and session duration.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our platform
  • Perform AI-powered UX audits using your submitted funnel data
  • Process payments and manage your subscription
  • Send you service-related communications (account confirmations, billing notices, audit completions)
  • Improve and develop new features
  • Detect and prevent fraud or abuse

4. AI Processing

Our platform uses Anthropic's Claude AI to analyse screenshots of the URLs you submit. The screenshots and funnel data you provide are sent to Anthropic's API for processing. Anthropic does not use this data to train their models. The AI-generated analysis is stored in our database and associated with your account.

5. Third-Party Services

We use the following third-party services:

  • Clerk — Authentication and user management
  • Supabase — Database and file storage
  • Anthropic (Claude) — AI-powered analysis
  • Stripe — Payment processing
  • Vercel — Hosting and deployment

Each of these providers has their own privacy policy governing how they handle data. We encourage you to review their policies.

6. Data Storage and Security

Your data is stored in Supabase (hosted on AWS) with row-level security enabled. Screenshots are stored in Supabase Storage. All data transmission is encrypted using TLS. We implement industry-standard security measures including HSTS, content type protection, and clickjacking prevention.

7. Data Retention

We retain your account data and audit results for as long as your account is active. If you delete your account, we will delete your personal data and audit results within 30 days. Anonymised, aggregated data may be retained for analytics purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent

To exercise any of these rights, please contact us at privacy@theroux.io.

9. Cookies

We use essential cookies required for authentication and session management. These cookies are strictly necessary for the platform to function and cannot be disabled. We do not use advertising or tracking cookies.

10. Children's Privacy

Our platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@theroux.io.